Firewalls and IP ports
Hi, I'm trying to communicate behind a firewall on ports 161 and 162 (SNMP and SNMPTRAP ports) without success. I've been told the ports have been opened but need some way of checking this.
The remote server cannot be pinged (disabled no doubt)and I've been told that I should be able to telnet into either port, but again with no joy. Telnet on its own (port 23) doesn't work either, but then, it's port is probably disabled as well. On a system I can access with the firewall disabled, I can telnet to port 22 (SSH) and get a resopnse. I can also telnet to the hhtp port 80... OK, just a flashing cursor but a response never the less. Maybe I should be using something other than telnet? Any advice welcomed. Thanks! Play Bonny! :hattip: |
Try nmap.
Kind regards |
Thanks repo!
I'll have a look at that on my test rig, certainly looks interesting. Now the bit I forgot to tell you... :doh: The box I'm trying to telnet from is running Windows server 2003 while the target behind the firewall is running RHEL 5.3 so I supose my question may be more general networking rather than specifically Linux. I'll re-define the question... Should you be able to telnet to any IP port and get some sort of response providing the firewall is not blocking that port? Would the response differ if it were a UTP port rather than a TCP one or doesn't it matter? Thanks again for your help. Play Bonny! :hattip: |
Soadyheid,
SNMP runs over UDP so, as repo said, you should use nmap. It doesn't sound like you are familiar with nmap, though, so here is how to do a UDP scan. "-vv" gives very verbose output. "-sU" is for a UDP scan. "-P0" tells nmap not to ping the hosts first. Nmap binaries are available for Windows, as well. Code:
[user@computer ~]# nmap -vv -sU -P0 192.168.1.42 |
Thanks agentbuzz,
I'm working in a very restricted environment and, as mentioned in my original post, I can't ping the target. so... Code:
Initiating ARP Ping Scan at 08:55 Should I get some sort of response if I try to telnet to one of the SNMP ports? (161,162) Play Bonny! :hattip: |
Telnet client, nmap, netcat
Soadyheid,
nmap told me that it was doing an ARP ping scan because I was scanning a local address on the same Ethernet LAN. If it had been an Internet IP, you would see something like the following: Code:
[user@computer]# nmap -vv -sU -P0 xxx.xxx.xxx.xxx Telnet will not work for UDP services. It is designed to attempt the three-way handshake, on a service port of your choice, that TCP requires for building a socket: SYN > SYN-ACK > ACK. You could also try Netcat, if it is installed on your server. If you are allowed to install it, netcat is available in deb and RPM packages, and you can get a Windows Zip file with the one free-standing binary and Hobbit's C source code. Code:
[user@computer]# nc -v -u -w2 -z localhost 123 |
All times are GMT -5. The time now is 02:38 PM. |