Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: Cinnamon Mint 20.1 (Laptop) and 20.2 (Desktop)
Posts: 1,673
Rep:
Firewalls and IP ports
Hi, I'm trying to communicate behind a firewall on ports 161 and 162 (SNMP and SNMPTRAP ports) without success. I've been told the ports have been opened but need some way of checking this.
The remote server cannot be pinged (disabled no doubt)and I've been told that I should be able to telnet into either port, but again with no joy. Telnet on its own (port 23) doesn't work either, but then, it's port is probably disabled as well.
On a system I can access with the firewall disabled, I can telnet to port 22 (SSH) and get a resopnse. I can also telnet to the hhtp port 80... OK, just a flashing cursor but a response never the less.
Maybe I should be using something other than telnet? Any advice welcomed. Thanks!
Distribution: Cinnamon Mint 20.1 (Laptop) and 20.2 (Desktop)
Posts: 1,673
Original Poster
Rep:
Thanks repo!
I'll have a look at that on my test rig, certainly looks interesting. Now the bit I forgot to tell you...
The box I'm trying to telnet from is running Windows server 2003 while the target behind the firewall is running RHEL 5.3 so I supose my question may be more general networking rather than specifically Linux.
I'll re-define the question...
Should you be able to telnet to any IP port and get some sort of response providing the firewall is not blocking that port?
Would the response differ if it were a UTP port rather than a TCP one or doesn't it matter?
Soadyheid,
SNMP runs over UDP so, as repo said, you should use nmap. It doesn't sound like you are familiar with nmap, though, so here is how to do a UDP scan. "-vv" gives very verbose output. "-sU" is for a UDP scan. "-P0" tells nmap not to ping the hosts first. Nmap binaries are available for Windows, as well.
Code:
[user@computer ~]# nmap -vv -sU -P0 192.168.1.42
Starting Nmap 5.21 ( http://nmap.org ) at 2012-01-04 08:55 CST
Initiating ARP Ping Scan at 08:55
Scanning 192.168.1.42 [1 port]
Completed ARP Ping Scan at 08:55, 0.02s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 08:55
Completed Parallel DNS resolution of 1 host. at 08:56, 13.00s elapsed
Initiating UDP Scan at 08:56
Scanning 192.168.1.42 [1000 ports]
Increasing send delay for 192.168.1.42 from 0 to 50 due to 259 out of 863 dropped probes since last increase.
Completed UDP Scan at 08:56, 18.78s elapsed (1000 total ports)
Nmap scan report for 192.168.1.42
Host is up (0.023s latency).
Scanned at 2012-01-04 08:55:47 CST for 32s
Not shown: 996 closed ports
PORT STATE SERVICE
1027/udp open|filtered unknown
1031/udp open|filtered iad2
1050/udp open|filtered unknown
1900/udp open|filtered upnp
Soadyheid,
nmap told me that it was doing an ARP ping scan because I was scanning a local address on the same Ethernet LAN. If it had been an Internet IP, you would see something like the following:
Code:
[user@computer]# nmap -vv -sU -P0 xxx.xxx.xxx.xxx
Starting Nmap 5.21 ( http://nmap.org ) at 2012-01-05 06:53 CST
Initiating Parallel DNS resolution of 1 host. at 06:53
Completed Parallel DNS resolution of 1 host. at 06:53, 0.04s elapsed
Initiating UDP Scan at 06:53
Scanning server.domain.com (xxx.xxx.xxx.xxx) [1000 ports]
UDP Scan Timing: About 15.50% done; ETC: 06:56 (0:02:49 remaining)
UDP Scan Timing: About 30.50% done; ETC: 06:56 (0:02:19 remaining)
UDP Scan Timing: About 45.50% done; ETC: 06:56 (0:01:49 remaining)
Discovered open port 53/udp on xxx.xxx.xxx.xxx
Completed UDP Scan at 06:55, 116.17s elapsed (1000 total ports)
Nmap scan report for server.domain.com (xxx.xxx.xxx.xxx)
Host is up (0.090s latency).
Scanned at 2012-01-05 06:53:04 CST for 116s
Not shown: 999 open|filtered ports
PORT STATE SERVICE
53/udp open domain
Read data files from: /usr/share/nmap
Nmap done: 1 IP address (1 host up) scanned in 116.34 seconds
Raw packets sent: 2002 (57.314KB) | Rcvd: 4 (160B)
As you can see, the command "nmap -vv -sU -P0" did a UDP scan. The target is a DNS server. Please try that command.
Telnet will not work for UDP services. It is designed to attempt the three-way handshake, on a service port of your choice, that TCP requires for building a socket: SYN > SYN-ACK > ACK.
You could also try Netcat, if it is installed on your server. If you are allowed to install it, netcat is available in deb and RPM packages, and you can get a Windows Zip file with the one free-standing binary and Hobbit's C source code.
Code:
[user@computer]# nc -v -u -w2 -z localhost 123
Connection to localhost 123 port [udp/ntp] succeeded!
The "-v" makes output verbose, "-u" tells nc to do a UDP scan, "-w" flag defines your timeout value, and "-z" "Specifies that nc should just scan for listening daemons, without sending any data to them." (man nc). Your command would be "nc -v -u -w2 -z target 161-162".
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.