LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 05-21-2012, 10:38 AM   #1
raypsi
Member
 
Registered: Jun 2007
Distribution: ubuntu
Posts: 47

Rep: Reputation: 15
checking for open ports need ports 5198, 5199 open for UDP


I have 12.04 32 bit
Kernal Linux 3.2.0-24-generic-pae
GNOME 3.4.1 with
1GB of RAM on a ASUS netbook 1005HA

And A VirginMobile 2200 wifi 3G hotspot for internet.

I have WINE installed and getting Echolink to run is my trouble.
I think it's the Security level of Ubuntu that is preventing
receipt of UDP packets on ports 5198 and 5199.

The 2200 MIFi manual states that every thing goes thru that connection
And the connection log seems to confirm that. The connection log
shows the destination IP, the Port number and type. So the log shows
port 5199 and UDP going to that IP.

Or maybe it's WINE causing the trouble. A port scan of 192.168.1.1 shows only port 80 open
73
de N8ZU
 
Old 05-21-2012, 12:13 PM   #2
Noway2
Senior Member
 
Registered: Jul 2007
Distribution: Ubuntu 10.10, Slackware 64-current
Posts: 2,124

Rep: Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776
Quote:
Originally Posted by raypsi View Post
A port scan of 192.168.1.1 shows only port 80 open
If the ports aren't showing as open, either they are being blocked by a firewall, e.g. IPTables, or there is no application listening. To determine which case your facing, look at the output of netstat (netstat -pane) run as root, to see if there is an application bound to these ports.
 
Old 05-21-2012, 03:02 PM   #3
raypsi
Member
 
Registered: Jun 2007
Distribution: ubuntu
Posts: 47

Original Poster
Rep: Reputation: 15
netstatshows

Quote:
Originally Posted by Noway2 View Post
If the ports aren't showing as open, either they are being blocked by a firewall, e.g. IPTables, or there is no application listening. To determine which case your facing, look at the output of netstat (netstat -pane) run as root, to see if there is an application bound to these ports.
The GUI netstat from network tools shows

protocol..ipsource...port/service..State
tcp.......127.0.0.1.....7634......Listen
tcp...........''..............53........Listen
tcp...........""............631.........Listen
tcp6...........::1.........631.........Listen
udp.......127.0.0.1........68
udp.........0.0.0.0.......5198
udp.........0.0.0.0.......5199

The UDP ports are not in a listen state.

netstat -pane from the terminal as superuser root spews out pages of data I can't all see.

Thanks in advance
 
Old 05-21-2012, 03:59 PM   #4
Noway2
Senior Member
 
Registered: Jul 2007
Distribution: Ubuntu 10.10, Slackware 64-current
Posts: 2,124

Rep: Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776
UDP is a connectionless and doesn't have states like TCP, hence you won't see a listen. Instead you will see an application / PID bound to the port. To facilitate your search you can pipe the results through grep to filter on the wanted information, e.g.:
Code:
netstat -pane | grep 5198
*Note, in Ubuntu you may get better results running netstat pane than netstat -pane (I never understood this one)
In your particular case, it looks like there is a process bound to all interfaces / IP on ports 5198 and 5199. Consequently, there appears to be something blocking your connections. The next thing to do would be to look at your IPTables output ((sudo) iptables -L) and if you have either policy as drop or a drop all rule, you will need to add a rule specifically to accept on these ports. If your not blocked locally, then you need to move to the next device upstream.
 
Old 05-21-2012, 06:56 PM   #5
raypsi
Member
 
Registered: Jun 2007
Distribution: ubuntu
Posts: 47

Original Poster
Rep: Reputation: 15
I confirmed receipt of my outbound UDP on port 5198 at the other end server. I'm downloading firewall builder GUI hopefully that can change the IPTables like a review of it said it can. I find no firewall on my system, probably cause they offer a few for sale.

I get this with a iptables -L command:
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
 
Old 05-21-2012, 07:33 PM   #6
Noway2
Senior Member
 
Registered: Jul 2007
Distribution: Ubuntu 10.10, Slackware 64-current
Posts: 2,124

Rep: Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776
Quote:
Originally Posted by raypsi View Post

I get this with a iptables -L command:
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Linux comes with IPtables built into the kernel. It is the default firewall for a Linux system. The output shown indicates that there are no rules and the default policy is to accept the connections.

Given that your process is listening and you don't have a firewall on the local system closing ports, your problem lies beyond your Linux system, such as an upstream switch or security appliance.
 
Old 05-22-2012, 04:53 PM   #7
raypsi
Member
 
Registered: Jun 2007
Distribution: ubuntu
Posts: 47

Original Poster
Rep: Reputation: 15
I go to dslreports.com and under tools i use whois and it show an IP addy that addy isn't my mifi addy but is close to my DNS addy when I do a traceroute the whois dslreport whois addy isn't in the traceroute

To wit at dslreports I look like 66.x.x.111 and traceroute it looks like 66.x.x.192 and dslreports says I'm not pingable but that would be at 66.x.x.111 when My mifi says it's 28.x.x.111 and the gateway on the mifi is 28.x.x.111 but isn't the same as the IP.

I got to wait to the end of the month to contact virginmobile or i got to go to the library to contact them tomorrow
 
Old 05-22-2012, 05:17 PM   #8
seabro
LQ Newbie
 
Registered: Jan 2010
Posts: 20

Rep: Reputation: 0
hi,
is your 3g hotspot acting as a NAT router? You mention an address of 192.168.x.x

It sounds like your 3g hotspot is nat'ing in which case you will need to access it and set up port forwarding (if you havent already done so).

seabro
 
Old 05-22-2012, 06:42 PM   #9
raypsi
Member
 
Registered: Jun 2007
Distribution: ubuntu
Posts: 47

Original Poster
Rep: Reputation: 15
in port forwarding it only has these:
Application IP Address on WLAN
DNS (Domain Name Server)
FTP Server
HTTP (Web) Server
NNTP Server
POP3 Server
SMTP Server
SNMP Server
Telnet Server
TFTP Server
 
Old 05-22-2012, 06:51 PM   #10
raypsi
Member
 
Registered: Jun 2007
Distribution: ubuntu
Posts: 47

Original Poster
Rep: Reputation: 15
I can check mark any one of those I need the ip addy to tell it where to, forward to
127.0.0.1 or 0.0.0.0 ?

On further smurfing of this topic I find it ends up in the court of VirginMobile.

To wit they are blocking this at their routers/firewall.
Either I figure out how to use ssh from the shell to get around this or use a port forwarding proxy server

Finally you can port forward in the mifi 2200 you have to get to the config file download it off the mifi edit the config file by enabling dmz from 0 to 1 and then uploading it back to the mifi 2200. Even then they aren't passing the udp thru their remote routers

Last edited by raypsi; 05-23-2012 at 12:47 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
UDP Ports open? Brian Murphy Linux - Networking 2 09-18-2011 05:03 PM
udp ports 5198 and 5199 tomg120 Linux - Networking 2 04-21-2010 09:16 PM
unable open specific UDP ports mv_maths Linux - Networking 1 10-22-2008 04:30 AM
Cannot Open Mail Server Ports 25, 110, and 220. Other Ports will open. Binxter Linux - Newbie 9 11-29-2007 02:03 AM
Open UDP ports ArnaudVR Linux - Security 6 06-25-2003 10:43 AM


All times are GMT -5. The time now is 01:38 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration