LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 10-24-2004, 10:34 AM   #1
Charles Daniel
Member
 
Registered: Aug 2004
Location: Missouri City, Tx
Posts: 39

Rep: Reputation: 15
Linux Servers dropping connections


I have two different linux servers both of which drop connections when I attempt to ftp or telnet. I also recently started running an smtp server (sendmail) on one of the two and I can't seem to establish a connection to sendmail either.

I'm running SuSE 8.0 and I am currently using the firewall setup utility that came with the OS. I told the firewall to enable http/https, telnet, smtp, ftp, and telnet. To eliminate the firewall as the problem, I shut the firewall down but got the same results.

All the daemons have been inetd for these services also. Can anyone tell me how to start debugging this situation?

Thanks,
Charles
 
Old 10-24-2004, 11:57 AM   #2
david_ross
Moderator
 
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 64
When you say dropping, do you mean that the connection succedes but then terminates abnormaly?

Can you post the output from:
iptables -nL
netstat -nlp
 
Old 10-24-2004, 12:28 PM   #3
Charles Daniel
Member
 
Registered: Aug 2004
Location: Missouri City, Tx
Posts: 39

Original Poster
Rep: Reputation: 15
Dropping connections

By dropping connections I mean that it is appearent that an attempt is made
to connect but there is no indication that the connection is actually made.
It seems to behave like a time out, with a pause then the message:

"Connection has been dropped by foreign host"

here is the netstat

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
PID/Program name
tcp 0 0 0.0.0.0:37 0.0.0.0:* LISTEN
18151/inetd
tcp 0 0 0.0.0.0:7 0.0.0.0:* LISTEN
18151/inetd
tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN
18151/inetd
tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN
18151/inetd
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
1021/portmap
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
726/(squid)
tcp 0 0 0.0.0.0:6000 0.0.0.0:* LISTEN
1310/X
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN
18151/inetd
tcp 0 0 0.0.0.0:23 0.0.0.0:* LISTEN
18151/inetd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
1138/sendmail: acce
tcp 0 0 :::22 :::* LISTEN
1046/sshd
udp 0 0 0.0.0.0:7 0.0.0.0:*
18151/inetd
udp 0 0 0.0.0.0:1040 0.0.0.0:*
726/(squid)
udp 0 0 0.0.0.0:37 0.0.0.0:*
18151/inetd
udp 0 0 0.0.0.0:3130 0.0.0.0:*
726/(squid)
udp 0 0 0.0.0.0:3401 0.0.0.0:*
726/(squid)
udp 0 0 0.0.0.0:111 0.0.0.0:*
1021/portmap
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node PID/Program name Pat h
unix 2 [ ACC ] STREAM LISTENING 8846 1805/kdeinit: Runni /tm p/ksocket-root/kdeinit-:0
unix 2 [ ACC ] STREAM LISTENING 8851 1808/kdeinit: dcops /tm p/.ICE-unix/dcop1808-1095830031
unix 2 [ ACC ] STREAM LISTENING 1033110 9754/kdesud /t mp/ksocket-root/kdesud_:0
unix 2 [ ACC ] STREAM LISTENING 8772 1732/medusa-idled /tm p/medusa-idled-service
unix 2 [ ACC ] STREAM LISTENING 2202 1138/sendmail: acce /va r/run/sendmail/control
unix 2 [ ACC ] STREAM LISTENING 3044 1294/nscd /va r/run/.nscd_socket

iptables -nL follows:
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
LOG all -- 127.0.0.0/8 0.0.0.0/0 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOFING '
LOG all -- 0.0.0.0/0 127.0.0.0/8 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOFING '
DROP all -- 127.0.0.0/8 0.0.0.0/0
DROP all -- 0.0.0.0/0 127.0.0.0/8
LOG all -- 192.168.1.1 0.0.0.0/0 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOFING '
DROP all -- 192.168.1.1 0.0.0.0/0
input_int all -- 0.0.0.0/0 192.168.1.1
DROP all -- 0.0.0.0/0 192.168.1.255
DROP all -- 0.0.0.0/0 255.255.255.255
LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 6 level 4 prefix `SuSE-FW-UNAUTHORIZED-TARGET '
DROP all -- 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy DROP)
target prot opt source destination
TCPMSS tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x02 TCPMSS clamp to PMTU

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 11 LOG flags 6 level 4 prefix `SuSE-FW-TRACEROUTE-ATTEMPT '
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 11
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 3
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 4
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 9
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 10
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 13
DROP icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED
LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 6 level 4 prefix `SuSE-FW-OUTPUT-ERROR '

Chain forward_dmz (0 references)
target prot opt source destination

Chain forward_ext (0 references)
target prot opt source destination

Chain forward_int (0 references)
target prot opt source destination

Chain input_dmz (0 references)
target prot opt source destination
LOG all -- 192.168.1.0/24 0.0.0.0/0 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOF '
DROP all -- 192.168.1.0/24 0.0.0.0/0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 3
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 11
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 12
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 14
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 18
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 2 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
DROP icmp -- 0.0.0.0/0 0.0.0.0/0
REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:113 flags:0x16/0x02 reject-with tcp-reset
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:23 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:23 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:37 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:37 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:111 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:111 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:143 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:143 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:6000 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:6000 flags:0x16/0x02
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state ESTABLISHED tcp dpts:600:65535 flags:!0x16/0x02
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state ESTABLISHED tcp dpt:20 flags:!0x16/0x02
ACCEPT udp -- 192.168.1.4 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535
ACCEPT udp -- 151.164.30.104 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535
ACCEPT udp -- 151.164.11.201 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:21
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:22
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:23
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:37
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:37
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:80
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:111
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:111
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:143
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:1040
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:3130
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:3401
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:6000
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG udp -- 0.0.0.0/0 0.0.0.0/0 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG all -- 0.0.0.0/0 0.0.0.0/0 state INVALID LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT-INVALID '
DROP all -- 0.0.0.0/0 0.0.0.0/0

Chain input_ext (0 references)
target prot opt source destination
LOG all -- 192.168.1.0/24 0.0.0.0/0 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOF '
DROP all -- 192.168.1.0/24 0.0.0.0/0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 3
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 11
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 12
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 14
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 18
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 2 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
DROP icmp -- 0.0.0.0/0 0.0.0.0/0
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED tcp dpt:53
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED tcp dpt:80
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED tcp dpt:443
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:143 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED tcp dpt:143
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:993 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED tcp dpt:993
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:110 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED tcp dpt:110
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:995 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED tcp dpt:995
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED tcp dpt:25
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:23 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED tcp dpt:23
REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:113 flags:0x16/0x02 reject-with tcp-reset
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:23 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:23 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:37 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:37 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:111 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:111 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:143 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:143 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:6000 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:6000 flags:0x16/0x02
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state ESTABLISHED tcp dpts:600:65535 flags:!0x16/0x02
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state ESTABLISHED tcp dpt:20 flags:!0x16/0x02
ACCEPT udp -- 192.168.1.4 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535
ACCEPT udp -- 151.164.30.104 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535
ACCEPT udp -- 151.164.11.201 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:21
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:22
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:23
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:37
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:37
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:80
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:111
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:111
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:143
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:1040
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:3130
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:3401
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:6000
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED udp dpts:1024:65535
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG udp -- 0.0.0.0/0 0.0.0.0/0 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG all -- 0.0.0.0/0 0.0.0.0/0 state INVALID LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT-INVALID '
DROP all -- 0.0.0.0/0 0.0.0.0/0

Chain input_int (1 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 3
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 11
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 12
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 14
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 18
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 2 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
DROP icmp -- 0.0.0.0/0 0.0.0.0/0
REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:113 flags:0x16/0x02 reject-with tcp-reset
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:1024:65535 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED tcp dpts:1024:65535
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state ESTABLISHED tcp dpts:600:65535 flags:!0x16/0x02
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state ESTABLISHED tcp dpt:20 flags:!0x16/0x02
ACCEPT udp -- 192.168.1.4 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535
ACCEPT udp -- 151.164.30.104 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535
ACCEPT udp -- 151.164.11.201 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG udp -- 0.0.0.0/0 0.0.0.0/0 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG all -- 0.0.0.0/0 0.0.0.0/0 state INVALID LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT-INVALID '
DROP all -- 0.0.0.0/0 0.0.0.0/0



unix 2 [ ACC ] STREAM LISTENING 3707 1310/X /tm p/.X11-unix/X0
unix 2 [ ACC ] STREAM LISTENING 8875 1811/kdeinit: klaun /tm p/ksocket-root/klauncherQLGPzb.slave-socket
unix 2 [ ACC ] STREAM LISTENING 8946 1826/artsd /tm p/mcop-root/musashi_pctechnirvana_com-0722-41510a18
unix 2 [ ACC ] STREAM LISTENING 8975 1838/kdeinit: ksmse /tm p/.ICE-unix/1838
 
Old 10-24-2004, 01:10 PM   #4
david_ross
Moderator
 
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 64
Those firewall rules look extremely complex and OTT. Try temporarily disabling the firewall with this to see if it helps:
iptables -F
itpables -P INPUT ACCEPT
itpables -P OUTPUT ACCEPT
 
Old 10-24-2004, 02:20 PM   #5
Charles Daniel
Member
 
Registered: Aug 2004
Location: Missouri City, Tx
Posts: 39

Original Poster
Rep: Reputation: 15
Dropping Connections

Tried it but got the same results.
 
Old 10-24-2004, 03:45 PM   #6
ugge
Senior Member
 
Registered: Dec 2000
Location: Gothenburg, SWEDEN
Distribution: OpenSUSE 10.3
Posts: 1,028

Rep: Reputation: 45
There are several levels of security in the linux networking world, one is the iptables.
There is also a security perimeter are the tcp wrapper which uses the files hosts.allow and hosts.deny, found in the /etc directory.
These files which ip adresses to let through and which to block. Not all services have support for the tcp wrapper system but at least the telnet should have that.
If your IP are listen in the hosts.deny you won't be able to connect. Most common is to set ALL : DENY to block all hosts and then open upp specific services and hosts in the hosts.allow file.
There are also a security feature built into the inetd service.
 
Old 10-24-2004, 11:37 PM   #7
Charles Daniel
Member
 
Registered: Aug 2004
Location: Missouri City, Tx
Posts: 39

Original Poster
Rep: Reputation: 15
Well, I finally got the telnet to work. I found that the daemon had not
been installed in the OS . FTP is trying hard to work but I think the
configuration is either wrong or I don't understand it. Probably both!

FTP says it is running in anonymous mode yet it prompts me for username
and password anyway. Futhermore it prompts ROOT as the default
user. I thought this was forbidden by default. Anyway if I provide a
password or change users and provide the password the FTP fails to
connect saying that "this is an anonymous only server". Here is the
output:

When I do nothing:

Connected to musashi.pctechnirvana.com.
220 ready, dude (vsFTPd 1.0.1: beat me, break me)
Name (musashi.pctechnirvana.com:root):
530 This FTP server is anonymous only.
ftp: Login failed.

When I attempt user/password:

ftp musashi.pctechnirvana.com
Connected to musashi.pctechnirvana.com.
220 ready, dude (vsFTPd 1.0.1: beat me, break me)
Name (musashi.pctechnirvana.com:root): <I type username here>
530 This FTP server is anonymous only.
ftp: Login failed.

It seems that I need to modify this server config. Can anyone help?
 
Old 10-25-2004, 09:10 AM   #8
ugge
Senior Member
 
Registered: Dec 2000
Location: Gothenburg, SWEDEN
Distribution: OpenSUSE 10.3
Posts: 1,028

Rep: Reputation: 45
Anonymous ftp requires you to give anonymous as username. Some installations also requires you to enter your e-mail address as password. The reson why it suggest root as user is usually that you have run the ftp command as the user root.

Your output seems to be in order. Try to login as user anonymous, giving an empty password or an email address, and you will get in.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
SuSE 9.3 Firewall Dropping Connections mephitic Linux - Networking 4 10-02-2005 04:52 PM
FTP Dropping connections Seventh Linux - Software 1 06-05-2005 03:11 PM
RedHat Advance Server dropping Connections cyberknet Linux - Networking 1 02-24-2004 12:45 PM
shorewall dropping/rejecting wanted connections (squid/webmin) win32sux Linux - Networking 2 08-01-2003 03:57 PM
dhcp dropping connections jmmirabal Linux - Newbie 1 03-24-2003 05:51 PM


All times are GMT -5. The time now is 05:07 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration