Member
Registered: Jun 2013
Location: India.
Posts: 35
Original Poster
Rep: 
|
Hi ,
I actually have nothing running on those ports on the server. My understanding about Network-Cisco, Juniper and Linux is that by default all the ports are opened and we limit them using Acl's and Firewall.
So if I am trying to conenct to my colo server using tcp port 21344, 21354 and 21364 shouldnt I be able to connect as long as the rules permit them. Rules like Firewall, Acl's and so on. In my case Firewall is completely disabled and no ACL's blocking this traffic.
When I do a tcp dump and initiate a ping from my machine--10.164.253.216, I see echo request and reply on the colo server.
# tcpdump -i em1 -n icmp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on em1, link-type EN10MB (Ethernet), capture size 65535 bytes
05:17:43.861900 IP 10.22.147.145 > 10.52.52.163: ICMP echo request, id 41331, seq 27, length 64
05:17:43.861921 IP 10.22.147.145> 10.22.147.145: ICMP echo reply, id 41331, seq 27, length 64
05:17:44.861061 IP 10.22.147.145 > 10.52.52.163: ICMP echo request, id 41331, seq 28, length 64
05:17:44.861081 IP 10.22.147.145> 10.22.147.145: ICMP echo reply, id 41331, seq 28, length 64
05:17:45.861879 IP 10.22.147.145 > 10.52.52.163: ICMP echo request, id 41331, seq 29, length 64
05:17:45.861899 IP 10.22.147.145 > 10.22.147.145: ICMP echo reply, id 41331, seq 29, length 64
05:17:46.862888 IP 10.22.147.145 > 10.52.52.163: ICMP echo request, id 41331, seq 30, length 64
05:17:46.862908 IP 10.22.147.145 > 10.22.147.145: ICMP echo reply, id 41331, seq 30, length 64
^C
But when I do telnet to 10.52.52.163 21344, I see the following
tcpdump -i em1 -w cap.cap -n host 10.22.147.145
tcpdump: listening on em1, link-type EN10MB (Ethernet), capture size 65535 bytes
^C17 packets captured
17 packets received by filter
0 packets dropped by kernel
[root@W2W-LIME-MHW ~]# tcpdump -r cap.cap
reading from file cap.cap, link-type EN10MB (Ethernet)
05:22:12.460479 IP 10.52.52.163.ssh > 10.22.147.145.42257: Flags [P.], seq 4133568613:4133568741, ack 4209112384, win 333, options [nop,nop,TS val 40945543 ecr 1958503241], length 128
05:22:12.666169 IP 10.22.147.145.42257 > 10.52.52.163.ssh: Flags [.], ack 128, win 943, options [nop,nop,TS val 1958503476 ecr 40945512], length 0
05:22:20.372337 IP 10.22.147.145.57890 > 10.52.52.163.telnet: Flags [S], seq 3454158871, win 5840, options [mss 1460,sackOK,TS val 1958511185 ecr 0,nop,wscale 7], length 0
05:22:20.372374 IP 10.52.52.163.telnet > 10.22.147.145.57890: Flags [R.], seq 0, ack 3454158872, win 0, length 0
05:22:22.303088 IP 10.22.147.145.57891 > 10.52.52.163.telnet: Flags [S], seq 3489798151, win 5840, options [mss 1460,sackOK,TS val 1958513116 ecr 0,nop,wscale 7], length 0
05:22:22.303115 IP 10.52.52.163.telnet > 10.22.147.145.57891: Flags [R.], seq 0, ack 3489798152, win 0, length 0
05:22:23.350019 IP 10.22.147.145.57893 > 10.52.52.163.telnet: Flags [S], seq 3509397371, win 5840, options [mss 1460,sackOK,TS val 1958514163 ecr 0,nop,wscale 7], length 0
05:22:23.350043 IP 10.52.52.163.telnet > 10.22.147.145.57893: Flags [R.], seq 0, ack 3509397372, win 0, length 0
05:22:24.086977 IP 10.22.147.145.57894 > 10.52.52.163.telnet: Flags [S], seq 3512981520, win 5840, options [mss 1460,sackOK,TS val 1958514900 ecr 0,nop,wscale 7], length 0
05:22:24.087006 IP 10.52.52.163.telnet > 10.22.147.145.57894: Flags [R.], seq 0, ack 3512981521, win 0, length 0
05:22:24.734838 IP 10.22.147.145.57895 > 10.52.52.163.telnet: Flags [S], seq 3533081543, win 5840, options [mss 1460,sackOK,TS val 1958515548 ecr 0,nop,wscale 7], length 0
05:22:24.734852 IP 10.52.52.163.telnet > 10.22.147.145.57895: Flags [R.], seq 0, ack 3533081544, win 0, length 0
05:22:25.345969 IP 10.22.147.145.57896 > 10.52.52.163.telnet: Flags [S], seq 3531579629, win 5840, options [mss 1460,sackOK,TS val 1958516159 ecr 0,nop,wscale 7], length 0
05:22:25.345992 IP 10.52.52.163.telnet > 10.22.147.145.57896: Flags [R.], seq 0, ack 3531579630, win 0, length 0
05:22:25.862772 IP 10.22.147.145.57897 > 10.52.52.163.telnet: Flags [S], seq 3549506248, win 5840, options [mss 1460,sackOK,TS val 1958516675 ecr 0,nop,wscale 7], length 0
05:22:25.862783 IP 10.52.52.163.telnet > 10.22.147.145.57897: Flags [R.], seq 0, ack 3549506249, win 0, length 0
05:23:19.275442 IP 10.22.147.145.42257 > 10.52.52.163.ssh: Flags [P.], seq 1:49, ack 128, win 943, options [nop,nop,TS val 1958570092 ecr 40945512], length 48
[root@W2W-LIME-MHW ~]#
Please let me knwo if i am missing something here.
|