I have a pc running linux 2.4.18-14 (I think) it works fine, but
I am having trouble both ftping and attempting to connect
it as a veritas netbackup client. I can telnet no problem
telnet to it. I have checked etc/services and hosts.allow
and ftp is enabled on port 21. I do not know what means
the backup software is using to connect to the machine with
but it also comes back with a "connection refused" message.
any help would be most well received....

Rob.

First, you need to specify what distribution of linux you are using... RedHat, SuSE, Mandrake, etc.....

I think you have RedHat based on your kernel naming convention, so I'll assume that's right.

RedHat installs a firewall by default. To disable the firewall temporatily, type /etc/init.d/iptables stop

Then try to connect to whatever you are trying to connect. I'm thinking it will work.

Once you have shown that iptables is infact what is preventing your connections, you need to find out exactly what ports you want to be open, then look into setting up the iptables rules for what you want.

To start your firewall back up, simply type /etc/init.d/iptables start

HTH

mychl, thanks for your reply, but I had already tried that
stop/starting the firewall option and yes I do have redhat linux.
I think the problems lies with some file like the /etc/hosts.allow
or deny, but they both look fine. I looked at messages and
syslog to see if there was any additional information from them, but alas nothing...

Rob.

No problem.... make sure your services are running correctly...

From your linux machine, try an nmap on 127.0.0.1 to check out what ports have services running..... just to make sure.....

Mychl, this is the reply I get when I run the nmap command as
you suggested, I cannot see port 21 being enabled as I thought
this was the port the ftp used....... I take it that the term "interesting" refers to the fact that these services are ones
that are possible ones that hackers would use to access servers ??

Rob.

p.s I can ftp from my linux box, but not to it.


[protek@broth protek]$ nmap 127.0.0.1

Starting nmap V. 3.00 ( www.insecure.org/nmap/ )
Interesting ports on localhost.localdomain (127.0.0.1):
(The 1594 ports scanned but not shown below are in state: closed)
Port State Service
22/tcp open ssh
23/tcp open telnet
25/tcp open smtp
53/tcp open domain
111/tcp open sunrpc
953/tcp open rndc
6000/tcp open X11

Nmap run completed -- 1 IP address (1 host up) scanned in 1 second
[protek@broth protek]$

The reason you can't ftp to your linux box is you don't have an ftp daemon running. There's nothing to answer requests from FTP clients, so you're getting the "connection refused" message.

I think RH comes with wu-ftpd and I've had good luck using proftpd (some people think it is more secure than wu-ftpd).

BTW, you might want to shut down telnet and just use ssh as it is MUCH more secure.

Many Thanks, I thank you for your wise words, could you
enlighten me as to how to stop start these processes ?
I see that there are no # before them in my /etc/services
file so why did they not all start ? can I start/stop them on
the fly (i.e without the need for reboot).
No rush for answers, just when you get a moment.
Thanks.

Since I just nuked my RH install for Slackware, I'm working from memory and that is ALWAYS a bad idea .......

If you are running Gnome, RH has a graphical service tool (under the System menu, I think) that allows you to easily start and stop services and select the ones that load on boot. From the command line you ought to be able to start or stop a service by #> service servicename start (or stop). You really shouldn't have to re-boot the system just to start or stop a service.

The other thing that occurred to me is that RH runs xinetd by default. xinetd is a super-daemon that turns other services on or off as needed. The basic idea is that xinetd listens for calls to services it knows about then starts the service. When the service is no longer needed, xinetd shuts it down. So if wu-ftpd was installed, but running under xinetd, it might not show up via nmap. There should be a directory on your system (/etc/xinetd.d?) that lists all the services xinetd knows about.

The upshot is that you probably need to do a little searching around here on xinetd and setting up an ftp server. I know that since switching to Slack, the search button here has become my best friend.

Would you guys happen to know why my libranet 2.0 box won't connect to ftp(anonymous and personal) servers, but can serve ftp, and another windows box on the network CAN connect to ftp, AND the ports on the router are unlocked?

JUST wondering....

Thanks in Advance