LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 06-03-2006, 02:32 PM   #1
darthfoolish
Member
 
Registered: May 2006
Posts: 47

Rep: Reputation: 15
How to open ports in Ubuntu?


I've just installed Ubuntu 6.06, and I'd like to run x11vnc on it.

I've installed x11vnc, and it appears to run correctly, but I can't connect to it from my Windows box. I've since discovered that Ubuntu installs with all ports closed. How would a newbie open port 5900?
 
Old 06-03-2006, 02:45 PM   #2
Linux~Powered
Member
 
Registered: Jan 2004
Location: /lost+found
Distribution: Slack`er-current
Posts: 845

Rep: Reputation: 31
If you're behind a firewall then it would be...

iptables -A INPUT -p tcp -d 0/0 -s 0/0 --dport 5900 -j ACCEPT
 
Old 06-03-2006, 03:08 PM   #3
darthfoolish
Member
 
Registered: May 2006
Posts: 47

Original Poster
Rep: Reputation: 15
I'll try that, but I'm sure I read that no firewall was installed by default, but somehow all ports are closed
 
Old 06-03-2006, 08:43 PM   #4
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
by default, ubuntu doesn't firewall anything (the policies for the chains are all set to ACCEPT)... having no firewall doesn't mean ports are "open"... the ports will be "closed" until something actually listens on a port... once you have something listening on a port, *then* the port is said to be "open"...

so basically, if you haven't changed ubuntu's default iptables firewall settings, then your issue is somewhere else - not with the host's firewall... maybe use netstat to make sure your program is actually listening on the port you expect it to...
Code:
netstat -an | grep "LISTEN "

Last edited by win32sux; 06-03-2006 at 08:56 PM.
 
Old 06-04-2006, 03:17 AM   #5
darthfoolish
Member
 
Registered: May 2006
Posts: 47

Original Poster
Rep: Reputation: 15
I tried netstat. There doesn't appear to be anything listening on port 5900, although x11vnc is definitely running. (and claiming to be on port 5900)

Last edited by darthfoolish; 06-04-2006 at 03:18 AM.
 
Old 06-04-2006, 03:21 AM   #6
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally Posted by darthfoolish
I tried netstat. There doesn't appear to be anything listening on port 5900, although x11vnc is definitely running. (and claiming to be on port 5900)
then it would seem to me that you have a x11vnc issue on your hands... sorry i can't be of much assistance, as i've never used that program...
 
Old 10-12-2006, 08:13 PM   #7
tallmtt
Member
 
Registered: Jun 2005
Location: Georgia, USA
Distribution: Arch, Gentoo, Ubuntu
Posts: 91

Rep: Reputation: 15
how to - help please!

I have the same issue.

I just want port 22 open for ssh, but I can't find out how.

There is no firewall installed by default - so do I need to install one? Can I open it without installing a firewall?

Thanks,
--MR
 
Old 10-13-2006, 03:43 AM   #8
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally Posted by tallmtt
I just want port 22 open for ssh, but I can't find out how.

There is no firewall installed by default - so do I need to install one? Can I open it without installing a firewall?
assuming you are referring to a stand-alone box: on ubuntu, even though it includes the iptables/netfilter firewall, no ports are filtered by default - so you simply need to make your ssh daemon listen on port 22 (or any other) and the port will automatically be opened...
 
Old 02-17-2007, 08:28 PM   #9
tallmtt
Member
 
Registered: Jun 2005
Location: Georgia, USA
Distribution: Arch, Gentoo, Ubuntu
Posts: 91

Rep: Reputation: 15
How I solved this issue for ssh

My problem was using ssh to access my box. I thought the problem was the port was not open (which it wasn't), but the real problem was that Ubuntu installs only the ssh client (to ssh into other boxes) but not the ssh-server. This is an easy fix:

Quote:
sudo apt-get install openssh-server
Now ssh server is installed, I can ssh into my box, the port is open, and all is well.

Make sure to read the ubuntuguide.org and secure your ssh-server so root login is disabled, etc.

Good luck!
 
Old 02-22-2007, 07:26 AM   #10
yiux
LQ Newbie
 
Registered: Jan 2007
Location: Mauritius
Distribution: Debian 4.0R0
Posts: 11

Rep: Reputation: 0
You must start you ssh server


sudo /etc/init.d/ssh start
 
Old 02-22-2007, 10:45 PM   #11
tallmtt
Member
 
Registered: Jun 2005
Location: Georgia, USA
Distribution: Arch, Gentoo, Ubuntu
Posts: 91

Rep: Reputation: 15
Thanks Yiux, I forgot to mention starting the server.
 
Old 04-09-2007, 11:27 AM   #12
sbj3
LQ Newbie
 
Registered: Apr 2007
Location: Frisco, TX, USA
Distribution: Ubuntu
Posts: 2

Rep: Reputation: 0
Hi. I am trying to install amavisd-new on Ubuntu 6.06 (server) in front of my existing legacy email server.

I have amavisd-new, spamassassin and clamav running, but the ports are not open. Below are netstat and iptables output.

Here is output from "netstat -an | grep LISTEN"
tcp 0 0 127.0.0.1:10025 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
unix 2 [ ACC ] STREAM LISTENING 50271 /var/run/sendmail/mta/smcontrol
unix 2 [ ACC ] STREAM LISTENING 73105 /var/run/clamav/clamd.ctl
I have added the iptables entry as follows:
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:10025

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Any ideas, anyone?
 
Old 04-09-2007, 11:39 AM   #13
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally Posted by sbj3
Hi. I am trying to install amavisd-new on Ubuntu 6.06 (server) in front of my existing legacy email server.

I have amavisd-new, spamassassin and clamav running, but the ports are not open. Below are netstat and iptables output.

Here is output from "netstat -an | grep LISTEN"
tcp 0 0 127.0.0.1:10025 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
unix 2 [ ACC ] STREAM LISTENING 50271 /var/run/sendmail/mta/smcontrol
unix 2 [ ACC ] STREAM LISTENING 73105 /var/run/clamav/clamd.ctl
I have added the iptables entry as follows:
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:10025

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Any ideas, anyone?
the two daemons you listed are listening on the loopback interface (127.0.0.1), hence they won't be visible from another box... if you need them to listen on your WAN/LAN interface you'll need to adjust their config files accordingly and then restart them... your firewall's policies are all set to ACCEPT, and your only INPUT rule is also an ACCEPT, so it's not a firewall issue as you aren't doing any packet filtering...
 
Old 04-10-2007, 09:37 AM   #14
sbj3
LQ Newbie
 
Registered: Apr 2007
Location: Frisco, TX, USA
Distribution: Ubuntu
Posts: 2

Rep: Reputation: 0
Ah, yes. Thank you. I changed the config files and it worked.
 
Old 06-21-2008, 09:42 AM   #15
tim_
LQ Newbie
 
Registered: Aug 2007
Posts: 5

Rep: Reputation: 0
Thanks

I know I did not ask the question but this helped me

iptables -A INPUT -p tcp -d 0/0 -s 0/0 --dport (replaced with my port) -j ACCEPT

Thank You
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Cannot Open Mail Server Ports 25, 110, and 220. Other Ports will open. Binxter Linux - Newbie 9 11-29-2007 02:03 AM
open ports on linksys, i have ssh open but thats it PlatinumRik Linux - Security 1 07-07-2005 10:38 AM
bittorrent commands, ports and ubuntu kkatebian Linux - Software 5 06-09-2005 02:43 PM
Open Ports excidy Linux - General 1 04-02-2005 07:40 PM
What are these open ports? overlord73 Linux - Security 1 01-20-2005 09:10 AM


All times are GMT -5. The time now is 07:15 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration