LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   Linux Servers dropping connections (https://www.linuxquestions.org/questions/linux-security-4/linux-servers-dropping-connections-246697/)

Charles Daniel 10-24-2004 09:34 AM
Linux Servers dropping connections
 
I have two different linux servers both of which drop connections when I attempt to ftp or telnet. I also recently started running an smtp server (sendmail) on one of the two and I can't seem to establish a connection to sendmail either.

I'm running SuSE 8.0 and I am currently using the firewall setup utility that came with the OS. I told the firewall to enable http/https, telnet, smtp, ftp, and telnet. To eliminate the firewall as the problem, I shut the firewall down but got the same results.

All the daemons have been inetd for these services also. Can anyone tell me how to start debugging this situation?

Thanks,
Charles

david_ross 10-24-2004 10:57 AM
When you say dropping, do you mean that the connection succedes but then terminates abnormaly?

Can you post the output from:
iptables -nL
netstat -nlp

Charles Daniel 10-24-2004 11:28 AM
Dropping connections
 
By dropping connections I mean that it is appearent that an attempt is made
to connect but there is no indication that the connection is actually made.
It seems to behave like a time out, with a pause then the message:

"Connection has been dropped by foreign host"

here is the netstat

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
PID/Program name
tcp 0 0 0.0.0.0:37 0.0.0.0:* LISTEN
18151/inetd
tcp 0 0 0.0.0.0:7 0.0.0.0:* LISTEN
18151/inetd
tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN
18151/inetd
tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN
18151/inetd
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
1021/portmap
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
726/(squid)
tcp 0 0 0.0.0.0:6000 0.0.0.0:* LISTEN
1310/X
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN
18151/inetd
tcp 0 0 0.0.0.0:23 0.0.0.0:* LISTEN
18151/inetd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
1138/sendmail: acce
tcp 0 0 :::22 :::* LISTEN
1046/sshd
udp 0 0 0.0.0.0:7 0.0.0.0:*
18151/inetd
udp 0 0 0.0.0.0:1040 0.0.0.0:*
726/(squid)
udp 0 0 0.0.0.0:37 0.0.0.0:*
18151/inetd
udp 0 0 0.0.0.0:3130 0.0.0.0:*
726/(squid)
udp 0 0 0.0.0.0:3401 0.0.0.0:*
726/(squid)
udp 0 0 0.0.0.0:111 0.0.0.0:*
1021/portmap
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node PID/Program name Pat h
unix 2 [ ACC ] STREAM LISTENING 8846 1805/kdeinit: Runni /tm p/ksocket-root/kdeinit-:0
unix 2 [ ACC ] STREAM LISTENING 8851 1808/kdeinit: dcops /tm p/.ICE-unix/dcop1808-1095830031
unix 2 [ ACC ] STREAM LISTENING 1033110 9754/kdesud /t mp/ksocket-root/kdesud_:0
unix 2 [ ACC ] STREAM LISTENING 8772 1732/medusa-idled /tm p/medusa-idled-service
unix 2 [ ACC ] STREAM LISTENING 2202 1138/sendmail: acce /va r/run/sendmail/control
unix 2 [ ACC ] STREAM LISTENING 3044 1294/nscd /va r/run/.nscd_socket

iptables -nL follows:
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
LOG all -- 127.0.0.0/8 0.0.0.0/0 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOFING '
LOG all -- 0.0.0.0/0 127.0.0.0/8 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOFING '
DROP all -- 127.0.0.0/8 0.0.0.0/0
DROP all -- 0.0.0.0/0 127.0.0.0/8
LOG all -- 192.168.1.1 0.0.0.0/0 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOFING '
DROP all -- 192.168.1.1 0.0.0.0/0
input_int all -- 0.0.0.0/0 192.168.1.1
DROP all -- 0.0.0.0/0 192.168.1.255
DROP all -- 0.0.0.0/0 255.255.255.255
LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 6 level 4 prefix `SuSE-FW-UNAUTHORIZED-TARGET '
DROP all -- 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy DROP)
target prot opt source destination
TCPMSS tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x02 TCPMSS clamp to PMTU

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 11 LOG flags 6 level 4 prefix `SuSE-FW-TRACEROUTE-ATTEMPT '
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 11
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 3
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 4
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 9
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 10
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 13
DROP icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED
LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 6 level 4 prefix `SuSE-FW-OUTPUT-ERROR '

Chain forward_dmz (0 references)
target prot opt source destination

Chain forward_ext (0 references)
target prot opt source destination

Chain forward_int (0 references)
target prot opt source destination

Chain input_dmz (0 references)
target prot opt source destination
LOG all -- 192.168.1.0/24 0.0.0.0/0 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOF '
DROP all -- 192.168.1.0/24 0.0.0.0/0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 3
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 11
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 12
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 14
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 18
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 2 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
DROP icmp -- 0.0.0.0/0 0.0.0.0/0
REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:113 flags:0x16/0x02 reject-with tcp-reset
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:23 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:23 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:37 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:37 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:111 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:111 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:143 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:143 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:6000 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:6000 flags:0x16/0x02
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state ESTABLISHED tcp dpts:600:65535 flags:!0x16/0x02
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state ESTABLISHED tcp dpt:20 flags:!0x16/0x02
ACCEPT udp -- 192.168.1.4 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535
ACCEPT udp -- 151.164.30.104 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535
ACCEPT udp -- 151.164.11.201 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:21
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:22
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:23
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:37
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:37
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:80
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:111
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:111
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:143
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:1040
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:3130
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:3401
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:6000
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG udp -- 0.0.0.0/0 0.0.0.0/0 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG all -- 0.0.0.0/0 0.0.0.0/0 state INVALID LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT-INVALID '
DROP all -- 0.0.0.0/0 0.0.0.0/0

Chain input_ext (0 references)
target prot opt source destination
LOG all -- 192.168.1.0/24 0.0.0.0/0 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOF '
DROP all -- 192.168.1.0/24 0.0.0.0/0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 3
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 11
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 12
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 14
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 18
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 2 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
DROP icmp -- 0.0.0.0/0 0.0.0.0/0
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED tcp dpt:53
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED tcp dpt:80
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED tcp dpt:443
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:143 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED tcp dpt:143
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:993 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED tcp dpt:993
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:110 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED tcp dpt:110
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:995 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED tcp dpt:995
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED tcp dpt:25
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:23 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED tcp dpt:23
REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:113 flags:0x16/0x02 reject-with tcp-reset
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:23 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:23 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:37 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:37 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:111 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:111 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:143 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:143 flags:0x16/0x02
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:6000 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP '
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:6000 flags:0x16/0x02
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state ESTABLISHED tcp dpts:600:65535 flags:!0x16/0x02
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state ESTABLISHED tcp dpt:20 flags:!0x16/0x02
ACCEPT udp -- 192.168.1.4 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535
ACCEPT udp -- 151.164.30.104 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535
ACCEPT udp -- 151.164.11.201 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:21
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:22
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:23
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:37
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:37
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:80
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:111
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:111
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:143
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:1040
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:3130
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:3401
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:6000
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED udp dpts:1024:65535
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG udp -- 0.0.0.0/0 0.0.0.0/0 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG all -- 0.0.0.0/0 0.0.0.0/0 state INVALID LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT-INVALID '
DROP all -- 0.0.0.0/0 0.0.0.0/0

Chain input_int (1 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 3
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 11
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 12
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 14
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 18
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 2 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT '
DROP icmp -- 0.0.0.0/0 0.0.0.0/0
REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:113 flags:0x16/0x02 reject-with tcp-reset
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:1024:65535 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED tcp dpts:1024:65535
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state ESTABLISHED tcp dpts:600:65535 flags:!0x16/0x02
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state ESTABLISHED tcp dpt:20 flags:!0x16/0x02
ACCEPT udp -- 192.168.1.4 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535
ACCEPT udp -- 151.164.30.104 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535
ACCEPT udp -- 151.164.11.201 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG udp -- 0.0.0.0/0 0.0.0.0/0 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT '
LOG all -- 0.0.0.0/0 0.0.0.0/0 state INVALID LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT-INVALID '
DROP all -- 0.0.0.0/0 0.0.0.0/0



unix 2 [ ACC ] STREAM LISTENING 3707 1310/X /tm p/.X11-unix/X0
unix 2 [ ACC ] STREAM LISTENING 8875 1811/kdeinit: klaun /tm p/ksocket-root/klauncherQLGPzb.slave-socket
unix 2 [ ACC ] STREAM LISTENING 8946 1826/artsd /tm p/mcop-root/musashi_pctechnirvana_com-0722-41510a18
unix 2 [ ACC ] STREAM LISTENING 8975 1838/kdeinit: ksmse /tm p/.ICE-unix/1838

david_ross 10-24-2004 12:10 PM
Those firewall rules look extremely complex and OTT. Try temporarily disabling the firewall with this to see if it helps:
iptables -F
itpables -P INPUT ACCEPT
itpables -P OUTPUT ACCEPT

Charles Daniel 10-24-2004 01:20 PM
Dropping Connections
 
Tried it but got the same results.

ugge 10-24-2004 02:45 PM
There are several levels of security in the linux networking world, one is the iptables.
There is also a security perimeter are the tcp wrapper which uses the files hosts.allow and hosts.deny, found in the /etc directory.
These files which ip adresses to let through and which to block. Not all services have support for the tcp wrapper system but at least the telnet should have that.
If your IP are listen in the hosts.deny you won't be able to connect. Most common is to set ALL : DENY to block all hosts and then open upp specific services and hosts in the hosts.allow file.
There are also a security feature built into the inetd service.

Charles Daniel 10-24-2004 10:37 PM
Well, I finally got the telnet to work. I found that the daemon had not
been installed in the OS:tisk: . FTP is trying hard to work but I think the
configuration is either wrong or I don't understand it. Probably both!

FTP says it is running in anonymous mode yet it prompts me for username
and password anyway. Futhermore it prompts ROOT as the default
user. I thought this was forbidden by default. Anyway if I provide a
password or change users and provide the password the FTP fails to
connect saying that "this is an anonymous only server". Here is the
output:

When I do nothing:

Connected to musashi.pctechnirvana.com.
220 ready, dude (vsFTPd 1.0.1: beat me, break me)
Name (musashi.pctechnirvana.com:root):
530 This FTP server is anonymous only.
ftp: Login failed.

When I attempt user/password:

ftp musashi.pctechnirvana.com
Connected to musashi.pctechnirvana.com.
220 ready, dude (vsFTPd 1.0.1: beat me, break me)
Name (musashi.pctechnirvana.com:root): <I type username here>
530 This FTP server is anonymous only.
ftp: Login failed.

It seems that I need to modify this server config. Can anyone help?:confused:

ugge 10-25-2004 08:10 AM
Anonymous ftp requires you to give anonymous as username. Some installations also requires you to enter your e-mail address as password. The reson why it suggest root as user is usually that you have run the ftp command as the user root.

Your output seems to be in order. Try to login as user anonymous, giving an empty password or an email address, and you will get in.


All times are GMT -5. The time now is 01:58 PM.