Search Results

Search found 762 results on 31 pages for 'telnet'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 10/31 | < Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17  | Next Page >

  • Open ports broken from internal network

    - by ksvi
    Quick summary: Forwarded port works from the outside world, but from the internal network using the external IP the connection is refused. This is a simplified situation to make the explanation easier: I have a computer that is running a service on port 12345. This computer has an internal IP 192.168.1.100 and is connected directly to a modem/router which has internal IP 192.168.1.1 and external (public, static) IP 1.2.3.4. (The router is TP-LINK TD-w8960N) I have set up port forwarding (virtual server) at port 12345 to go to port 12345 at 192.168.1.100. If I run telnet 192.168.1.100 12345 from the same computer everything works. But running telnet 1.2.3.4 12345 says connection refused. If I do this on another computer (on the same internal network, connected to the router) the same thing happens. This would seem like the port forwarding is not working. However... If I run a online port checking service on my external IP and the service port it says the port is open and I can see the remote server connecting and immediately closing connection. And using another computer that is connected to the internet using a mobile connection I can also use telnet 1.2.3.4 12345 and I get a working connection. So the port forwarding seems to be working, however using external IP from the internal network doesn't. I have no idea what can be causing this, since another setup very much like this (different router) works for me. I can access a service running on a server from inside the network both through the internal and external IP. Note: I know I could just use the internal IP inside of the network to access this service. But if I have a laptop that must be able to do this both from inside and outside it would be annoying to constantly switch between 1.2.3.4 and 192.168.1.100 in the software configuration. Router output: > iptables -t nat -L -n Chain PREROUTING (policy ACCEPT) target prot opt source destination ACCEPT all -- 0.0.0.0/0 224.0.0.0/3 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 to:192.168.1.101 DNAT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:25 to:192.168.1.101 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:110 to:192.168.1.101 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:12345 to:192.168.1.102 DNAT udp -- 0.0.0.0/0 192.168.1.1 udp dpt:53 to:217.118.96.203 Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all -- 192.168.1.0/24 0.0.0.0/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination

    Read the article

  • How is incoming SMTP mail being delivered despite blocked port

    - by Josh
    I setup a MX mail server, everything works despite port 25 being blocked, I'm stumped as to why I am able to receive email with this setup, and what the consequences might be if I leave it this way. Here are the details: Connections to SMTP over port 25 and 587 both reliably connect over my local network. Connections to SMTP over port 25 are blocked from external IPs (the ISP is blocking the port). Connections to Submission SMTP over port 587 from external IPs are reliable. Emails sent from gmail, yahoo, and a few other addresses all are being delivered. I haven't found an email provider that fails to deliver mail to my MX. So, with port 25 blocked, I am assuming other MTA servers fallback to port 587, otherwise I can't imagine how the mail is received. I know port 25 shouldn't be blocked, but so far it works. Are there mail servers that this will not work with? Where can I find more about how this is working? -- edit More technical detail, to validate that I'm not missing something silly. Obviously in the transcript below I've replaced my actual domain with example.com. # DNS MX record points to the A record. $ dig example.com MX +short 1 example.com $ dig example.com A +short <Public IP address> # From a public server (not my ISP hosting the mail server) # We see port 25 is blocked, but port 587 is open $ telnet example.com 25 Trying <public ip>... telnet: Unable to connect to remote host: Connection refused # Let's try openssl $ openssl s_client -starttls smtp -crlf -connect example.com:25 connect: Connection refused connect:errno=111 # Again from a public server, we see port 587 is open $ telnet example.com 587 Trying <public ip>... Connected to example.com. Escape character is '^]'. 220 example.com ESMTP Postfix ehlo example.com 250-example.com 250-PIPELINING 250-SIZE 10485760 250-VRFY 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250-DSN 250-BINARYMIME 250 CHUNKING quit 221 2.0.0 Bye Connection closed by foreign host. Here is a portion from the mail log when receiving a message from gmail: postfix/postscreen[93152]: CONNECT from [209.85.128.49]:48953 to [192.168.0.10]:25 postfix/postscreen[93152]: PASS NEW [209.85.128.49]:48953 postfix/smtpd[93160]: connect from mail-qe0-f49.google.com[209.85.128.49] postfix/smtpd[93160]: 7A8C31C1AA99: client=mail-qe0-f49.google.com[209.85.128.49] The log shows that a connection was made to the local IP on port 25 (I'm not doing any port mapping, so it is port 25 on the public IP too). Seeing this leads me to hypothesize that the ISP block on port 25 only occurs when a connection is made from an IP address that is not known to be a mail server. Any other theories?

    Read the article

  • Exim 4.63 on CentOS: sending mail from server app through localhost - failed on authentication

    - by Stas
    Hi! I am trying to send mail from my java application simply connecting on localhost:25 with empty login and password (I have to state them due to API). Mail sending is failed then with 2010-03-21 12:20:01 login authenticator failed for localhost [127.0.0.1]: 535 Incorrect authentication data On the other hand, when I am sending mail with telnet by: $ telnet localhost 25 ehlo ... mail from:... rcpt to:... data: ... it works perfectly. Any clues?

    Read the article

  • Trying to install wordpress inside rails app with nginx and fastcgi

    - by pinouchon
    I have a rails app (let's call it myapp) running at www.myapp.com. I want to add a wordpress blog at www.myapp.com/blog. The webserver for the rails app is thin (see the upstream block). The wordpress runs with php-fastcgi. The rails app works fine. My problem is the following: in /home/myapp/myapp/log/error.log error I get: 2013/06/24 10:19:40 [error] 26066#0: *4 connect() failed (111: Connection refused) while connecti\ ng to upstream, client: xx.xx.138.20, server: www.myapp.com, request: "GET /blog/ HTTP/1.1", \ upstream: "fastcgi://127.0.0.1:9000", host: "www.myapp.com" Here is the nginx conf file: upstream myapp { server unix:/tmp/thin_myapp.0.sock; server unix:/tmp/thin_myapp.1.sock; server unix:/tmp/thin_myapp2.sock; } server { listen 80; server_name www.myapp.com; client_max_body_size 20M; access_log /home/myapp/myapp/log/access.log; error_log /home/myapp/myapp/log/error.log error; root /home/myapp/myapp/public; index index.html; location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; # Index HTML Files if (-f $document_root/cache/$uri/index.html) { rewrite (.*) /cache/$1/index.html break; } if (!-f $request_filename) { proxy_pass http://myapp; break; } # try_files /system/maintenance.html $uri $uri/index.html $uri.html @ruby; } location /blog/ { root /var/www/wordpress; fastcgi_index index.php; if (!-e $request_filename) { rewrite ^(.*)$ /blog/index.php?q=$1 last; } include /etc/nginx/fastcgi_params; fastcgi_param SCRIPT_FILENAME /var/www/wordpress$fastcgi_script_name; fastcgi_pass localhost:9000; # port to FastCGI } } Any ideas why that doesn't work ? How do I make sure that php-factcgi is configured properly ? Edit: I cant test if fastcgi is running with telnet: $> telnet 127.0.0.1 9000 Trying 127.0.0.1... telnet: Unable to connect to remote host: Connection refused And it's not.

    Read the article

  • Dovecot not working pop3 with postfix

    - by samer na
    $ telnet localhost pop3 Trying ::1... Trying 127.0.0.1... telnet: Unable to connect to remote host: Connection refused $ netstat -l tcp 0 0 *:www : LISTEN tcp 0 0 localhost.localdoma:ipp : LISTEN tcp 0 0 *:smtp : LISTEN tcp 0 0 localhost.localdo:mysql : LISTEN and nothing about dovecot in mail.log or mail.err when I run this service dovecot start I got start: Rejected send message, 1 matched rules; type="method_call", sender=":1.553" (uid=1000 pid=26250 comm="start) interface="com.ubuntu.Upstart0_6.Job" member="Start" error name="(unset)" requested_reply=0 destination="com.ubuntu.Upstart" (uid=0 pid=1 comm="/sbin/init")) in dovecot.conf protocols = imap imaps pop3 pop3s disable_plaintext_auth = no log_timestamp = "%Y-%m-%d %H:%M:%S " mail_location = maildir:/var/spool/mail/%d/%n mail_access_groups = mail first_valid_uid = 106 first_valid_gid = 106 protocol imap { } protocol pop3 { listen=*:110 pop3_uidl_format = %08Xu%08Xv } protocol lda { postmaster_address = [email protected] mail_plugins = quota log_path = /var/log/dovecot-deliver.log info_log_path = /var/log/dovecot-deliver.log } auth default { mechanisms = digest-md5 plain passdb sql { args = /etc/dovecot/dovecot-mysql.conf } userdb sql { args = /etc/dovecot/dovecot-mysql.conf } user = root }

    Read the article

  • Limit HTTP VERBS on Apache2

    - by user72295
    I am trying to limit the use of certain HTTP verbs on my site. I entered the following into my VirtualHost config file within the Directory element: <Limit GET POST HEAD> Allow from all </Limit> <Limit PUT DELETE OPTIONS> Deny from all </Limit> This seemed to work but with unexpected results: I ran the following telnet/HTTP commands before and after this change, open server 80 OPTIONS server/abs_path HTTP/1.1 User-Agent: Telnet/1.0 Host: server before the change I received a successful response with the Allowed headers. After the change, however, I was expecting to receive a 405 'Method not allowed' response but rather I received a 403 'Access Forbidden' response. What do I need to change in apache to return the 405 HTTP response? Many thanks

    Read the article

  • Zimbra ZCS 7.2.1 MTA Deferring e-mail

    - by user139181
    Zimbra 7.1.2 and the MTA seems to be deferring e-mail when it is received. Oct 1 09:35:42 www postfix/error[16614]: 5FB8C1A803EE: to=<[email protected]>, relay=none, delay=0.15, delays=0.08/0.01/0/0.06, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to thedigiologygroup.org[75.149.56.27]:7025: Connection timed out) I can telnet to both 25 and 7025. I do get a $ telnet thedigiologygroup.org 25 Trying 75.149.56.27... Connected to thedigiologygroup.org. Escape character is '^]'. 220 thedigiologygroup.org ESMTP Postfix 500 5.5.2 Error: bad syntax 500 5.5.2 Error: bad syntax` I dont see email in the inbox obviously and I am not sure how to troubleshoot what is going on. Nothing DNS has changed. This box has been running for a year Zimbra was removed and re-installed after trying to upgrade to ZCS-8 with no luck.

    Read the article

  • Plesk 9 VPS - Doesn't reply to NameServer requests (nslookup, etc)

    - by Ben
    Hi, I'm trying to troubleshoot a problem with a new VPS i'm setting up. The VPS is running Plesk 9 on a CentOS 5 system. Everything works fine, except it doesn't serve dns requests. If I try something like nslookup [somedomain.com] the.ser.ver.ip to test a DNS query, i get the following error ;; connection timed out; no servers could be reached I can't telnet to it on port 42 either.. I'm guessing something is blocking the requests.. firewall maybe? the plesk firewall module is installed and the nameservers entry is green. Any other way I can check what's blocking it on the server? Any help/tip greatly appreciated. Note: http works, i can telnet to the server on port 80 and i can also ping the server Thanks

    Read the article

  • Plesk 10 port 8443 connection timeout

    - by GriffinHeart
    I've installed plesk 10 on centOS and after installing to access the cp you need to go https::8443 I'm not being able to, and would like to find out why i can ssh to the server and i can, from the server telnet, to those ports. from another machine i can ping it but when i try to telnet or go to that address i get connection timeout, happens with port 80 and 8443 from my netstat netstat -nlp | grep 8443 tcp 0 0 :::8443 :::* LISTEN 25205/sw-cp-serverd How do i find out whats causing the problem? I also have a router but firewall is at the minimum and the server configured as DMZ, also tried to redirect 8443 to 8443 of the server.

    Read the article

  • How to make VirtualBox headless answer on rdp port?

    - by stiv
    I'd like to run windows xp on RDP: $ VBoxManage modifyvm winxp32 --vrdeport 3389 $ VBoxHeadless -s winxp32 -v on Oracle VM VirtualBox Headless Interface 4.1.18_Debian (C) 2008-2012 Oracle Corporation All rights reserved. (waiting) in another window: $ telnet localhost 3389 Trying 127.0.0.1... telnet: Unable to connect to remote host: Connection refused Yes, I've read about extension: $ sudo VBoxManage extpack install Oracle_VM_VirtualBox_Extension_Pack-4.1.20-80170.vbox-extpack 0%... Progress state: NS_ERROR_FAILURE VBoxManage: error: Failed to install "Oracle_VM_VirtualBox_Extension_Pack-4.1.20- 80170.vbox-extpack": Extension pack 'Oracle VM VirtualBox Extension Pack' is already installed. In case of a reinstallation, please uninstall it first Looked through all manuals and all help requests. No success. What's wrong? Any ideas?

    Read the article

  • exception occurred for backend host '127.0.0.1/7001/7001': 'CONNECTION_REFUSED [os error=0, line 1715 of URL.cpp]: Error connecting to host 127.0.0.1:7001'

    - by Vijaya Moderator -Oracle
    When you hit the WLS Server via Proxy server, we may get the issue like below... [09/Jun/2014:06:05:50] failure ( 3284): for host 127.0.0.1 trying to GET /.../soundlink_wireless_​speaker/index.jsp, wl-proxy reports: exception occurred for backend host '127.0.0.1/7001/0': 'PROTOCOL_ERROR [line 835 of URL.cpp]: Backend Server not responding' [09/Jun/2014:06:05:50] failure ( 3284): for host 127.0.0.1 trying to GET /.../soundlink_wireless_​speaker/index.jsp, wl-proxy reports: exception occurred for backend host '127.0.0.1/7001/0': 'PROTOCOL_ERROR [line 835 of URL.cpp]: Backend Server not responding' [09/Jun/2014:06:05:51] failure ( 3284): for host 127.0.0.1 trying to GET /.../soundlink_wireless_​speaker/index.jsp, wl-proxy reports: exception occurred for backend host '127.0.0.1/7001/7001': 'CONNECTION_REFUSED [os error=0, line 1715 of URL.cpp]: Error connecting to host 127.0.0.1:7001' To solve the issue 1.  Check if there is any issue at the firewall by executing the below command     telnet 127.0.0.1 7001 2.  Also access  using the hostname instead of IP Address  If it errors out like below   Microsoft Telnet> o 127.0.0.1 7001 connecting to 127.0.0.1  Warning thrown at weblogic console: <BEA-000449> <Closing socket as no data read from it on 127.0.0.1:54,356 during the configured idle timeout of 5 secs>  Test the same again by disabling the firewall. Below are the steps... 1)Go to Start ----> Run  2)Type services.msc  3)In services.msc search for "Windows Firewall" and Right Click on "Windows Firewall"---->Select Stop. 4)Access the Weblogic URL  If the issue is resolved after disabling firewall, Request your  OS System Admin to open the port 7001 at the firewall end to access the application

    Read the article

  • Multicast hostname lookups on OSX

    - by KARASZI István
    I have a problem with hostname lookups on my OSX computer. According to Apple's HK3473 document it says for v10.6: Host names that contain only one label in addition to local, for example "My-Computer.local", are resolved using Multicast DNS (Bonjour) by default. Host names that contain two or more labels in addition to local, for example "server.domain.local", are resolved using a DNS server by default. Which is not true as my testing. If I try to open a connection on my local computer to a remote port: telnet example.domain.local 22 then it will lookup the IP address with multicast DNS next to the A and AAAA lookups. This causes a two seconds lookup timeout on every lookup. Which is a lot! When I try with IPv4 only then it won't use the multicast queries to fetch the remote address just the simple A queries. telnet -4 example.domain.local 22 When I try with IPv6 only: telnet -6 example.domain.local 22 then it will lookup with multicast DNS and AAAA again, and the 2 seconds timeout delay occurs again. I've tried to create a resolver entry to my /etc/resolver/domain.local, and /etc/resolver/local.1, but none of them was working. Is there any way to disable this multicast lookups for the "two or more label addition to local" domains, or simply disable it for the selected subdomain (domain.local)? Thank you! Update #1 Thanks @mralexgray for the scutil --dns command, now I can see my domain in the list, but it's late in the order: DNS configuration resolver #1 domain : adverticum.lan nameserver[0] : 192.168.1.1 order : 200000 resolver #2 domain : local options : mdns timeout : 2 order : 300000 resolver #3 domain : 254.169.in-addr.arpa options : mdns timeout : 2 order : 300200 resolver #4 domain : 8.e.f.ip6.arpa options : mdns timeout : 2 order : 300400 resolver #5 domain : 9.e.f.ip6.arpa options : mdns timeout : 2 order : 300600 resolver #6 domain : a.e.f.ip6.arpa options : mdns timeout : 2 order : 300800 resolver #7 domain : b.e.f.ip6.arpa options : mdns timeout : 2 order : 301000 resolver #8 domain : domain.local nameserver[0] : 192.168.1.1 order : 200001 Maybe it would work if I could move the resolver #8 to the position #2. Update #2 No probably won't work because the local DNS server on 192.168.1.1 answering for domain.local requests and it's before the mDNS (resolver #2). Update #3 I could decrease the mDNS timeout in /System/Library/SystemConfiguration/IPMonitor.bundle/Contents/Info.plist file, which speeds up the lookups a little, but this is not the solution.

    Read the article

  • Plesk 10 port 8443 connection timeout

    - by GriffinHeart
    I've installed plesk 10 on centOS and after installing to access the cp you need to go https::8443 I'm not being able to, and would like to find out why i can ssh to the server and i can, from the server telnet, to those ports. from another machine i can ping it but when i try to telnet or go to that address i get connection timeout, happens with port 80 and 8443 from my netstat netstat -nlp | grep 8443 tcp 0 0 :::8443 :::* LISTEN 25205/sw-cp-serverd How do i find out whats causing the problem? I also have a router but firewall is at the minimum and the server configured as DMZ, also tried to redirect 8443 to 8443 of the server.

    Read the article

  • Configure sendmail to accept connection from one other IP address

    - by Kumala
    I have a RubyOnRails application running on the same server that runs sendmail. The application sends out (no need to receive) emails via the local sendmail. Now I intend to move sendmail to a dedicated server. How do I make sendmail on that server accept connections from my application on the other server? I modified sendmail.mc from DAEMON_OPTIONS(`Family=inet, Name=MTA-v4, Port=smtp, Addr=127.0.0.1')dnl to DAEMON_OPTIONS(`Family=inet, Name=MTA-v4, Port=smtp')dnl I have also added to /etc/mail/access: Connect:198.211.117.41 RELAY then ran m4 sendmail.mc > sendmail.cf and restarted sendmail. Trying to connect from my app server with telnet on port 25 to the mail server gives me: telnet: Unable to connect to remote host: Connection refused Am I missing something?

    Read the article

  • Dovecot, POP3 and Gmail

    - by Eric J.
    I setup Postfix and Dovecot on a new Ubuntu box following these directions. From a client machine, I validate that POP3 seems to be working telnet mydomain.com 110 +OK Dovecot ready. USER [email protected] +OK PASS mypassword +OK Logged in. quit +OK Logging out. However, when trying to configure Gmail on the same client to retrieve email via POP3, I get the error Server denied POP3 access for the given username and password. Server returned error: "Login failed." I carefully confirmed that Gmail is configured to use the same POP Server, Port, Username and Password I used when checking the connection with telnet. What could be causing Gmail to get a "Login failed" message?

    Read the article

  • How to receive mail in Qmail?

    - by Ivan
    I've a server that uses Qmail. It is installed by default and it is supposed to work. I've created a new domain and new user (vadddomain + vadduser) without problems, but when I send an email from Gmail to [email protected] (the address I've created) it desappears, it is. But if connect to SMTP server directly (telnet domain.com 25) and post an email it arrives to the user queue. What's happening?!? Note: If I try to access to my user through telnet domain.com 110 it seems my pwd is not correct and it's the same I used when created the user with vadduser

    Read the article

  • Blocked port 25 on Windows 7 64 bit

    - by Michal Gow
    Strange problem. I have 2 computers connected to Wifi router. One with Windows Vista & second with 2 operating systems: SUSe Linux and Windows 7 64bit on it. Computer with Vista can connect to SMTP server of my email provider (and any other) using port 25, and can connect to a mail server using telnet mail.server.com 25 if this port is open. Computer with dual operating system can (using Linux) do the same. The same computer, with the same hardware (Wifi card etc.), and using the same WiFi router, cannot however use Port 25 and cannot Telnet into any smtp server. So the problem is in Windows 7. I did uninstall all antivirus software and disabled the firewall. The problem is still here. Is there way how find out which software is blocking this port?

    Read the article

  • windows 2003 - why can't serial port be accessed remotely?

    - by Danny Staple
    we have recently installed the updates on some of our servers, which have a bit of hardware attached via USB that presents itself as a serial (COM) port. The strange behaviour is that if I start a cmd shell on the server via VNC, I can open the serial port. If I run a service and start it from there (telnet, jenkins) then I receive a "not found" error for it. IE: C:\Documents and Settings\some_user>echo 1 >COM4: C:\Documents and Settings\some_user> on the local cmd will work, and on the remote telnet will give: C:\Documents and Settings\some_user>echo 1 >COM4: The system cannot find the file specified. C:\Documents and Settings\some_user> I cannot see any security settings on the Device manager settings panel for this device.

    Read the article

  • Can not access to my apache server remotely

    - by Jichao
    I have bought a VPS server, setted the apache server. But I could only access the webpage from local, I thought maybe the server did not recieveing access from outside. I tried Firefox, but the access_log shows nothing accessed. But telnet http://www.59lt.com 80 and type nonsence code, I recieved following error: and the access_log under /etc/httpd/logs also caught the acess, This proved that the server do access request from outside, so why it ignore the normal request from Firefox, but choosed to recieving request from telnet? Thanks. PS: I'm using CentOS + yum installed apache(just now installed).

    Read the article

  • Cisco PIX firewall blocking inbound Exchange email

    - by sumsaricum
    [Cisco PIX, SBS2003] I can telnet server port 25 from inside but not outside, hence all inbound email is blocked. (as an aside, inbox on iPhones do not list/update emails, but calendar works a charm) I'm inexperienced in Cisco PIX and looking for some assistance before mails start bouncing :/ interface ethernet0 auto interface ethernet1 100full nameif ethernet0 outside security0 nameif ethernet1 inside security100 hostname pixfirewall domain-name ciscopix.com fixup protocol dns maximum-length 512 fixup protocol ftp 21 fixup protocol h323 h225 1720 fixup protocol h323 ras 1718-1719 fixup protocol http 80 fixup protocol rsh 514 fixup protocol rtsp 554 fixup protocol sip 5060 fixup protocol sip udp 5060 fixup protocol skinny 2000 no fixup protocol smtp 25 fixup protocol sqlnet 1521 fixup protocol tftp 69 names name 192.168.1.10 SERVER access-list inside_outbound_nat0_acl permit ip 192.168.1.0 255.255.255.0 192.168.1.96 255.255.255.240 access-list outside_cryptomap_dyn_20 permit ip any 192.168.1.96 255.255.255.240 access-list outside_acl permit tcp any host 213.xxx.xxx.xxx eq 3389 access-list outside_acl permit tcp any interface outside eq ftp access-list outside_acl permit tcp any host 213.xxx.xxx.xxx eq https access-list outside_acl permit tcp any host 213.xxx.xxx.xxx eq www access-list outside_acl permit tcp any interface outside eq 993 access-list outside_acl permit tcp any interface outside eq imap4 access-list outside_acl permit tcp any interface outside eq 465 access-list outside_acl permit tcp any host 213.xxx.xxx.xxx eq smtp access-list outside_cryptomap_dyn_40 permit ip any 192.168.1.96 255.255.255.240 access-list COMPANYVPN_splitTunnelAcl permit ip 192.168.1.0 255.255.255.0 any access-list COMPANY_splitTunnelAcl permit ip 192.168.1.0 255.255.255.0 any access-list outside_cryptomap_dyn_60 permit ip any 192.168.1.96 255.255.255.240 access-list COMPANY_VPN_splitTunnelAcl permit ip 192.168.1.0 255.255.255.0 any access-list outside_cryptomap_dyn_80 permit ip any 192.168.1.96 255.255.255.240 pager lines 24 icmp permit host 217.157.xxx.xxx outside mtu outside 1500 mtu inside 1500 ip address outside 213.xxx.xxx.xxx 255.255.255.128 ip address inside 192.168.1.1 255.255.255.0 ip audit info action alarm ip audit attack action alarm ip local pool VPN 192.168.1.100-192.168.1.110 pdm location 0.0.0.0 255.255.255.128 outside pdm location 0.0.0.0 255.255.255.0 inside pdm location 217.yyy.yyy.yyy 255.255.255.255 outside pdm location SERVER 255.255.255.255 inside pdm logging informational 100 pdm history enable arp timeout 14400 global (outside) 1 interface nat (inside) 0 access-list inside_outbound_nat0_acl nat (inside) 1 0.0.0.0 0.0.0.0 0 0 static (inside,outside) tcp 213.xxx.xxx.xxx 3389 SERVER 3389 netmask 255.255.255.255 0 0 static (inside,outside) tcp 213.xxx.xxx.xxx smtp SERVER smtp netmask 255.255.255.255 0 0 static (inside,outside) tcp 213.xxx.xxx.xxx https SERVER https netmask 255.255.255.255 0 0 static (inside,outside) tcp 213.xxx.xxx.xxx www SERVER www netmask 255.255.255.255 0 0 static (inside,outside) tcp interface imap4 SERVER imap4 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 993 SERVER 993 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 465 SERVER 465 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface ftp SERVER ftp netmask 255.255.255.255 0 0 access-group outside_acl in interface outside route outside 0.0.0.0 0.0.0.0 213.zzz.zzz.zzz timeout xlate 0:05:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00 timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00 timeout sip-disconnect 0:02:00 sip-invite 0:03:00 timeout uauth 0:05:00 absolute aaa-server TACACS+ protocol tacacs+ aaa-server TACACS+ max-failed-attempts 3 aaa-server TACACS+ deadtime 10 aaa-server RADIUS protocol radius aaa-server RADIUS max-failed-attempts 3 aaa-server RADIUS deadtime 10 aaa-server RADIUS (inside) host SERVER *** timeout 10 aaa-server LOCAL protocol local http server enable http 217.yyy.yyy.yyy 255.255.255.255 outside http 192.168.1.0 255.255.255.0 inside no snmp-server location no snmp-server contact snmp-server community public no snmp-server enable traps floodguard enable sysopt connection permit-ipsec crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac crypto dynamic-map outside_dyn_map 20 match address outside_cryptomap_dyn_20 crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-MD5 crypto dynamic-map outside_dyn_map 40 match address outside_cryptomap_dyn_40 crypto dynamic-map outside_dyn_map 40 set transform-set ESP-3DES-MD5 crypto dynamic-map outside_dyn_map 60 match address outside_cryptomap_dyn_60 crypto dynamic-map outside_dyn_map 60 set transform-set ESP-3DES-MD5 crypto dynamic-map outside_dyn_map 80 match address outside_cryptomap_dyn_80 crypto dynamic-map outside_dyn_map 80 set transform-set ESP-3DES-MD5 crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map crypto map outside_map client authentication RADIUS LOCAL crypto map outside_map interface outside isakmp enable outside isakmp policy 20 authentication pre-share isakmp policy 20 encryption 3des isakmp policy 20 hash md5 isakmp policy 20 group 2 isakmp policy 20 lifetime 86400 telnet 217.yyy.yyy.yyy 255.255.255.255 outside telnet 0.0.0.0 0.0.0.0 inside telnet timeout 5 ssh 217.yyy.yyy.yyy 255.255.255.255 outside ssh 0.0.0.0 255.255.255.0 inside ssh timeout 5 management-access inside console timeout 0 dhcpd address 192.168.1.20-192.168.1.40 inside dhcpd dns SERVER 195.184.xxx.xxx dhcpd wins SERVER dhcpd lease 3600 dhcpd ping_timeout 750 dhcpd auto_config outside dhcpd enable inside : end I have Kiwi SysLog running but could use some pointers in that regard to narrow down the torrent of log messages, if that helps?!

    Read the article

  • Spam mail through SMTP and user spoofing

    - by Josten Moore
    I have noticed that it's possible to telnet into a mailserver that I own and send spoofed messages to other clients. This only works for the domain that the mail server is regarding; I cannot do it for other domains. For example; lets say that I own example.com. If I telnet example.com 25 I can successfully send a message to another user without authentication: HELO local MAIL FROM: [email protected] RCPT TO: [email protected] DATA SUBJECT: Whatever this is spam Spam spam spam . I consider this a big problem; how do I secure this?

    Read the article

  • check_ssh executed from Nagios server returns "Server answer: ", nothing else

    - by phs
    Commmand works on the host I need to monitor (its IP is denoted as $HOSTADDRESS$ here): [root@host ~]# /usr/local/nagios/libexec/check_ssh localhost SSH OK - OpenSSH_4.3 (protocol 2.0) However, on the Nagios server, it does not: root@server:~# /usr/lib/nagios/plugins/check_ssh -H $HOSTADDRESS$ Server answer: I can see that the port is open: root@server:~# /usr/lib/nagios/plugins/check_tcp -H $HOSTADDRESS$ -p 22 TCP OK - 0.123 second response time on port 22|time=0.123277s;;;0.000000;10.000000 And I can verify with telnet: root@server:/etc/nagios3/conf.d# telnet $HOSTADDRESS$ 22 Trying $HOSTADDRESS$... Connected to $HOSTADDRESS$. Escape character is '^]'. After searching the web for two hours and trying different suggestions I am out of ideas. I have several other hosts with similar setup, and they don't have this problem. I have compared the configs and they look the same (I think). I am clearly missing something here.

    Read the article

  • Remote access to internal machine (ssh port-forwarding)

    - by MacUsers
    I have a server (serv05) at work with a public ip, hosting two KVM guests - vtest1 & vtest2 - in two different private network - 192.168.122.0 & 192.168.100.0 - respectively, this way: [root@serv05 ~]# ip -o addr show | grep -w inet 1: lo inet 127.0.0.1/8 scope host lo 2: eth0 inet xxx.xxx.xx.197/24 brd xxx.xxx.xx.255 scope global eth0 4: virbr1 inet 192.168.100.1/24 brd 192.168.100.255 scope global virbr1 6: virbr0 inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 # [root@serv05 ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr1 xxx.xxx.xx.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0 169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0 0.0.0.0 xxx.xxx.xx.62 0.0.0.0 UG 0 0 0 eth0 I've also setup IP FORWARDing and Masquerading this way: iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE iptables --append FORWARD --in-interface virbr0 -j ACCEPT All works up to this point. If I want to remote access vtest1 (or vtest2) first I ssh to serv05 and then from there ssh to vtest1. Is there a way to setup a port forwarding so that vtest1 can be accessed directly from the outside world? This is what I probably need to setup: external_ip (tcp port 4444) -> DNAT -> 192.168.122.50 (tcp port 22) I know it's easily do'able using a SOHO router but can't figure out how can I do that on a Linux box. Any help form you guys?? Cheers!! Update: 1 Now I've made ssh to listen to both of the ports: [root@serv05 ssh]# netstat -tulpn | grep ssh tcp 0 0 xxx.xxx.xx.197:22 0.0.0.0:* LISTEN 5092/sshd tcp 0 0 xxx.xxx.xx.197:4444 0.0.0.0:* LISTEN 5092/sshd and port 4444 is allowed in the iptables rules: [root@serv05 sysconfig]# grep 4444 iptables -A PREROUTING -i eth0 -p tcp -m tcp --dport 4444 -j DNAT --to-destination 192.168.122.50:22 -A INPUT -p tcp -m state --state NEW -m tcp --dport 4444 -j ACCEPT -A FORWARD -i eth0 -p tcp -m tcp --dport 4444 -j ACCEPT But I'm getting connection refused: maci:~ santa$ telnet serv05 4444 Trying xxx.xxx.xx.197... telnet: connect to address xxx.xxx.xx.197: Connection refused telnet: Unable to connect to remote host Any idea what's I'm still missing? Cheers!!

    Read the article

  • Exchange 2010 Prevent Authenticated Users From Sending Email From Any Address

    - by Chance
    I have recently been combating an SMTP AUTH attack in which one of my email accounts had been compromised and was being used to solicit spam. I have been able to identify the account and change the password however I would like to further restrict my exchange server. By default exchange 2010 allows for any authenticated user to specify any email address as the MAIL FROM address and it will accept it. Is there any way to restrict this so that only the authenticated account's email address will be able to be used as the MAIL FROM address? I have been looking through all ADPermissions for the SMTP connector however I can't find any documentation on how to accomplish this. Any suggestions would be greatly appreciated. Telnet Test Picture Telnet Test SMTP Connector Properties Pictures Permissions Tab

    Read the article

  • Ubuntu + SSL ports + AVAST

    - by jurajvt
    I have an interesting problem with communication via standard SSL ports. Fresh installed Ubuntu 14.04 server + Postfix + Dovecot, SASL authentication provided by Dovecot, self-signed certificate generated trough the Dovecot script mkcert.sh. Redirected ports on ZyWALL USG 200. I can send and receive e-mails from outside with standard ports 25 and 110, but not over 587. I am connecting to my server from machine with Windows 8.1 + VMWare Player + Ubuntu 14.04 Desktop + ssh. On Windows host I have installed Avast! antivirus. When I am trying to telnet from virtual machine to server over 587, it refused connection. But when I turn on Avast! it let me in to message Connected to... Same with nmap. When Avast! is turned on it is show me all SSL ports. When I turned it off, only standard ports appeared. OpenSSL shows me CONNECTED(00000003). But outside virtual machine directly in Windows 8.1 using nmap with zenmap there are not opened SSL ports in both Avast! states. From other external linux machines are problems with touching SSL ports same - refused. I have turned on submission in master.cf and 587 port is correctly listening on 0.0.0.0 in process master.pid which belongs to Postfix. I can telnet, or nmap over port 587 to my domain directly from server. Other ports like 995, 993 are OK on localhost, too. It is true, that I can't send emails via 587 anyway (Avast! turned on/off), but I can see ports opened. It is possible, that I have simply bad certificate and Avast! has right one, so with turned it on I can see opened ports? EDIT: To be more clear, I can't see or using port 587 everywhere from outside (tried Thunderbird, telnet, openssl, nmap, putty, swaks; both from Linux or Windows machines) and that is my problem. It was only by chance that I saw opened ports when Avast! is turned on.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17  | Next Page >