Thursday, May 2, 2024
Homepage · server
 Popular · Latest · Hot · Upcoming
0
rated 0 times [  0] [ 0]  / answers: 1 / hits: 2838  / 2 Years ago, fri, december 17, 2021, 2:43:25

I don't have access to company firewall server. but supposedly the port 1720 is open on my one ubuntu server. So I want to test it with netcat:



sudo nc -ul 1720


The port is listening on the machine ITSELF:



sudo netstat -tulpn | grep nc

udp        0      0 0.0.0.0:1720            0.0.0.0:*                           29477/nc


The port is open and in use on the machine ITSELF:



lsof -i -n -P | grep 1720

gateway 980 myuser    8u  IPv4 187284576      0t0  UDP *:1720


Checked the firewall on current server:



sudo ufw allow 1720/udp

Skipping adding existing rule

Skipping adding existing rule (v6)

sudo ufw status verbose | grep 1720

1720/udp                   ALLOW IN    Anywhere

1720/udp                   ALLOW IN    Anywhere (v6)


But I try echoing data to it from another computer (I replaced the x's with the real integers):



echo "Some data to send" | nc xx.xxx.xx.xxx 1720


But it didn't write anything. So then I try with telnet from the other computer as well:



telnet xx.xxx.xx.xxx 1720

Trying xx.xxx.xx.xxx...

telnet: connect to address xx.xxx.xx.xxx: Operation timed out

telnet: Unable to connect to remote host


Although I don't think telnet works with udp sockets.



I ran nmap from another computer within the same local network and this is what I got:



sudo nmap -v -A -sU -p 1720 xx.xxx.xx.xx



Starting Nmap 5.21 ( http://nmap.org ) at 2013-10-31 15:41 EDT

NSE: Loaded 36 scripts for scanning.

Initiating Ping Scan at 15:41

Scanning xx.xxx.xx.xx [4 ports]

Completed Ping Scan at 15:41, 0.10s elapsed (1 total hosts)

Initiating Parallel DNS resolution of 1 host. at 15:41

Completed Parallel DNS resolution of 1 host. at 15:41, 0.00s elapsed

Initiating UDP Scan at 15:41

Scanning xtremek.com (xx.xxx.xx.xx) [1 port]

Completed UDP Scan at 15:41, 0.07s elapsed (1 total ports)

Initiating Service scan at 15:41

Initiating OS detection (try #1) against xtremek.com (xx.xxx.xx.xx)

Retrying OS detection (try #2) against xtremek.com (xx.xxx.xx.xx)

Initiating Traceroute at 15:41

Completed Traceroute at 15:41, 0.01s elapsed

NSE: Script scanning xx.xxx.xx.xx.

NSE: Script Scanning completed.

Nmap scan report for xtremek.com (xx.xxx.xx.xx)

Host is up (0.00013s latency).

PORT     STATE  SERVICE VERSION

1720/udp closed unknown

Too many fingerprints match this host to give specific OS details

Network Distance: 1 hop



TRACEROUTE (using port 1720/udp)

HOP RTT     ADDRESS

1   0.13 ms xtremek.com (xx.xxx.xx.xx)



Read data files from: /usr/share/nmap

OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .

Nmap done: 1 IP address (1 host up) scanned in 2.04 seconds

           Raw packets sent: 27 (2128B) | Rcvd: 24 (2248B).


The only thing I can think of is a firewall or vpn issue. Is there anything else I can check for before requesting that they look at the firewall server again?


More From » server
 Answers
4

Several tools can be used to check for open ports or scan your computer. In general, because connections from localhost (your computer) will automatically be accepted, you should scan from a second computer on your LAN. nmap is one of several options.



nmap -v -A ip_address


Or if the server is pesky about pings ...



nmap -v -A -PN ip_address


nmap has additional capabilities as well =).



Additional tools you can use on your computer (rather then scanning from a remote location):



netstat -an | grep LISTEN | grep -v ^unix



netstat -ntulp



lsof -i -n -P

[#28632] Friday, December 17, 2021, 2 Years  [reply] [flag answer]
Only authorized users can answer the question. Please sign in first, or register a free account.
ibuteking
Add To Favorites
Follow
Total Points: 35
Total Questions: 128
Total Answers: 138
Location: Indonesia
Member since Thu, Oct 1, 2020
4 Years ago
;