Re: hopefully some help with AntiX

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Then all 1000 ports show up in nmap as closed.
So it seems if I allow a port in ufw, it shows up as closed, but not 
filtered.
So filtered means ufw is running, and if 22 gets allowed, it is not 
filtered, but still closed.
Glenn


----- Original Message ----- 
From: "Jude DaShiell" <jdashiel@xxxxxxxxx>
To: "K0LNY_Glenn" <glenn@ervin.email>; "Gregory Nowak" <greg@xxxxxxxxx>; 
<speakup@xxxxxxxxxxxxxxxxx>
Sent: Friday, August 26, 2022 7:12 PM
Subject: Re: hopefully some help with AntiX


What happens if ufw --disable is run then the offending computer gets
rebooted?

Jude <jdashiel at panix dot com>
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)

.

On Fri, 26 Aug 2022, K0LNY_Glenn wrote:

> I've considered that, and if I can get any port to open, I will gladly use
> telnet.
> Hell, if I could open all 1000 ports now, I would!
> Glenn
> ----- Original Message -----
> From: "Gregory Nowak" <greg@xxxxxxxxx>
> To: <speakup@xxxxxxxxxxxxxxxxx>
> Sent: Friday, August 26, 2022 7:01 PM
> Subject: Re: hopefully some help with AntiX
>
>
> On Fri, Aug 26, 2022 at 02:06:13PM -0500, K0LNY_Glenn wrote:
> > On the antiX I did
> > sudo netcat -l 22
> > and then on the pine 64, I did sudo nc 10.248.1.143 22
> > and it does not seem to connect.
> > I wonder if it is because I am using 22 to get from my windows to the
> > Pine64, in order to go linux to linux.
>
> Port 22 is a privileged port. You should consider using 1024 or
> higher. If the listening port is open on the firewall, the commands
> you gave above should connect. If you type something on the client
> side, you should see it typed on the antiX machine, and the other way
> round. This will however not give you a login terminal. To do that,
> you need something that handles logins to listen on your netcat. This
> isn't something I've done, so can't give you more directions here. If
> you don't care about the connection being secure, which you don't seem
> to, you might as well try:
>
> apt install telnetd
>
> and open tcp 23 on your firewall.
>
>
> On Fri, Aug 26, 2022 at 04:12:28PM -0500, K0LNY_Glenn wrote:
> > Well I thought I'd try iptables again.
> > I finally got it to run without any errors, that long iptables command I
> > got
> > earlier.
> > But nmap still sees no ports open on that host.
> > Prior to running iptables, I tried to apt install it, and the message 
> > was
> > that I'm already running the latest.
> > So I needed to restart iptables with
> > sudo service iptables restart
> > and it can find no service iptables.
> > I retyped it several times to be sure there was no typos.
>
> This is to be expected, iptables is not a system service.
>
> > So I tried
> > sudo systemctl restart iptables
> > and the system cannot find systemctl
>
> Is antiX running sysvinit, openrc, or something else? This is
> something the antiX documentation should tell you. What does it use
> for PID1 or init?
>
> > question:
> > If I reboot, if the long iptables command worked, will it stick if I
> > reboot?
>
> No.
>
>
> On Fri, Aug 26, 2022 at 05:57:37PM -0500, K0LNY_Glenn wrote:
> > Well it seems ufw is there, but it must not be running automatically, 
> > but
> > it
> > does not fix the port problem.
> > I did
> > sudo ufw allow ssh
> > it said tcp port allowed
> > or something like that
> > so I checked on the other computer with nmap
> > 100 ports closed
> > So I did sudo ufw restart
> > and the other computer said 999 ports filtered tcp port 22 closed.
> > I've done iptables too, but that does not stay after a reboot.
> > if I do sudo ufw status
> > it shows tcp port 22 allow
> > but it does not stay from a reboot.
>
> You need to save the firewall configuration once you changed it for it
> to persist across reboots. I haven't used ufw, so you will need to
> read up on how to do that.
>
> If port tcp 22 shows up as not filtered but closed, then the port is
> open, but there is no ssh service running.
>
> Greg
>
>
> 





[Index of Archives]     [Linux for the Blind]     [Fedora Discussioin]     [Linux Kernel]     [Yosemite News]     [Big List of Linux Books]

  Powered by Linux