Test If Port Is Open On A Remote Server
TCP Port 80Command: nmap 10.25.5.1 -p T:80
Output:
PORT STATE SERVICE 80/tcp open http
STATE = open means it's listening
If I did TCP Port 79 (which I know it's not listening on) it will show filtered:
PORT STATE SERVICE
79/tcp filtered finger
UDP Port 162
Command: nmap 10.25.5.1 -sU -p U:162
Output:
PORT STATE SERVICE 162/udp open|filtered snmptrap
STATE = open means it's listening
If I did UDP Port 163 (which I know it's not listening on) it will show filtered:
PORT STATE SERVICE 163/udp filtered cmip-man
Watch Incoming Traffic
TCP Port 80
I'm logged onto the server 10.25.5.2 and I want to see if TCP Port 80 traffic is coming inbound Command: tcpdump dst port 80 and dst host 10.25.5.2 Output: 10:49:02.943974 IP RAVEN.box293.local.47761 > xitest.box293.local.http: Flags [S], seq 3852355573, win 29200, options [mss 1460,sackOK,TS val 1040312 ecr 0,nop,wscale 7], length 0 You can also turn off Reverse DNS lookup by adding -n to the command. Command: tcpdump -n dst port 80 and dst host 10.25.5.2 Output: 10:51:08.955433 IP 10.25.254.50.47801 > 10.25.5.2.http: Flags [S], seq 2318135126, win 29200, options [mss 1460,sackOK,TS val 1071814 ecr 0,nop,wscale 7], length 0 UDP Port 162
I'm logged onto the server 10.25.5.30 and I want to see if UDP Port 162 traffic is coming from the server 10.25.5.20 Command: tcpdump src host 10.25.5.20 and udp dst port 162 and dst host 10.25.5.30 Output: 10:57:34.879662 IP snmpsender.domain.local.40410 > snmpreceiver.domain.local.snmptrap: V2Trap(180) system.sysUpTime.0=144810 S:1.1.4.1.0=E:20006.1.7 E:20006.1.3.1.2="CentOS" E:20006.1.3.1.6="Users" E:20006.1.3.1.7=0 E:20006.1.3.1.17="USERS OK - 0 users currently logged in" You can also turn off Reverse DNS lookup by adding -n to the command. Command: tcpdump -n src host 10.25.5.20 and udp dst port 162 and dst host 10.25.5.30 Output: 10:59:17.614465 IP 10.25.5.20.43471 > 10.25.5.30.snmptrap: V2Trap(185) .1.3.6.1.2.1.1.3.0=155084 .1.3.6.1.6.3.1.1.4.1.0=.1.3.6.1.4.1.20006.1.7 .1.3.6.1.4.1.20006.1.3.1.2="CentOS" .1.3.6.1.4.1.20006.1.3.1.6="Users" .1.3.6.1.4.1.20006.1.3.1.7=1 .1.3.6.1.4.1.20006.1.3.1.17="USERS WARNING - 1 users currently logged in" Firewall Rules
iptables and ip6tables
CentOS 6.x uses iptables / ip6tables to administer it's internal firewall. Allow TCP port 80 inbound. - IPv4
- Type iptables -I INPUT -p tcp --destination-port 80 -j ACCEPT and press Enter
- Type service iptables save and press Enter
- IPv6
- Type ip6tables -I INPUT -p tcp --destination-port 80 -j ACCEPT and press Enter
- Type service ip6tables save and press Enter
List firewall rules - IPv4
- Type iptables --list and press Enter
- IPv6
- Type ip6tables --list and press Enter
firewall-cmd
CentOS 7.x uses firewall-cmd to administer it's internal firewall, it supports both IPv4 and IPv6. Allow TCP port 80 inbound. - Type firewall-cmd --zone=public --add-port=80/tcp and press Enter
- Type firewall-cmd --zone=public --add-port=80/tcp --permanent and press Enter
List firewall rules: - Type firewall-cmd --list-all and press Enter
|
|