Guides‎ > ‎Other‎ > ‎

Networking

Test If Port Is Open On A Remote Server

TCP Port 80

Command:

nmap 10.25.5.1 -p T:80

Output:

PORT   STATE SERVICE
80/tcp open  http

STATE = open means it's listening

If I did TCP Port 79 (which I know it's not listening on) it will show filtered:

PORT   STATE    SERVICE
79/tcp filtered finger

UDP Port 162

Command:

nmap 10.25.5.1 -sU -p U:162

Output:

PORT    STATE         SERVICE
162/udp open|filtered snmptrap


STATE = open means it's listening

If I did UDP Port 163 (which I know it's not listening on) it will show filtered:

PORT    STATE    SERVICE
163/udp filtered cmip-man


Watch Incoming Traffic

TCP Port 80

I'm logged onto the server 10.25.5.2 and I want to see if TCP Port 80 traffic is coming inbound

Command:

tcpdump dst port 80 and dst host 10.25.5.2

Output:

10:49:02.943974 IP RAVEN.box293.local.47761 > xitest.box293.local.http: Flags [S], seq 3852355573, win 29200, options [mss 1460,sackOK,TS val 1040312 ecr 0,nop,wscale 7], length 0


You can also turn off Reverse DNS lookup by adding -n to the command.

Command:

tcpdump -n dst port 80 and dst host 10.25.5.2

Output:

10:51:08.955433 IP 10.25.254.50.47801 > 10.25.5.2.http: Flags [S], seq 2318135126, win 29200, options [mss 1460,sackOK,TS val 1071814 ecr 0,nop,wscale 7], length 0


UDP Port 162

I'm logged onto the server 10.25.5.30 and I want to see if UDP Port 162 traffic is coming from the server 10.25.5.20

Command:

tcpdump src host 10.25.5.20 and udp dst port 162 and dst host 10.25.5.30

Output:

10:57:34.879662 IP snmpsender.domain.local.40410 > snmpreceiver.domain.local.snmptrap:  V2Trap(180)  system.sysUpTime.0=144810 S:1.1.4.1.0=E:20006.1.7 E:20006.1.3.1.2="CentOS" E:20006.1.3.1.6="Users" E:20006.1.3.1.7=0 E:20006.1.3.1.17="USERS OK - 0 users currently logged in"


You can also turn off Reverse DNS lookup by adding -n to the command.

Command:

tcpdump -n src host 10.25.5.20 and udp dst port 162 and dst host 10.25.5.30

Output:

10:59:17.614465 IP 10.25.5.20.43471 > 10.25.5.30.snmptrap:  V2Trap(185)  .1.3.6.1.2.1.1.3.0=155084 .1.3.6.1.6.3.1.1.4.1.0=.1.3.6.1.4.1.20006.1.7 .1.3.6.1.4.1.20006.1.3.1.2="CentOS" .1.3.6.1.4.1.20006.1.3.1.6="Users" .1.3.6.1.4.1.20006.1.3.1.7=1 .1.3.6.1.4.1.20006.1.3.1.17="USERS WARNING - 1 users currently logged in"


Firewall Rules

iptables and ip6tables

CentOS 6.x uses iptables / ip6tables to administer it's internal firewall.

Allow TCP port 80 inbound.
  • IPv4
    • Type iptables -I INPUT -p tcp --destination-port 80 -j ACCEPT and press Enter
    • Type service iptables save and press Enter
  • IPv6
    • Type ip6tables -I INPUT -p tcp --destination-port 80 -j ACCEPT and press Enter
    • Type service ip6tables save and press Enter

List firewall rules
  • IPv4
    • Type iptables --list and press Enter
  • IPv6
    • Type ip6tables --list and press Enter


firewall-cmd

CentOS 7.x uses firewall-cmd to administer it's internal firewall, it supports both IPv4 and IPv6.

Allow TCP port 80 inbound.
  • Type firewall-cmd --zone=public --add-port=80/tcp and press Enter
  • Type firewall-cmd --zone=public --add-port=80/tcp --permanent and press Enter

List firewall rules:
  • Type firewall-cmd --list-all and press Enter