HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   General (http://www.howtoforge.com/forums/forumdisplay.php?f=15)
-   -   open ports (http://www.howtoforge.com/forums/showthread.php?t=2128)

rayit 18th January 2006 10:27
open ports
 
I have installed ispconfig on xen

Strange thing is that if I do a nmap many ports show open.
The firewall is enabled in ispconfig and I installed portsentry extra

what did I miss?

thanks and greetings..

RayIT

Interesting ports on dsl29-251-100.fastxdsl.nl (80.100.251.29):
(The 1629 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
1/tcp open tcpmux
11/tcp open systat
15/tcp open netstat
21/tcp open ftp
22/tcp open ssh
53/tcp open domain
79/tcp open finger
80/tcp open http
81/tcp open hosts2-ns
110/tcp open pop3
111/tcp open rpcbind
119/tcp open nntp
135/tcp filtered msrpc
143/tcp open imap
199/tcp open smux
443/tcp open https
445/tcp filtered microsoft-ds
540/tcp open uucp
635/tcp open unknown
993/tcp open imaps
995/tcp open pop3s
1080/tcp open socks
1524/tcp open ingreslock
2000/tcp open callbook
6667/tcp open irc
12345/tcp open NetBus
12346/tcp open NetBus
27665/tcp open Trinoo_Master
31337/tcp open Elite
32771/tcp open sometimes-rpc5
32772/tcp open sometimes-rpc7
32773/tcp open sometimes-rpc9
32774/tcp open sometimes-rpc11
54320/tcp open bo2k

Nmap finished: 1 IP address (1 host up) scanned in 5.544 seconds

rayit 18th January 2006 10:50
maybe?
 
could thiis be the problem??

Installing module ip_tables. If the device isn't there, or isn't configured correctly, this could cause your system to pause for up to a minute.

Note: /etc/modprobe.d is more recent than /lib/modules/2.6.11.12-xenU/modules.dep
modprobe: QM_MODULES: Function not implemented

modprobe: QM_MODULES: Function not implemented

modprobe: Can't locate module ip_tables

Installation failed.
cat: /etc/modprobe.d/*: No such file or directory
depmod: QM_MODULES: Function not implemented


Please press ENTER when you are ready to continue.

rayit 18th January 2006 11:36
getting warm
 
solved the problem of ip-tables

modprobe: QM_MODULES: Function not implemented

modprobe: Can't locate module ip_tables


This solved it:
apt-get install module-init-tools

rayit 18th January 2006 11:46
this is the problem I think
 
:confused: any ideas????

Perhaps iptables or your kernel needs to be upgraded.
iptables v1.2.11: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.2.11: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.2.11: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
done.
touch: cannot touch `/var/lock/subsys/bastille-firewall': No such file or directory

till 18th January 2006 13:12
Quote:
Originally Posted by rayit
I have installed ispconfig on xen

Strange thing is that if I do a nmap many ports show open.
The firewall is enabled in ispconfig and I installed portsentry extra

what did I miss?

thanks and greetings..

RayIT

Interesting ports on dsl29-251-100.fastxdsl.nl (80.100.251.29):
(The 1629 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
1/tcp open tcpmux
11/tcp open systat
15/tcp open netstat
21/tcp open ftp
22/tcp open ssh
53/tcp open domain
79/tcp open finger
80/tcp open http
81/tcp open hosts2-ns
110/tcp open pop3
111/tcp open rpcbind
119/tcp open nntp
135/tcp filtered msrpc
143/tcp open imap
199/tcp open smux
443/tcp open https
445/tcp filtered microsoft-ds
540/tcp open uucp
635/tcp open unknown
993/tcp open imaps
995/tcp open pop3s
1080/tcp open socks
1524/tcp open ingreslock
2000/tcp open callbook
6667/tcp open irc
12345/tcp open NetBus
12346/tcp open NetBus
27665/tcp open Trinoo_Master
31337/tcp open Elite
32771/tcp open sometimes-rpc5
32772/tcp open sometimes-rpc7
32773/tcp open sometimes-rpc9
32774/tcp open sometimes-rpc11
54320/tcp open bo2k

Nmap finished: 1 IP address (1 host up) scanned in 5.544 seconds

The open ports where from portsentry. Portsentry binds itself to the ports to detect portscans.

till 18th January 2006 13:14
Quote:
Originally Posted by rayit
:confused: any ideas????

Perhaps iptables or your kernel needs to be upgraded.
iptables v1.2.11: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.2.11: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.2.11: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
done.
touch: cannot touch `/var/lock/subsys/bastille-firewall': No such file or directory
Have you had a look at this howto?

http://www.howtoforge.com/perfect_xe..._debian_ubuntu

As far as i know you will have to recompile your Kernel to use IPTables with xen.

rayit 18th January 2006 14:23
aihis and let you now
 
seems I forgot to compile the filter option of iptables in the new kernel domU

I will try to fix it and let you know..


thanks

RayIT


All times are GMT +2. The time now is 20:40.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.