#1  
Old 18th January 2006, 10:27
rayit rayit is offline
Member
 
Join Date: Nov 2005
Posts: 93
Thanks: 0
Thanked 2 Times in 2 Posts
Default open ports

I have installed ispconfig on xen

Strange thing is that if I do a nmap many ports show open.
The firewall is enabled in ispconfig and I installed portsentry extra

what did I miss?

thanks and greetings..

RayIT

Interesting ports on dsl29-251-100.fastxdsl.nl (80.100.251.29):
(The 1629 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
1/tcp open tcpmux
11/tcp open systat
15/tcp open netstat
21/tcp open ftp
22/tcp open ssh
53/tcp open domain
79/tcp open finger
80/tcp open http
81/tcp open hosts2-ns
110/tcp open pop3
111/tcp open rpcbind
119/tcp open nntp
135/tcp filtered msrpc
143/tcp open imap
199/tcp open smux
443/tcp open https
445/tcp filtered microsoft-ds
540/tcp open uucp
635/tcp open unknown
993/tcp open imaps
995/tcp open pop3s
1080/tcp open socks
1524/tcp open ingreslock
2000/tcp open callbook
6667/tcp open irc
12345/tcp open NetBus
12346/tcp open NetBus
27665/tcp open Trinoo_Master
31337/tcp open Elite
32771/tcp open sometimes-rpc5
32772/tcp open sometimes-rpc7
32773/tcp open sometimes-rpc9
32774/tcp open sometimes-rpc11
54320/tcp open bo2k

Nmap finished: 1 IP address (1 host up) scanned in 5.544 seconds
Reply With Quote
Sponsored Links
  #2  
Old 18th January 2006, 10:50
rayit rayit is offline
Member
 
Join Date: Nov 2005
Posts: 93
Thanks: 0
Thanked 2 Times in 2 Posts
Default maybe?

could thiis be the problem??

Installing module ip_tables. If the device isn't there, or isn't configured correctly, this could cause your system to pause for up to a minute.

Note: /etc/modprobe.d is more recent than /lib/modules/2.6.11.12-xenU/modules.dep
modprobe: QM_MODULES: Function not implemented

modprobe: QM_MODULES: Function not implemented

modprobe: Can't locate module ip_tables

Installation failed.
cat: /etc/modprobe.d/*: No such file or directory
depmod: QM_MODULES: Function not implemented


Please press ENTER when you are ready to continue.
Reply With Quote
  #3  
Old 18th January 2006, 11:36
rayit rayit is offline
Member
 
Join Date: Nov 2005
Posts: 93
Thanks: 0
Thanked 2 Times in 2 Posts
Talking getting warm

solved the problem of ip-tables

modprobe: QM_MODULES: Function not implemented

modprobe: Can't locate module ip_tables


This solved it:
apt-get install module-init-tools
Reply With Quote
  #4  
Old 18th January 2006, 11:46
rayit rayit is offline
Member
 
Join Date: Nov 2005
Posts: 93
Thanks: 0
Thanked 2 Times in 2 Posts
Default this is the problem I think

any ideas????

Perhaps iptables or your kernel needs to be upgraded.
iptables v1.2.11: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.2.11: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.2.11: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
done.
touch: cannot touch `/var/lock/subsys/bastille-firewall': No such file or directory
Reply With Quote
  #5  
Old 18th January 2006, 13:12
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,478
Thanks: 813
Thanked 5,255 Times in 4,121 Posts
Default

Quote:
Originally Posted by rayit
I have installed ispconfig on xen

Strange thing is that if I do a nmap many ports show open.
The firewall is enabled in ispconfig and I installed portsentry extra

what did I miss?

thanks and greetings..

RayIT

Interesting ports on dsl29-251-100.fastxdsl.nl (80.100.251.29):
(The 1629 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
1/tcp open tcpmux
11/tcp open systat
15/tcp open netstat
21/tcp open ftp
22/tcp open ssh
53/tcp open domain
79/tcp open finger
80/tcp open http
81/tcp open hosts2-ns
110/tcp open pop3
111/tcp open rpcbind
119/tcp open nntp
135/tcp filtered msrpc
143/tcp open imap
199/tcp open smux
443/tcp open https
445/tcp filtered microsoft-ds
540/tcp open uucp
635/tcp open unknown
993/tcp open imaps
995/tcp open pop3s
1080/tcp open socks
1524/tcp open ingreslock
2000/tcp open callbook
6667/tcp open irc
12345/tcp open NetBus
12346/tcp open NetBus
27665/tcp open Trinoo_Master
31337/tcp open Elite
32771/tcp open sometimes-rpc5
32772/tcp open sometimes-rpc7
32773/tcp open sometimes-rpc9
32774/tcp open sometimes-rpc11
54320/tcp open bo2k

Nmap finished: 1 IP address (1 host up) scanned in 5.544 seconds

The open ports where from portsentry. Portsentry binds itself to the ports to detect portscans.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #6  
Old 18th January 2006, 13:14
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,478
Thanks: 813
Thanked 5,255 Times in 4,121 Posts
Default

Quote:
Originally Posted by rayit
any ideas????

Perhaps iptables or your kernel needs to be upgraded.
iptables v1.2.11: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.2.11: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.2.11: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
done.
touch: cannot touch `/var/lock/subsys/bastille-firewall': No such file or directory
Have you had a look at this howto?

http://www.howtoforge.com/perfect_xe..._debian_ubuntu

As far as i know you will have to recompile your Kernel to use IPTables with xen.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #7  
Old 18th January 2006, 14:23
rayit rayit is offline
Member
 
Join Date: Nov 2005
Posts: 93
Thanks: 0
Thanked 2 Times in 2 Posts
 
Default aihis and let you now

seems I forgot to compile the filter option of iptables in the new kernel domU

I will try to fix it and let you know..


thanks

RayIT
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Mail System doesnt work! crichton Installation/Configuration 3 17th September 2007 23:49
Which ports should I open? Geoinline Installation/Configuration 4 18th November 2005 18:57
can't receive mail Jordy General 10 1st November 2005 19:15
Opened ports? ctroyp General 9 28th September 2005 09:28
Problem opening firewall port weedguy General 15 12th August 2005 01:05


All times are GMT +2. The time now is 07:34.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.