The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

blocked for port scanning While using FTP to send files

Discussion in 'General Discussion' started by williamkevenis, Jan 5, 2012.

  1. williamkevenis

    williamkevenis Registered

    Joined:
    Jan 5, 2012
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    51
    cPanel Access Level:
    Root Administrator
    My clientsarewhensendingfiles to theFTPis being blocked byportscan..
    see below

    Code:
     lfd on srv.hostalagoas.com.br: 187.65.106.56 (BR/Brazil/bb416a38.virtua.com.br) blocked for port scanningTime:    Thu Jan  5 19:03:09 2012 -0200
IP:      187.65.106.56 (BR/Brazil/bb416a38.virtua.com.br)
Hits:    6
Blocked: Temporary Block

Sample of block hits:
Jan  5 19:02:30 srv kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:16:3e:54:d6:7a:00:15:2b:28:18:00:08:00 SRC=187.65.106.56 DST=63.143.32.72 LEN=52 TOS=0x00 PREC=0x00 TTL=110 ID=7134 DF PROTO=TCP SPT=57957 DPT=32672 WINDOW=65535 RES=0x00 SYN URGP=0
Jan  5 19:02:33 srv kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:16:3e:54:d6:7a:00:15:2b:28:18:00:08:00 SRC=187.65.106.56 DST=63.143.32.72 LEN=52 TOS=0x00 PREC=0x00 TTL=110 ID=7169 DF PROTO=TCP SPT=57957 DPT=32672 WINDOW=65535 RES=0x00 SYN URGP=0
Jan  5 19:02:39 srv kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:16:3e:54:d6:7a:00:15:2b:28:18:00:08:00 SRC=187.65.106.56 DST=63.143.32.72 LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=7287 DF PROTO=TCP SPT=57957 DPT=32672 WINDOW=65535 RES=0x00 SYN URGP=0
Jan  5 19:02:55 srv kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:16:3e:54:d6:7a:00:15:2b:28:18:00:08:00 SRC=187.65.106.56 DST=63.143.32.72 LEN=52 TOS=0x00 PREC=0x00 TTL=110 ID=7696 DF PROTO=TCP SPT=58041 DPT=55416 WINDOW=65535 RES=0x00 SYN URGP=0
Jan  5 19:02:57 srv kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:16:3e:54:d6:7a:00:15:2b:28:18:00:08:00 SRC=187.65.106.56 DST=63.143.32.72 LEN=52 TOS=0x00 PREC=0x00 TTL=110 ID=7727 DF PROTO=TCP SPT=58041 DPT=55416 WINDOW=65535 RES=0x00 SYN URGP=0
Jan  5 19:03:04 srv kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:16:3e:54:d6:7a:00:15:2b:28:18:00:08:00 SRC=187.65.106.56 DST=63.143.32.72 LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=7810 DF PROTO=TCP SPT=58041 DPT=55416 WINDOW=65535 RES=0x00 SYN URGP=0
     
    #1 williamkevenis, Jan 5, 2012
  2. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,622
    Likes Received:
    25
    Trophy Points:
    238
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    You could whitelist your IP in WHM > Plugins > ConfigServer Security & Firewall area so that LFD, their product, doesn't keep blocking you.

    If you would like to ask them why you are being blocked, you might post onto their product's forum:

    ConfigServer Scripts Forum
     
    #2 cPanelTristan, Jan 5, 2012
  3. XenomediaBV

    XenomediaBV Well-Known Member

    Joined:
    Sep 3, 2009
    Messages:
    60
    Likes Received:
    0
    Trophy Points:
    56
    Location:
    The Netherlands
    cPanel Access Level:
    Root Administrator
    Better yet... try this:

    Enable FTP Passive Mode
    (also for 11_36, but that page doesn't exist yet)

    after making the changes to the ftp config as described above add the Passive Mode port range (49152:65534) to your CSF config:

    Code:
    SECTION:IPv4 Port Settings
# Allow incoming TCP ports
TCP_IN = 20 ..... ,2096[B],49152:65534[/B]
    Restart FTP server and test with an FTP client.

    @cPanel: Can the FTP passive mode settings be added to the "FTP Server Configuration" screen?
     
    #3 XenomediaBV, Apr 20, 2013
(You must log in or sign up to post here.)
Loading...
Similar Threads - blocked port scanning
  1. OgreMHDW

    Port 25 is blocked inbound and outbound

    OgreMHDW, Jul 4, 2017, in forum: E-mail Discussions
    Replies:
    1
    Views:
    93
    cPanelMichael
    Jul 4, 2017
  2. ItsMattSon

    SOLVED BIND Disabled & Port 53 blocked

    ItsMattSon, Sep 5, 2016, in forum: Bind / DNS / Nameserver Issues
    Replies:
    6
    Views:
    593
    cPanelMichael
    Sep 19, 2016
  3. shahid foy

    connection refused how to open a port being blocked

    shahid foy, Aug 3, 2016, in forum: General Discussion
    Replies:
    1
    Views:
    587
    Infopro
    Aug 4, 2016
  4. Custom-Hosting

    How to login when port 2083 is blocked

    Custom-Hosting, Jun 27, 2016, in forum: General Discussion
    Replies:
    3
    Views:
    1,792
    cPanelMichael
    Jun 28, 2016
  5. razrdj

    Webmail Port Blocked

    razrdj, Jan 15, 2016, in forum: E-mail Discussions
    Replies:
    5
    Views:
    489
    Infopro
    Jan 18, 2016

Share This Page