Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

blocked for port scanning While using FTP to send files

Discussion in 'General Discussion' started by williamkevenis, Jan 5, 2012.

  1. williamkevenis

    williamkevenis Registered

    Joined:
    Jan 5, 2012
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    51
    cPanel Access Level:
    Root Administrator
    My clientsarewhensendingfiles to theFTPis being blocked byportscan..
    see below

    Code:
     lfd on srv.hostalagoas.com.br: 187.65.106.56 (BR/Brazil/bb416a38.virtua.com.br) blocked for port scanningTime:    Thu Jan  5 19:03:09 2012 -0200
IP:      187.65.106.56 (BR/Brazil/bb416a38.virtua.com.br)
Hits:    6
Blocked: Temporary Block

Sample of block hits:
Jan  5 19:02:30 srv kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:16:3e:54:d6:7a:00:15:2b:28:18:00:08:00 SRC=187.65.106.56 DST=63.143.32.72 LEN=52 TOS=0x00 PREC=0x00 TTL=110 ID=7134 DF PROTO=TCP SPT=57957 DPT=32672 WINDOW=65535 RES=0x00 SYN URGP=0
Jan  5 19:02:33 srv kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:16:3e:54:d6:7a:00:15:2b:28:18:00:08:00 SRC=187.65.106.56 DST=63.143.32.72 LEN=52 TOS=0x00 PREC=0x00 TTL=110 ID=7169 DF PROTO=TCP SPT=57957 DPT=32672 WINDOW=65535 RES=0x00 SYN URGP=0
Jan  5 19:02:39 srv kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:16:3e:54:d6:7a:00:15:2b:28:18:00:08:00 SRC=187.65.106.56 DST=63.143.32.72 LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=7287 DF PROTO=TCP SPT=57957 DPT=32672 WINDOW=65535 RES=0x00 SYN URGP=0
Jan  5 19:02:55 srv kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:16:3e:54:d6:7a:00:15:2b:28:18:00:08:00 SRC=187.65.106.56 DST=63.143.32.72 LEN=52 TOS=0x00 PREC=0x00 TTL=110 ID=7696 DF PROTO=TCP SPT=58041 DPT=55416 WINDOW=65535 RES=0x00 SYN URGP=0
Jan  5 19:02:57 srv kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:16:3e:54:d6:7a:00:15:2b:28:18:00:08:00 SRC=187.65.106.56 DST=63.143.32.72 LEN=52 TOS=0x00 PREC=0x00 TTL=110 ID=7727 DF PROTO=TCP SPT=58041 DPT=55416 WINDOW=65535 RES=0x00 SYN URGP=0
Jan  5 19:03:04 srv kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:16:3e:54:d6:7a:00:15:2b:28:18:00:08:00 SRC=187.65.106.56 DST=63.143.32.72 LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=7810 DF PROTO=TCP SPT=58041 DPT=55416 WINDOW=65535 RES=0x00 SYN URGP=0
     
    #1 williamkevenis, Jan 5, 2012
  2. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,609
    Likes Received:
    32
    Trophy Points:
    238
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    You could whitelist your IP in WHM > Plugins > ConfigServer Security & Firewall area so that LFD, their product, doesn't keep blocking you.

    If you would like to ask them why you are being blocked, you might post onto their product's forum:

    ConfigServer Scripts Forum
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 cPanelTristan, Jan 5, 2012
  3. XenomediaBV

    XenomediaBV Well-Known Member

    Joined:
    Sep 3, 2009
    Messages:
    60
    Likes Received:
    0
    Trophy Points:
    56
    Location:
    The Netherlands
    cPanel Access Level:
    Root Administrator
    Better yet... try this:

    Enable FTP Passive Mode
    (also for 11_36, but that page doesn't exist yet)

    after making the changes to the ftp config as described above add the Passive Mode port range (49152:65534) to your CSF config:

    Code:
    SECTION:IPv4 Port Settings
# Allow incoming TCP ports
TCP_IN = 20 ..... ,2096[B],49152:65534[/B]
    Restart FTP server and test with an FTP client.

    @cPanel: Can the FTP passive mode settings be added to the "FTP Server Configuration" screen?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #3 XenomediaBV, Apr 20, 2013
(You must log in or sign up to post here.)
Loading...
Similar Threads - blocked port scanning
  1. OgreMHDW

    Port 25 is blocked inbound and outbound

    OgreMHDW, Jul 4, 2017, in forum: E-mail Discussion
    Replies:
    1
    Views:
    460
    cPanelMichael
    Jul 4, 2017
  2. ItsMattSon

    SOLVED BIND Disabled & Port 53 blocked

    ItsMattSon, Sep 5, 2016, in forum: Bind/DNS/Nameserver
    Replies:
    6
    Views:
    1,128
    cPanelMichael
    Sep 19, 2016
  3. shahid foy

    connection refused how to open a port being blocked

    shahid foy, Aug 3, 2016, in forum: General Discussion
    Replies:
    1
    Views:
    1,099
    Infopro
    Aug 4, 2016
  4. Custom-Hosting

    How to login when port 2083 is blocked

    Custom-Hosting, Jun 27, 2016, in forum: General Discussion
    Replies:
    3
    Views:
    4,211
    cPanelMichael
    Jun 28, 2016
  5. 1968gtcs

    User being blocked because of repeated email login attempts

    1968gtcs, Jun 18, 2018 at 12:15 AM, in forum: E-mail Discussion
    Replies:
    6
    Views:
    113
    cPanelLauren
    Jun 20, 2018 at 9:39 AM

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice