Dejin

Member
Sep 24, 2006
5
0
151
Hi folks,
I have to check if some ports are open or not. If they are not open, I have to open them!
How to do that?

My Server information is :
WHM 10.8.0 cPanel 10.8.2-R119
Fedora i686 - WHM X v3.1.0

Thanks in advance
 

tweakservers

Well-Known Member
Mar 30, 2006
379
0
166
login to your server via SSH and execute the following command:

netstat -anp
 

krava

Well-Known Member
Sep 23, 2003
149
0
166
cPanel Access Level
Root Administrator
I think netstat -anp will show what ports are used by services/daemons. So the command won't show you the port which is opened by not used by some service. Probably you need to use the command:

iptables --list

it will show you the firewall policy. Sure, the command will work on a Linux box with iptables.
 

Dejin

Member
Sep 24, 2006
5
0
151
firstly I want to say thank you for your time to read and reply.

I didn't understand anything :) I couldn't even check!

I have to check if the server's firewall is not blocking outgoing port 80 or 443. If yes I have to open them.

but I have no idea how!

The commands which you gave me for SSH I checked them (both) but I couldn't see if the ports are blocked or not!

Thanks in advance.
 

krava

Well-Known Member
Sep 23, 2003
149
0
166
cPanel Access Level
Root Administrator
Ok, the question is clear now. You can check if the ports are opened/closed by running the commands:

telnet domain.com 80

telnet domain.com 443

in SH of the server. If you get something like:

Trying xxx.xxx.xxx.xxx...
telnet: connect to address xxx.xxx.xxx.xxx: Connection refused

it means the port is closed.

Also, make sure your browser opens http://domain.com fine.
 

simonius

Registered
Jan 28, 2007
1
0
151
Okay, I get the message, that the connection refused. What do I have to do, to open the port?
 

Defcon

Registered
Jan 28, 2007
3
0
151
Hye! I'm running on cPanel X v2.6.0. I'm just taking a hosting package that's mean i dont have an access to login WHM. Let say i'm as a customer/client under account cPanel X v2.6.0 how i can check any open & close port list?
 

AndyReed

Well-Known Member
PartnerNOC
May 29, 2004
2,221
4
193
Minneapolis, MN
The commands which you gave me for SSH I checked them (both) but I couldn't see if the ports are blocked or not!
What OS are you using? CentOS, FreeBSD, RHE? To see what ports open, you can run the following command:
/usr/bin/nmap localhost
You can install nmap using this command (assuming you have CentOS or FC):
yum install nmap

In any case, by default, the vast majorit of Linux servers have the following ports open:
Code:
PORT     STATE SERVICE
1/tcp    open  tcpmux
21/tcp   open  ftp
25/tcp   open  smtp
26/tcp   open  unknown
53/tcp   open  domain
80/tcp   open  http
110/tcp  open  pop3
111/tcp  open  rpcbind
143/tcp  open  imap
443/tcp  open  https
465/tcp  open  smtps
631/tcp  open  ipp
783/tcp  open  hp-alarm-mgr
953/tcp  open  rndc
993/tcp  open  imaps
995/tcp  open  pop3s
3306/tcp open  mysql
 

innsites

Well-Known Member
Nov 30, 2005
57
0
156
How to CLOSE ports?

Well, since there's an OPEN port discussion......can anyone tell me how to CLOSE unused ports?? A PCI scan says we have excess ports open, such as:

2082 tcp -- unknown http
2083 tcp -- unknown https
2086 tcp -- unknown http
2087 tcp -- unknown https
 

AndyReed

Well-Known Member
PartnerNOC
May 29, 2004
2,221
4
193
Minneapolis, MN
can anyone tell me how to CLOSE unused ports??
How do you define "unused ports"? You can block and/or open a port using iptables command. Use this command at your own risk:
/sbin/iptables -A OUTPUT -p TCP -s 0/0 --destination-port 6667 -j REJECT
This will shut down port 6667.
 

brendanrtg

Well-Known Member
Oct 4, 2006
311
0
166
Removing an IP from IPTABLES

Hot on the heels of IPTABLES, lets say an IP addresses have been banned by IP tables.

How do you then remove that ip address from IPTABLES' banned lists?
 

brendanrtg

Well-Known Member
Oct 4, 2006
311
0
166
Tried the above, it says bad rule, matching rules exists and it still doesnt solve our problem of 2 servers banning each other.

Out of the many servers, these 2 servers just cant communicate with each other but they can with teh rest, this is driving us nut.:(