I think netstat -anp will show what ports are used by services/daemons. So the command won't show you the port which is opened by not used by some service. Probably you need to use the command:
iptables --list
it will show you the firewall policy. Sure, the command will work on a Linux box with iptables.
iptables --list
it will show you the firewall policy. Sure, the command will work on a Linux box with iptables.
firstly I want to say thank you for your time to read and reply.
I didn't understand anything
I couldn't even check!
I have to check if the server's firewall is not blocking outgoing port 80 or 443. If yes I have to open them.
but I have no idea how!
The commands which you gave me for SSH I checked them (both) but I couldn't see if the ports are blocked or not!
Thanks in advance.
I didn't understand anything
I couldn't even check!I have to check if the server's firewall is not blocking outgoing port 80 or 443. If yes I have to open them.
but I have no idea how!
The commands which you gave me for SSH I checked them (both) but I couldn't see if the ports are blocked or not!
Thanks in advance.
Ok, the question is clear now. You can check if the ports are opened/closed by running the commands:
telnet domain.com 80
telnet domain.com 443
in SH of the server. If you get something like:
Trying xxx.xxx.xxx.xxx...
telnet: connect to address xxx.xxx.xxx.xxx: Connection refused
it means the port is closed.
Also, make sure your browser opens http://domain.com fine.
telnet domain.com 80
telnet domain.com 443
in SH of the server. If you get something like:
Trying xxx.xxx.xxx.xxx...
telnet: connect to address xxx.xxx.xxx.xxx: Connection refused
it means the port is closed.
Also, make sure your browser opens http://domain.com fine.
What OS are you using? CentOS, FreeBSD, RHE? To see what ports open, you can run the following command:
/usr/bin/nmap localhost
You can install nmap using this command (assuming you have CentOS or FC):
yum install nmap
In any case, by default, the vast majorit of Linux servers have the following ports open:
Code:
PORT STATE SERVICE
1/tcp open tcpmux
21/tcp open ftp
25/tcp open smtp
26/tcp open unknown
53/tcp open domain
80/tcp open http
110/tcp open pop3
111/tcp open rpcbind
143/tcp open imap
443/tcp open https
465/tcp open smtps
631/tcp open ipp
783/tcp open hp-alarm-mgr
953/tcp open rndc
993/tcp open imaps
995/tcp open pop3s
3306/tcp open mysqlHow to CLOSE ports?
Well, since there's an OPEN port discussion......can anyone tell me how to CLOSE unused ports?? A PCI scan says we have excess ports open, such as:
2082 tcp -- unknown http
2083 tcp -- unknown https
2086 tcp -- unknown http
2087 tcp -- unknown https
Well, since there's an OPEN port discussion......can anyone tell me how to CLOSE unused ports?? A PCI scan says we have excess ports open, such as:
2082 tcp -- unknown http
2083 tcp -- unknown https
2086 tcp -- unknown http
2087 tcp -- unknown https
How do you define "unused ports"? You can block and/or open a port using iptables command. Use this command at your own risk:
/sbin/iptables -A OUTPUT -p TCP -s 0/0 --destination-port 6667 -j REJECT
This will shut down port 6667.
Removing an IP from IPTABLES
Hot on the heels of IPTABLES, lets say an IP addresses have been banned by IP tables.
How do you then remove that ip address from IPTABLES' banned lists?
Hot on the heels of IPTABLES, lets say an IP addresses have been banned by IP tables.
How do you then remove that ip address from IPTABLES' banned lists?
Tried the above, it says bad rule, matching rules exists and it still doesnt solve our problem of 2 servers banning each other.
Out of the many servers, these 2 servers just cant communicate with each other but they can with teh rest, this is driving us nut.
Out of the many servers, these 2 servers just cant communicate with each other but they can with teh rest, this is driving us nut.
How about iptables -f, then iptables -r and then if still doesn't work, try again with jay's suggested rule?
