I am running out of Ideas. I did look for others similar subject but almost all suggest firewall or checking if program is really listening on this port.
Because my internet provider su__, their equipment can not forward port 80, I am running my Apache on port 10080, later also try 10081. Because the page never opened I started to investigate with Wireshark. I get some record on this port so I continue testing with writing own TCPServer and TCPClient. I am using the same code except for host and port. In console I get error:
SocketException: System.Net.Sockets.SocketException (0x80004005): No
connection could be made because the target machine actively refused
it 193.77..:10080 at System.Net.Sockets.TcpClient..ctor(String
hostname, Int32 port) at Client.Program.Connect(String server,
String message) in d:\Projekti\ASP.N
ET\Tests\Client\Client\Program.cs:line 33
At this point I can say, that Apache and demo program worked when using for host localhost, but not when I use home.mydomain.si. Of course subdomain is routed to my static ip (because remote desktop is working). Both ports are routed to 192.168.1.27. I use static IP not DHCP.
I add exception for inbound and outbound rules for port 10080 and 10081. Then I even disable firewall. No antivirus is installed. Using Windows 7. Netstat shows that someone is listening on port 10080. Wireshark shows some activity on port 10080. Screenshot Wireshark is for TCPListener program not Apache.
Please share some ideas. I am desperate.
Related
I'm trying to use telnet to check if the port of an application is open.
But i'm receiving the following error:
Connecting To 192.168.1.10...Could not open connection to the host, on port 3001: Connect failed
I assume the port is closed, but is it also possible the port is being in use by another program? Hence why i'm not able to test using telnet?
Now if this is the case, how come some ports allow simultaneous connections from clients and some don't?
All ports allow simultaneous connections from clients when some program is listing on that port. Connect failed means that the port is not listening or a firewall interfered.
You can find out if that port is open by using netstat or on Windows tcpview.
I am running Kali Linux on VMware. The host operating system is windows 7, and I'm using NAT for connectivity.
In my metasploit console, when I typed 'exploit' at the msf prompt,(where I am using windows/meterpreter/reverse_tcp as the payload) it showed me the error
Handler failed to bind to My IP:4444
(My IP is my external IP address.)
So in the VMware virtual network editor, I have port forwarded port 4444 of host PC to port 4444 of the virtual PC. Then I allowed inbound packets in the firewall of the host PC, for port 4444 of the host PC.
To ensure that everything is alright, I set up an apache server on the virtual PC, that serves a webpage when accessed via port 4444. The server served flawlessly when I accessed it with an external browser. Satisfied, I shut down the server.
But guess what? Metasploit console has thrown up the same error when I typed 'exploit' again in the msf prompt.
What to do now?
What did it say the reason for failing was.
I'm assuming the full error was failed to bind to port 4444 port is already in use.
You can not run a server on the same port you are trying to bind to.
The correct way to do this is to port forward through your router. Open your router settings and port forward port 4444 to your machines local ip.
libvirt.libvirtError: unable to connect to server at 'ccrfox112:49152': Connection timed out
When migrating QEMU guests, without tunnelling via libvirtd, QEMU will listen on a port number in the range 49152->49216 for a connection from the source host. This error messages shows that the source host was unable to connect to the target host. You've not provided any useful information about your setup, so I'd have to guess that probably you have firewall rules on the target host that are blocking the source host access to the TCP port in question.
I open IE explorer & Chrome in my computer and type localhost:80 and I get the index page.
Here I think my machine's IP is same to both connections (IE explorer & Chrome) and ports are too (80).
Note: Source port will be different (as destination is same: localhost IP), this is my second question.
So how webserver (lets say apache) handles this port 80 connections without failing? Does it port forwarding? In OS level even I tried with addr re-use, port re-use parameters and it is all same we cannot make multiple connection with same IPs & ports.
Now, probably you have came up with a solution: although source ports and IPs are same, destination port is different in package: <protocol>, <src addr>, <src port>, <dest addr>, <dest port>.
A. I got 49483~50004 ports as you can see on image. How client knows which destination port (49483~50004) is bound by webserver? If it is random between 0 and 65355 the webserver always binds all ports, it is very resource consuming. How webservers avoid from this?
Look at this image: command prompt-> netstat
If this question is related with low level sources it is OK, I understand Embedded TCP/IP/UDP, Phy MAC communication and package structures.
You have this all back to front.
All the port numbers at the server are the same: 80. So the client only has to know port 80.
All the port numbers at the client are different: 49483-50004 etc. So there is no ambiguity in the connection, because the 4-tuple you mentioned is unique.
All http request by default call to servers in the port 80, because servers listen by default in that port. So you only give an IP or hostname and the web browser add the default port (80). You can give a custom port if you web server is listenning in another port (usually Tomcat listen by default in 8080) for example you call it in: http://www.youamazingweb.com:8080.
A good example is see the IP as the home and the port is the door where clients enter to consume some resource hosted in server.
I am trying to set up an HTTPS site on IIS 7. I have added the certificate, set up the appropriate bindings and the site is accesible from within my company's intranet, however no one from the outside internet can access it. I have a 1:1 NAT forward set up for port 443 that should route requests to the IP address for my server. I have the same situation for port 80 and don't have any issues with http sites being accessible.
Any suggestions for what I might be missing here?
UPDATE:
As it turns out, the company that manages my company's firewall had added the exception for https and 443, and the correct routing, but hadn't added an exception for the process that handles https.
For starters, from outside, use telnet to see if you can even get to the port from outside:
telnet <host name or ip> 443
Note the space before the port.
If the telnet screen goes fully black, w cursor in top left, you can connect, so it is an iis issue.
If telnet just sits there, it is trying to connect but can't. It may finally throw "connection refused" or "could not connect." This means the problem is on the physical firewall (which needs the inbound path opened) or on the iis server itself (in its firewall or iis config)
In this case, next step:
Do the telnet operation on the IIS server itself, and from the same network as IIS (e.g. not through the firewall).
-- If this works: The problem is the network firewall config
-- If this does not work, you need to check the firewall on the IIS server itself (the windows firewall), and the IIS config itself
Note, on windows 7 and vista, telnet may not be present out of the box. Google how to enable it.