Well I decided to try make a proxy checker, like Charion or Elite proxy checker. These programs accept large lists of proxies in the IP:PORT format, ping them tell you the response time
see the screenshot of Elite Proxy Checker, im trying to make a simplified version of this program. http://i52.tinypic.com/a57slh.jpg
I investigated and made my checker using Ping.SendAsync(ip, timeout, ip) method.
It was only afterwards that I discovered that you can only Ping IP's using this method, not the ports as well.
Ive spent a few hours trying to find the correct class/methods in order to be able to ping ports, reading different forum posts from experts they say its impossible to ping ports only IPS, can only use sockets to try open a connection with the port.
However, I have seen programs that people have coded in VB.NET that ping in the IP:PORT format, ie lets you choose timeout, tells timeout, etc.
My question is , what classes methods should I be using to do this ?
Im pretty sure its not sockets... theyve got to be pinging the individual ports as well somehow.
Any help would be appreciated.
Cheers,
(I code for a hobby, im not a pro, so sorry if I make glaring errors)
Have a look at tcpping, here is the Windows version:
http://www.elifulkerson.com/projects/tcping.php
Related
this is my first question ever here so sorry if it's not in the right category or not perfectly explained. I'll do my best to be descriptive and precise.
Basically, I've done some port-forwarding for games as well as for server-client testing purposes for development. In the past, it's always worked perfectly fine. However, recently, I realized some things stopped working for no apparent reason.
After quite a while of testing, I noticed it was an issue with UDP. Things that require only TCP ports to be forwarded work just fine, however things that need UDP ports forwarded do not. I confirmed this by testing exactly the same application (a simple server-client app made in Godot just to test this) with both TCP and UDP. It connects fine through TCP, but not UDP.
This has never happened to me in the past. Any ideas on what the issue might be? I've Googled for hours and the only things I could find is that A. UDP troubleshooting is apparently incredibly difficult (especially on Windows) and B. Some people vaguely mention the possibility of it being a problem with my ISP filtering UDP stuff.
I've already made sure to check it's not a firewall issue, either. Not sure what else I could try. Am I just missing something really obvious here? Thanks greatly in advance for any possible ideas or suggestions.
You might not get UDP responses because server might be using that specific ports for TCP.
Different UDP scanners using different techniques may come to different results.
There is a possibility of ISP filtering UDP port only if there is hidden NAT -Meaning you will be assigned a public IP, but still would be reaching internet on a different IP (NAT'CEPTION), check for what is my ip to confirm this.
You can take a wireshark packet capture on an upstream device (Firewall or modem if possible)
I have a webcam chat room application (so it's many-to-many video sharing) using WebRTC and a mediasoup server.
I am having problems with SOME of my users not being able to get an incoming video feeds to work. It's a difficult problem because I can't reproduce it at all, and I can't easily "remote-debug" the problem since most of my users are very non-technical. So far the only thing I can tell for certain is that it seems to be network-related, not browser-related, as I have had bug reports from people using Firefox, Chrome, Safari, and Edge. I'm running my server (mediasoup v2) on port 443 with no firewall on the server box, so that should make the door as wide as possible. I just don't know what the exact problem is yet so I'm feeling around in the dark.
So, I'm trying solutions. I don't think(?) I have a TURN server set up but from what I have read, it seems like adding one certainly can't hurt, and could help with my situation.
I don't fully understand the entire WebRTC protocol or RFC 7118 (this stuff is really complicated!) or exactly what/where/how a TURN server fits into the bigger picture. It would help, right? A lot of Googling has led to no clear answers. Would love some help! Thank you!
WebRTC tries everything it can do to make a p2p connection, but there are times that it will fail. The turn server acts as a last resort so that the peers can both connect through the turn server. Obviously this is not a p2p connection, so there will be extra latency, and you will have to make sure that your turn server has enough bandwidth to cover all of the connections you expect.
TL;DR, If you need 100% connection rates, you should have a turn server.
I believe AWS has a ready made instance you can spin up, or if you could use this open source coturn server https://github.com/coturn/coturn
On a debugging note... Check your ice candidates type. You should see host and srflx if you only have a STUN server, but if you have a TURN server you will also see relay. You can replicate this issue by discarding the ice candidates that have host and srflx types.
I'm running my server (mediasoup v2) on port 443 with no firewall on the server box, so that should make the door as wide as possible
That is websocket. The media traffic runs over UDP typically and mediasoup uses random ports. A TURN server which is configured on udp port 443 may help in some cases.
The other problem is UDP being blocked which is easy to reproduce with a local firewall.. Mediasoup supports something called ice-tcp which will allow media to run over a TCP connection. You should check if your mediasoup installation uses ice-tcp. If it does not, a TURN server with TURN/TCP will help.
I'm trying to SSH between two computers behind router without port forwarding at least on one end, which is the computer I'm trying to access.
Now. seems like this got something to do with SSH tunneling and I've been trying to achieve something but unfortunately I'm not getting there.
My main purpose is to make a website that will have full access to my computer that's behind the router and be able to control that computer from the website.
Now question is: is this even possible? I tried to use AWS since I get a public IP that will help me with the port forwarding issue on the computer behind the router but no luck too.
I would appreciate some help or suggestions on how to do that.
I think that is possible.
Take a look in Guacamole.
Guacamole is a clientless remote desktop gateway. It supports standard protocols like VNC and RDP.
We have a Win Server 2008 box being hosted (dedicated) for us.
I need to connect to one of it's DB's from a server in our LAN.
What started out as a "sure, I'll just throw that together for you real quick" project has turned into a week-long hair-pulling pile of WTF :)
I am able to RDP into that server without fail or issue.
When I tried to connect to the DB, I got a generic "could not connect" error, so I went hunting.
Telnet attemtps and pings time out.
Since then, we have tried endless variations of firewall settings (including wide open), and still ... no go.
In addition to our firewall, the hosting provider also has a firewall layer.
We turned on all logging, and we don't even see any connection attempts at our FW.
We then had the hosting provider turn on all logging, and they don't see any connection attempts either!
Hrmmmph
I'm at a complete loss.
Any suggestions?
BTW, while I'm comfortable enough with all this to explore and make changes, my experience with firewalls and stuff is fairly limited, so don't hesitate to dumb it down ;)
It is hard to give just one answer to this question, because the interim results of the problem analysis lead to different steps that you need to do next. It will more likely be a step by step help with tracing down the problem.
Do not trust any firewall setting (esp. not any that someone else did, and again esp. not if you don't know him), unless you tested it. Firewall settings are tricky and even experienced professionals get them wrong now and then.
In the guide below, I will write <win2008server> in commands where you have to put the name or IP of the windows 2008 server to which you want to connect. On the other side, I will use the expression "office PC" when I mean your workstation PC in the office from where you are trying to connect to the win2008server.
STEP 1: Checking the Endpoints
1.) Can you telnet to the RDP port?
On your office PC, try this on a command prompt:
telnet <win2008server> 3389
This is to make sure that DNS name resulution works for telnet, as well as network hardware and routing. It should, because you can use RDP to establish this connection. However, anything can get in between, like the telnet command being in any way configured nonstandard or being replaced for whatever reason on a company pc (sysadmins have strange ideas at times...).
2.) Can you telnet locally on the win2008server to the database?
When logged in using RDP on the win2008server, open a command prompt on the server and issue the command
telnet <win2008server> <database port>
That means you are trying to connect from the server to itself. This is to make sure the database port is open on the server.
STEP 2: Checking the Firewalls of the Endpoints
If for 1.) and 2.), your answer is yes it works, you have to test if either the remote side can not be reached or your location can not connect to the internet on the port you are testing (database port). You do this by replacing the respective other side with any other host on the internet for which you know it's reachable or can reach other servers. Typically, you google for a port checker ;)
3.) Check if the win2008server can be reached from another location than yours:
3.1.) Check if the RDP port of the win2008server can be reached from a third party location:
Google for port checker and take the first result (e.g. http://www.yougetsignal.com/tools/open-ports/ ). Type in the name or IP address of the win2008server and the RDP port, usually 3389 . Click on "check" and wait for the success or the timeout.
3.2.) Check if the database port of the win2008server can be reached from a third party location:
Do the same as in 3.1.), just with the database port instead of the RDP port.
4.) Check if you can connect to an outside server on the database port:
For this to work, you need to know a server or create one, which is somewhere outside on the internet, and which listens on the database port. You typically do this by keeping your private PC at home run and accessible through RDP or SSH, and there you open a server and configure your private internet router to forward the connection correctly.
Another way to do this test is webspace with SSH access. Many webspace providers nowadays allow for an SSH login (usually any webspace at $4/month and above).
Let's assume you have SSH access to any such third party place. You can use nc (netcat) there to open a server socket on the database port with this command:
nc -l <database port>
If it's your private PC at home, you usually have to also configure your private router and set up a dynamic DNS name for your internet access for the whole story to work out. You do not have this extra work with a webspace based SSH login. However, there you can not test ports below 1024 because you do not have the privileges. Good luck with this ;)
After you got this, try connecting to the port that you opened:
4.1.) From your office PC with
telnet <third party location> <database port>
4.2.) If 4.1.) does not work, also try with the port checker, because you might have gotten something wrong with setting up the server. Look at 3.) for this, and use the <third party location> and <database port> with the port checker (fourth party check).
STEP 3: Blaming ;)
At least one of the things should have failed by now and you can start calling people and letting them know about your tests and the results. You should be able to combine the results logically, but never start with that. Think about how to convey the information. Start out with your findings and then let them have a moment for their own conclusion. It can be difficult to tell someone in another company or department that their firewall isn't configured correctly. They might deny this even in the presence of proof. Be patient. Explain your findings again. Hint at the conclusion. This can be the trickiest part of the whole problem solution.
I have to say that today I had the same problem.
My solution was just to edit secpol.msc and disable all the FW profiles; then, run services.msc and also disable Windows Firewall service.
After this server was pingable for me.
I have observed a different behaviour between netcat and telnet when connecting to the public route server bgp-view.tvnetwork.hu and issuing the command show ip bgp.
Using Telnet the output (which is normally some tens of thousands lines long) is truncated and in order to view it all you have to press space or enter to continue (like the man pages). When I connect with netcat it just starts dumping all the output and after the first few hundred lines it hangs. Even if I state explicitly that I want to pause after the first 100 lines using the command terminal length 100 netcat doesn't change behaviour.
Do you have any idea why this happens and how it can be resolved?
My OS is ubuntu 10.4 and the route server runs Quagga (version 0.99.5). With other type of routers (cisco or juniper) that problem doesn't appear.
Thank you.
ps. I wanted to tag the question as route-server but I cannot create new tags :(
EDIT:
The problem is that netcat doesn't negotiate window size (see my answer bellow). Netcat's -t parameter is used to negotiate telnet options but it replies with negations (DON'T or WON'T) so the question is how to make netcat to negotiate telnet options. Maybe I'll post a new question for this matter.
I found a similar discrepancy with SSH 1.5, on juniper routers. When I was implementing a network topology tool, I had to use two different SSH libraries in Java to get things to work. I never completely diagnosed the problem, but it looked like there was an issue with how one of my libraries was handshaking, as opposed to how the ssh server on the router was expecting things to be done. For this case, my connections were just being dropped. I had to use four libraries to support three protocols : telnet, ssh 1.5 and ssh 2.0.
I would not be surprised at all if this is a router specific issue. Unfortunately, I don't have any useful suggestions for you other than to try a different library or program to accomplish your goals. If you feel like troubleshooting the actual issue, you could watch the packets go through.
Thanks,
-Brian-
OK, mystery solved with wireshark.
The problem was the negotiation of telnet options.
The server requests from the telnet client "Do Negotiate About Window Size" but the client wasn't negotiating and even with the -t option netcat replies "Won't Negotiate About Window Size".
I created a java telnet client with the apache commons library to negotiate about the window size using the WindowSizeOptionHandler() constructor and it works fine. Now I just have to find how to do it with netcat.