Ports Open - Aix

This is a discussion on Ports Open - Aix ; I want to see if the firewall ports between the two aix server have been opened or not. Is there any way to do that ? I know that there are netstat -an command , but not interested in that ...

+ Reply to Thread
Results 1 to 9 of 9

Thread: Ports Open

  1. Ports Open

    I want to see if the firewall ports between the two aix server have
    been opened or not. Is there any way to do that ?

    I know that there are netstat -an command , but not interested in that
    as it gives me the status only on source and recipient server, what I
    am morre interested in is checking the firewall ports. Not sure if
    ping can be used with the port numbers to check this ?

    Ciao

  2. Re: Ports Open

    invincible schrieb:
    > I want to see if the firewall ports between the two aix server have
    > been opened or not. Is there any way to do that ?
    >
    > I know that there are netstat -an command , but not interested in that
    > as it gives me the status only on source and recipient server, what I
    > am morre interested in is checking the firewall ports. Not sure if
    > ping can be used with the port numbers to check this ?
    >
    > Ciao

    Hi,

    often "telnet " works. If the port is open and
    remote service is running on specified port) in a lot of cases you'll
    get something like:

    $ telnet remotehost 2049 (checks NFS)
    Trying...
    Connected to remotehost.
    Escape character is '^]'.

    If the port is not open on your firewall, you'll get a timeout.

    PS:
    I'm aware that this is not a full check, since you can imagine reasons
    for getting no answer although firewall port is open. But if you get a
    answer like above, then the port is definetely open.

    Regards,
    Uwe Auer

  3. Re: Ports Open

    Uwe Auer pisze:
    [CUT...]
    > often "telnet " works. If the port is open and
    > remote service is running on specified port) in a lot of cases you'll
    > get something like:


    [CUT...]
    Yep, that true - telnet ofeten will tell you about open port - if port
    is open of course . You cannot check fully firewall using this
    technique. Question is what kind of firewall is this? (hw or softw)?
    If HW - and you're admin of this FW - U should be able to check
    connections on your equpiment... - if not ask your net guys. If this is
    softw FW - question - where is this one installed.
    If you trying to check some machine - let say to attack - hmmm... read
    about sniffing tools.

    Regards,
    Blazej Antczak

  4. Re: Ports Open

    Blazej Antczak schrieb:
    > Uwe Auer pisze:
    > [CUT...]
    >> often "telnet " works. If the port is open
    >> and remote service is running on specified port) in a lot of cases
    >> you'll get something like:

    >
    > [CUT...]
    > Yep, that true - telnet ofeten will tell you about open port - if port
    > is open of course . You cannot check fully firewall using this
    > technique.


    If you wouldn't have [CUT], then this might be clear from my answer

    > Question is what kind of firewall is this? (hw or softw)?


    What does this matter ?

    > If HW - and you're admin of this FW - U should be able to check
    > connections on your equpiment...


    If OP is FW admin, i would assume that he wouldn't have asked.

    > - if not ask your net guys.


    If you always trust in what your networks guys tell, then a good approach.

    > If this is
    > softw FW - question - where is this one installed.


    Is it really important for an AIX admin, who wants to check a port to be open or
    not, whether FW is HW or SW ?

    > If you trying to check some machine - let say to attack - hmmm... read
    > about sniffing tools.
    >

    I do not assume OP wants to attack some systems. For enterprise environments
    it's a common problem to AIX sysadmins to check whether a FW change has been
    performed as requested. And I assume the OP to have that problem, without havin
    any permission to check the FW directly.

    > Regards,
    > Blazej Antczak


    Reagards,
    Uwe Auer

  5. Re: Ports Open

    Uwe Auer pisze:
    > Blazej Antczak schrieb:
    >> Uwe Auer pisze:
    >> [CUT...]
    >>> often "telnet " works. If the port is open
    >>> and remote service is running on specified port) in a lot of cases
    >>> you'll get something like:

    >>
    >> [CUT...]
    >> Yep, that true - telnet ofeten will tell you about open port - if port
    >> is open of course . You cannot check fully firewall using this
    >> technique.

    >
    > If you wouldn't have [CUT], then this might be clear from my answer
    >


    I can agree with that - maybe [CUT] was too quick this time...

    >> Question is what kind of firewall is this? (hw or softw)?

    >
    > What does this matter ?


    Matter is in way of checking.
    >
    >> If HW - and you're admin of this FW - U should be able to check
    >> connections on your equpiment...

    >
    > If OP is FW admin, i would assume that he wouldn't have asked.


    Hmmmm.... maybe my fault. Maybe too many years with ppls, who asking
    about everything?

    >> - if not ask your net guys.

    >
    > If you always trust in what your networks guys tell, then a good approach.
    >

    I never trust net guys - but they are first source of any answer in net
    questions if you're not dealing with net infrestructure.

    >> If this is softw FW - question - where is this one installed.

    >
    > Is it really important for an AIX admin, who wants to check a port to be
    > open or not, whether FW is HW or SW ?
    >

    if sw - yes - because can happend that FW was installed on this AIX by
    previous stuff member. I can't imagine every possible situation...

    >> If you trying to check some machine - let say to attack - hmmm... read
    >> about sniffing tools.
    >>

    > I do not assume OP wants to attack some systems. For enterprise
    > environments it's a common problem to AIX sysadmins to check whether a
    > FW change has been performed as requested. And I assume the OP to have
    > that problem, without havin any permission to check the FW directly.
    >

    In most cases yes - but depends what you understand by entreprise.
    Anyway - we're loosing time to discuss any other things except an issue.
    Maybe my fault this time . EOT

    Rgrds,
    Blazej

  6. Re: Ports Open

    Hello,

    It has been mentioned that telnet is incomplete.
    Here is why:
    1) Can't open a connection if there is not a service listening on
    the remote machine. (Mentioned above)
    2) Can't be used to check udp ports.

    I think that nmap might be your best tool. It is not a sniffing
    tool, but will use raw packets to guess which ports have listeners,
    and
    which ones are filtered by firewalls (Software or hardware)

    http://www.insecure.org/nmap/

    Pretty standard issue on linux flavors, and I believe can be easily
    found, or compiled for AIX.
    One warning, is that the techniques that nmap uses will resemble an
    attack on your system.

    You will want to make sure that your networking team is aware of your
    actions.

    Hope this helps,
    Casey

  7. Re: Ports Open

    caseyjbrotherton@gmail.com ?????:
    > Hello,
    >
    > It has been mentioned that telnet is incomplete.
    > Here is why:
    > 1) Can't open a connection if there is not a service listening on
    > the remote machine. (Mentioned above)
    > 2) Can't be used to check udp ports.
    >
    > I think that nmap might be your best tool. It is not a sniffing
    > tool, but will use raw packets to guess which ports have listeners,
    > and
    > which ones are filtered by firewalls (Software or hardware)
    >
    > http://www.insecure.org/nmap/
    >
    > Pretty standard issue on linux flavors, and I believe can be easily
    > found, or compiled for AIX.
    > One warning, is that the techniques that nmap uses will resemble an
    > attack on your system.
    >
    > You will want to make sure that your networking team is aware of your
    > actions.
    >
    > Hope this helps,
    > Casey

    I mean that the best way of this is using netcat - it's simple tools of
    checking tcp ports on Unix. I think that this tool can make check udp
    protocol too, but I've never used it for such purpose.
    for example:
    mc2@phoenix:/home/mc2>nc -z localhost 22
    Connection to localhost 22 port [tcp/ssh] succeeded!

    or
    hping - it's powerful utilite that can generate packets in range from
    simple ip/icmp packets to ip-raw packets, and have many other features.

    --
    UV-RIPE

  8. Re: Ports Open

    On Sep 29, 5:47*pm, Uwe Auer wrote:
    > invincible schrieb:> I want to see if the firewall ports between the two aix server have
    > > been opened or not. Is there any way to do that ?

    >
    > > I know that there are netstat -an command , but not interested in that
    > > as it gives me the status only on source and recipient server, what I
    > > am morre interested in is checking the firewall ports. Not sure if
    > > ping can be used with the port numbers to check this ?

    >
    > > Ciao

    >
    > Hi,
    >
    > often "telnet " works. If the port is open and
    > remote service is running on specified port) in a lot of cases you'll
    > get something like:
    >
    > $ telnet remotehost 2049 *(checks NFS)

    Thankyou uwe one more thing how to test if the port is to be checked
    for 161,162 udp opened or not. Reason is if you check with telnet port
    number it would be tcp not udp.

    Ciao






    > Trying...
    > Connected to remotehost.
    > Escape character is '^]'.
    >
    > If the port is not open on your firewall, you'll get a timeout.
    >
    > PS:
    > I'm aware that this is not a full check, since you can imagine reasons
    > for getting no answer although firewall port is open. But if you get a
    > answer like above, then the port is definetely open.
    >
    > Regards,
    > Uwe Auer



  9. Re: Ports Open

    On Oct 1, 4:51*pm, Vladimir Usenko wrote:
    > caseyjbrother...@gmail.com ?????:
    >
    > > Hello,

    >
    > > It has been mentioned that telnet is incomplete.
    > > * Here is why:
    > > * *1) *Can't open a connection if there is not a service listening on
    > > the remote machine. *(Mentioned above)
    > > * *2) *Can't be used to check udp ports.

    >
    > > * I think that nmap might be your best tool. *It is not a sniffing
    > > tool, but will use raw packets to guess which ports have listeners,
    > > and
    > > which ones are filtered by firewalls (Software or hardware)

    >
    > >http://www.insecure.org/nmap/

    >
    > > Pretty standard issue on linux flavors, and I believe can be easily
    > > found, or compiled for AIX.
    > > One warning, is that the techniques that nmap uses will resemble an
    > > attack on your system.

    >
    > > You will want to make sure that your networking team is aware of your
    > > actions.

    >
    > > Hope this helps,
    > > Casey

    >
    > I mean that the best way of this is using netcat - it's simple tools of
    > checking tcp ports on Unix. I think that this tool can make check udp
    > protocol too, but I've never used it for such purpose.
    > for example:
    > mc2@phoenix:/home/mc2>nc -z localhost 22
    > Connection to localhost 22 port [tcp/ssh] succeeded!
    >
    > or
    > hping *- it's powerful utilite that can generate packets in range from
    > simple ip/icmp packets to ip-raw packets, and have many other features.
    >
    > --
    > UV-RIPE


    I hope the installation for netcat is not complex I mean if it's a
    single binary then I can use it on any production server


+ Reply to Thread