------=_Part_8313_31009039.1199634758361
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Hi Marek (and Happy New Year)


> On Linux you may use nmap.
> But you are connecting to localhost, this is your local network (on
> host) and ISP can not block this. This network (historically) can be
> used to test network connections on computers without network card.
> Now you do not have httpd daemon listening on 8083 port.
>



nmap also exists on mac os. I tried it with : nmap -sV 66.110.138.56


Here is the result :

Starting Nmap 4.50 ( http://insecure.org ) at 2008-01-04 16:53 EST
Interesting ports on c66.110.138-56.clta.globetrotter.net (66.110.138.56):
Not shown: 1709 closed ports
PORT STATE SERVICE VERSION
88/tcp open kerberos-sec Mac OS X kerberos-sec
8080/tcp open http Apache httpd 2.2.6 ((Unix) mod_ssl/2.2.6
OpenSSL/0.9.7l DAV/2 PHP/5.2.5)
Service Info: OS: Mac OS X
Only port 8080 is opened for http and port 88 is opened for kerberos (???
maybe for mail ???) but doesn't work for https.
If I do:
bash-3.2# openssl s_client -connect localhost:88 -state -debug
Here is the result :

CONNECTED(00000003)
SSL_connect:before/connect initialization
write to 0040BD60 [00139000] (118 bytes => 118 (0x76))
0000 - 80 74 01 03 01 00 4b 00-00 00 20 00 00 39 00 00 .t....K... ..9..
0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0 8..5............
0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 05 00 ..3..2../.......
0030 - 00 04 01 00 80 00 00 15-00 00 12 00 00 09 06 00 ................
0040 - 40 00 00 14 00 00 11 00-00 08 00 00 06 04 00 80 @...............
0050 - 00 00 03 02 00 80 16 fa-87 b0 81 f6 29 52 9f a7 ............)R..
0060 - 96 ac 9f ec 07 17 73 87-3d ca c8 82 56 9a 4e 91 ......s.=...V.N.
0070 - 0c 52 7b 8b 47 fc .R{.G.
SSL_connect:SSLv2/v3 write client hello A
read from 0040BD60 [0013F000] (7 bytes => 7 (0x7))
0000 - 00 00 00 ae 7e 81 ab ....~..
SSL_connect:error in SSLv2/v3 read server hello A
13536:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown
protocol:s23_clnt.c:601:

I must point out that ssl module is loaded in my httpd.conf.

If I use http://www.canyouseeme.org/ it gives me the same result : port 8080
and 88 are opened.


So I phoned my ISP and they told me that only a few ports (like 25,
80,143,..) are blocked and that port 8083 was opened !...
So, I must understand that the problem is in my machine but where ? I do not
have any firewall or router. Is it possible that the Apache 2 server could
be responsable ?

Regards

------=_Part_8313_31009039.1199634758361
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Hi Marek (and Happy New Year)

 
On Linux you may use nmap.
But you are connecting to localhost, this is your local network (on

host) and ISP can not block this. This network (historically) can be
used to test network connections on computers without network card.
Now you do not have httpd daemon listening on 8083 port.



 
nmap also exists on mac os. I tried it with : nmap -sV 66.110.138.56

 
Here is the result :


Starting Nmap 4.50 ( http://insecure.org ) at 2008-01-04 16:53 EST
Not shown: 1709 closed ports
PORT     STATE SERVICE      VERSION

88/tcp   open  kerberos-sec Mac OS X kerberos-sec
8080/tcp open  http         Apache httpd
2.2.6 ((Unix) mod_ssl/2.2.6 OpenSSL/0.9.7l DAV/2 PHP/5.2.5)
Service Info: OS: Mac OS X
Only port 8080 is opened for http and port 88 is opened for kerberos (??? maybe for mail ???) but doesn't work for https.
If I do:
bash-3.2# openssl s_client -connect localhost:88 -state -debug
Here is the result :

CONNECTED(00000003)
SSL_connect:before/connect initialization
write to 0040BD60 [00139000] (118 bytes => 118 (0x76))
0000 - 80 74 01 03 01 00 4b 00-00 00 20 00 00 39 00 00   .t....K... ..9..
0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0   8..5............
0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 05 00   ..3..2../.......
0030 - 00 04 01 00 80 00 00 15-00 00 12 00 00 09 06 00   ................
0040 - 40 00 00 14 00 00 11 00-00 08 00 00 06 04 00 80   @...............
0050 - 00 00 03 02 00 80 16 fa-87 b0 81 f6 29 52 9f a7   ............)R..
0060 - 96 ac 9f ec 07 17 73 87-3d ca c8 82 56 9a 4e 91   ......s.=...V.N.
0070 - 0c 52 7b 8b 47 fc                                 .R{.G.
SSL_connect:SSLv2/v3 write client hello A
read from 0040BD60 [0013F000] (7 bytes => 7 (0x7))
0000 - 00 00 00 ae 7e 81 ab                              ....~..
SSL_connect:error in SSLv2/v3 read server hello A
13536:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:601:

I must point out that ssl module is loaded in my httpd.conf.


If I use http://www.canyouseeme.org/
it gives me the same result : port 8080 and 88 are opened. 

 
So I phoned my ISP and they told me that only a few ports (like 25, 80,143,..) are blocked and that port 8083 was opened !...
So, I must understand that the problem is in my machine but where ? I do not have any firewall or router. Is it possible that the Apache 2 server could be responsable ? 


Regards

 


------=_Part_8313_31009039.1199634758361--
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org