Open a port (Fedora Core 2)

This is a discussion on Open a port (Fedora Core 2) within the Linux Security forums, part of the System Security and Security Related category; This should be simple. I'm trying to open port 8080 for jakarta/tomcat. Running nmap localhost gives: Starting nmap ...


Go Back   Usenet Forums > System Security and Security Related > Linux Security

Reload this Page Open a port (Fedora Core 2)

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 11-15-2004
Colin Rosenthal
 
Posts: n/a
Default Open a port (Fedora Core 2)
This should be simple. I'm trying to open port 8080 for jakarta/tomcat.
Running nmap localhost gives:

Starting nmap 3.50 ( http://www.insecure.org/nmap/ ) at 2004-11-15 11:39 CET
Interesting ports on localhost.localdomain (127.0.0.1):
(The 1652 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
111/tcp open rpcbind
443/tcp open https
631/tcp open ipp
6000/tcp open X11
8009/tcp open ajp13

Nmap run completed -- 1 IP address (1 host up) scanned in 1.442 seconds

I've tried to open 8080 using iptables directly, but as that didn't seem
to be working I've installed firestarter (which, afaics, is just a graphical
interface to iptables). Under Rules --> Open Ports I've added 8080 and ...
nothing. The output of nmap remains unchanged.

--
Colin in Denmark
Reply With Quote
  #2 (permalink)  
Old 11-15-2004
Nathan Dietsch
 
Posts: n/a
Default Re: Open a port (Fedora Core 2)
Hello Colin,

Colin Rosenthal wrote:
> This should be simple. I'm trying to open port 8080 for jakarta/tomcat.
> Running nmap localhost gives:
>
> Starting nmap 3.50 ( http://www.insecure.org/nmap/ ) at 2004-11-15 11:39 CET
> Interesting ports on localhost.localdomain (127.0.0.1):
> (The 1652 ports scanned but not shown below are in state: closed)
> PORT STATE SERVICE
> 22/tcp open ssh
> 80/tcp open http
> 111/tcp open rpcbind
> 443/tcp open https
> 631/tcp open ipp
> 6000/tcp open X11
> 8009/tcp open ajp13
>
> Nmap run completed -- 1 IP address (1 host up) scanned in 1.442 seconds
>
> I've tried to open 8080 using iptables directly, but as that didn't seem
> to be working I've installed firestarter (which, afaics, is just a graphical
> interface to iptables). Under Rules --> Open Ports I've added 8080 and ...
> nothing. The output of nmap remains unchanged.
>

You didn't mention this in your post, but have you actually started the
tomcat server ? If not, start the server and try your nmap scan again.

Opening a port in a firewall means that clients are allowed to connect
to that port, but you need an application listening on the port for nmap
to register it as being open.

Kind Regards,

Nathan Dietsch
Reply With Quote
  #3 (permalink)  
Old 11-15-2004
Colin Rosenthal
 
Posts: n/a
Default Re: Open a port (Fedora Core 2)
In article <v00md.115$2h3.6162@nnrp1.ozemail.com.au>, Nathan Dietsch wrote:
> Hello Colin,
>
> Colin Rosenthal wrote:
>> This should be simple. I'm trying to open port 8080 for jakarta/tomcat.
>> Running nmap localhost gives:
>>
>> Starting nmap 3.50 ( http://www.insecure.org/nmap/ ) at 2004-11-15 11:39 CET
>> Interesting ports on localhost.localdomain (127.0.0.1):
>> (The 1652 ports scanned but not shown below are in state: closed)
>> PORT STATE SERVICE
>> 22/tcp open ssh
>> 80/tcp open http
>> 111/tcp open rpcbind
>> 443/tcp open https
>> 631/tcp open ipp
>> 6000/tcp open X11
>> 8009/tcp open ajp13
>>
>> Nmap run completed -- 1 IP address (1 host up) scanned in 1.442 seconds
>>
>> I've tried to open 8080 using iptables directly, but as that didn't seem
>> to be working I've installed firestarter (which, afaics, is just a graphical
>> interface to iptables). Under Rules --> Open Ports I've added 8080 and ...
>> nothing. The output of nmap remains unchanged.
>>
>
> You didn't mention this in your post, but have you actually started the
> tomcat server ? If not, start the server and try your nmap scan again.
>
> Opening a port in a firewall means that clients are allowed to connect
> to that port, but you need an application listening on the port for nmap
> to register it as being open.

It appears to be running:

[root@maugham conf]# /sbin/service tomcat start
Starting tomcat: [ OK ]
[root@maugham conf]# ps -u tomcat
PID TTY TIME CMD
15816 pts/1 00:00:15 tomcat
[root@maugham conf]#

Incidentally, do you have any idea what port 8009 is doing open for "ajp13"?

--
Colin in Denmark
Reply With Quote
  #4 (permalink)  
Old 11-15-2004
Mike
 
Posts: n/a
Default Re: Open a port (Fedora Core 2)
Colin Rosenthal wrote:

> In article <v00md.115$2h3.6162@nnrp1.ozemail.com.au>, Nathan Dietsch wrote:
>
>>Hello Colin,
>>
>>Colin Rosenthal wrote:
>>
>>>This should be simple. I'm trying to open port 8080 for jakarta/tomcat.
>>>Running nmap localhost gives:
>>>
>>>Starting nmap 3.50 ( http://www.insecure.org/nmap/ ) at 2004-11-15 11:39 CET
>>>Interesting ports on localhost.localdomain (127.0.0.1):
>>>(The 1652 ports scanned but not shown below are in state: closed)
>>>PORT STATE SERVICE
>>>22/tcp open ssh
>>>80/tcp open http
>>>111/tcp open rpcbind
>>>443/tcp open https
>>>631/tcp open ipp
>>>6000/tcp open X11
>>>8009/tcp open ajp13
>>>
>>>Nmap run completed -- 1 IP address (1 host up) scanned in 1.442 seconds
>>>
>>>I've tried to open 8080 using iptables directly, but as that didn't seem
>>>to be working I've installed firestarter (which, afaics, is just a graphical
>>>interface to iptables). Under Rules --> Open Ports I've added 8080 and ...
>>>nothing. The output of nmap remains unchanged.
>>>
>>
>>You didn't mention this in your post, but have you actually started the
>>tomcat server ? If not, start the server and try your nmap scan again.
>>
>>Opening a port in a firewall means that clients are allowed to connect
>>to that port, but you need an application listening on the port for nmap
>>to register it as being open.
>
>
> It appears to be running:
>
> [root@maugham conf]# /sbin/service tomcat start
> Starting tomcat: [ OK ]
> [root@maugham conf]# ps -u tomcat
> PID TTY TIME CMD
> 15816 pts/1 00:00:15 tomcat
> [root@maugham conf]#
>
> Incidentally, do you have any idea what port 8009 is doing open for "ajp13"?

Take your words: port 8009 is doing open for "ajp13"

Copy and paste them into Google for your answer


--

------------------------------------

Real email to mike. The header email is a spam trap and you will be
blacklisted,
submitted to anti-spam sites and proably burn in hell.
Reply With Quote
  #5 (permalink)  
Old 11-15-2004
Colin Rosenthal
 
Posts: n/a
Default Re: Open a port (Fedora Core 2)
In article <cna9v4$ir7$2@thorium.cix.co.uk>, Mike wrote:
> Colin Rosenthal wrote:
>
>> In article <v00md.115$2h3.6162@nnrp1.ozemail.com.au>, Nathan Dietsch wrote:
>>
>>>Hello Colin,
>>>
>>>Colin Rosenthal wrote:
>>>
>>>>This should be simple. I'm trying to open port 8080 for jakarta/tomcat.
>>>>Running nmap localhost gives:
>>>>
>>>>Starting nmap 3.50 ( http://www.insecure.org/nmap/ ) at 2004-11-15 11:39 CET
>>>>Interesting ports on localhost.localdomain (127.0.0.1):
>>>>(The 1652 ports scanned but not shown below are in state: closed)
>>>>PORT STATE SERVICE
>>>>22/tcp open ssh
>>>>80/tcp open http
>>>>111/tcp open rpcbind
>>>>443/tcp open https
>>>>631/tcp open ipp
>>>>6000/tcp open X11
>>>>8009/tcp open ajp13
>>>>
>>>>Nmap run completed -- 1 IP address (1 host up) scanned in 1.442 seconds
>>>>
>>>>I've tried to open 8080 using iptables directly, but as that didn't seem
>>>>to be working I've installed firestarter (which, afaics, is just a graphical
>>>>interface to iptables). Under Rules --> Open Ports I've added 8080 and ...
>>>>nothing. The output of nmap remains unchanged.
>>>>
>>>
>>>You didn't mention this in your post, but have you actually started the
>>>tomcat server ? If not, start the server and try your nmap scan again.
>>>
>>>Opening a port in a firewall means that clients are allowed to connect
>>>to that port, but you need an application listening on the port for nmap
>>>to register it as being open.
>>
>>
>> It appears to be running:
>>
>> [root@maugham conf]# /sbin/service tomcat start
>> Starting tomcat: [ OK ]
>> [root@maugham conf]# ps -u tomcat
>> PID TTY TIME CMD
>> 15816 pts/1 00:00:15 tomcat
>> [root@maugham conf]#
>>
>> Incidentally, do you have any idea what port 8009 is doing open for "ajp13"?
>
> Take your words: port 8009 is doing open for "ajp13"
>
> Copy and paste them into Google for your answer

Ok, problem solved. I failed to spot that the default http <Connector>
element in
tomcat's server.xml configuration files is commented out in my distribution.
Somewhere in the heart and mind of the universe there is a reason for this.

--
Colin
Reply With Quote
  #6 (permalink)  
Old 11-15-2004
badboy
 
Posts: n/a
Default Re: Open a port (Fedora Core 2)

"Colin Rosenthal" <colin@daimi.au.dk> wrote in message
news:4198ad52$0$197$edfadb0f@dread11.news.tele.dk. ..
> In article <cna9v4$ir7$2@thorium.cix.co.uk>, Mike wrote:
> > Colin Rosenthal wrote:
> >
> >> In article <v00md.115$2h3.6162@nnrp1.ozemail.com.au>, Nathan Dietsch
wrote:
> >>
> >>>Hello Colin,
> >>>
> >>>Colin Rosenthal wrote:
> >>>
> >>>>This should be simple. I'm trying to open port 8080 for
jakarta/tomcat.
> >>>>Running nmap localhost gives:
> >>>>
> >>>>Starting nmap 3.50 ( http://www.insecure.org/nmap/ ) at 2004-11-15
11:39 CET
> >>>>Interesting ports on localhost.localdomain (127.0.0.1):
> >>>>(The 1652 ports scanned but not shown below are in state: closed)
> >>>>PORT STATE SERVICE
> >>>>22/tcp open ssh
> >>>>80/tcp open http
> >>>>111/tcp open rpcbind
> >>>>443/tcp open https
> >>>>631/tcp open ipp
> >>>>6000/tcp open X11
> >>>>8009/tcp open ajp13
> >>>>
> >>>>Nmap run completed -- 1 IP address (1 host up) scanned in 1.442
seconds
> >>>>
> >>>>I've tried to open 8080 using iptables directly, but as that didn't
seem
> >>>>to be working I've installed firestarter (which, afaics, is just a
graphical
> >>>>interface to iptables). Under Rules --> Open Ports I've added 8080 and
....
> >>>>nothing. The output of nmap remains unchanged.
> >>>>
> >>>
> >>>You didn't mention this in your post, but have you actually started the
> >>>tomcat server ? If not, start the server and try your nmap scan again.
> >>>
> >>>Opening a port in a firewall means that clients are allowed to connect
> >>>to that port, but you need an application listening on the port for
nmap
> >>>to register it as being open.
> >>
> >>
> >> It appears to be running:
> >>
> >> [root@maugham conf]# /sbin/service tomcat start
> >> Starting tomcat: [ OK ]
> >> [root@maugham conf]# ps -u tomcat
> >> PID TTY TIME CMD
> >> 15816 pts/1 00:00:15 tomcat
> >> [root@maugham conf]#
> >>
> >> Incidentally, do you have any idea what port 8009 is doing open for
"ajp13"?
> >
> > Take your words: port 8009 is doing open for "ajp13"
> >
> > Copy and paste them into Google for your answer
>
> Ok, problem solved. I failed to spot that the default http <Connector>
> element in
> tomcat's server.xml configuration files is commented out in my
distribution.
> Somewhere in the heart and mind of the universe there is a reason for
this.
>
> --
> Colin

If you're testing nmap on the same machine or within your network, then the
results will show open read man nmap, if you want to see what is really
open get a friend to test it for you.

Badboy


Reply With Quote
Reply
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 05:51 AM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0