OpenVAS is reporting the following vulnerability.
NVT: Cheops NG without password (OID: 1.3.6.1.4.1.25623.1.0.20161)
I'm not running that so it is probably a false positive. I'm wondering what rule it's using to flag that. My guess is it's an open port as I have a few non-standard ports open on that endpoint. Any pointers as to where to look for the rule sets etc?
The VT in question is flagging a service if the following VT is detecting a Cheops NG Agent service (on the default port 2300 but also on all ports with "unknown" services) previously:
Name: Cheops NG Agent Detection
OID: 1.3.6.1.4.1.25623.1.0.20160
Filename: cheopsNG_detect.nasl
As seen in the source code of that VT the detection of such an "unprotected" service happens if the service in question is responding to a probing request ("m2" variable) if all of the following constraints are matching for the response:
The length of the received response needs to be >= 8
The received response starts with "\0\0\0"
There is an additional "\x01\x00\x00\x7f" somewhere in the received response
Disclaimer: VT Dev # Greenbone
Port 3314 is the default port that Cheops NG listens on.
chan_sip locks causing registration issues with asterisk realtime mysql when displaying the following errors:
chan_sip.c:3821 retrans_pkt: Retransmission timeout reached on transmission for seqno 1 (Critical Response)
chan_sip.c:3821 retrans_pkt: Retransmission timeout reached on transmission for seqno 106
my registrations to my sip providers then timeout with the following errors:
chan_sip.c:13661 sip_reg_timeout: -- Registration for xxx timed out, trying again
this is not a connectivity issue as restarting asterisk will re-register to the sip providers immediately
the connections eventually re-establish, registrations start registering until the above happens again at a random interval. Server is a dedicated non natted server.
What could be the issue?
if you have debian or ubuntu, turn off res_timing_pthread.so and use res_timing_dahdi.so
That fix such issue.
I am using BizTalk Server 2009 to send EDI messages to my client using AS2. I am able to send messages, but getting an error while sending messages that exceeds 5KB of file size. I checked with the partner whether they are using any restrictions on file size, but they are able to exchange even some GB's of files with other trading partner.
I compared the files that are successfully sent with the one that failed. But found no difference between two except LIN, PIA, QTY and other segments.
I found the below error when tracked in event viewer.
The adapter failed to transmit message going to send port "SendTextFile" with URL "http://xxclienturlxx.com:2080/ipnet/as2". It will be retransmitted after the retry interval specified for this Send Port. Details:"The remote server returned an error: (500) Internal Server Error.".
How do I resolve this?
Found the solution..
In BizTalk 2009, disabling "Enable chunked encoding" in Send port Transport type properties did the trick for me...
To have large message support when the size of the message is greater than 48 KB, the http send adapter is sending the data in chunks to the server instead of a full stream"
This post HTTP Send Adapter - Submit to ASP Page Issue helped me to find the solution.
I m trying to access a website using sim900 GSM module.
This is the list of commands
AT+CSQ
+CSQ: 16,0
OK
AT+HTTPINIT
OK
AT+HTTPPARA="CID",1
OK
AT+HTTPPARA="URL","www.google.com"
OK
AT+HTTPACTION=0
OK
+HTTPACTION:0,601,0
AT+HTTPACTION=0
OK
+HTTPACTION:0,601,0
Unable to access google. 601 code shows Network error.
How to get rid of this error?
You need to setup the connection to the bearer. Here are the minimum setup commands that have worked for me (based on trial/error and searching around on the internet).
AT+SAPBR=3,1,"APN","wap.cingular"
AT+SAPBR=1,1
The correct value for the APN may be different for you, depending on your network and service provider. I'm using AT&T prepaid SIM cards. Once that's working, then you can do the HTTP setup commands as you already have...
AT+HTTPINIT
AT+HTTPPARA="URL","http://www.google.com"
AT+HTTPACTION=0
Status codes above 600 (and some in the 500 range) are unassigned in the HTTP standard. In the AT command manual for the SIM908, status meanings are given in the notes on the HTTPACTION command:
600 Not HTTP PDU
601 Network Error
602 No memory
603 DNS Error
604 Stack Busy
You can query the bearer connection status of CID 1 with AT+SAPBR=2,1 and the related parameters with AT+SAPBR=4,1. You can also check that you're attached to the GPRS network with AT+CGATT?. If everything indicates that you are connected and you are still getting a 601 status code, then check that your service plan has data and that it hasn't run out. I have found that even when my account has a few hundred k of data showing on the balance that I start to get a 601 status until I add more data to my prepaid phone plan. If the SIM module has been on the whole time and you add more data, you'll need to close and re-open your connection (AT+SAPBR=0,1 followed by AT+SAPBR=1,1) and then your HTTP* commands will start working again without having to set the HTTPPARA settings again and without having to restart with HTTPINIT.
I have found that when an http call is made to an https only website it will throw a 601 error on the sim. Beware some sim devices have ssl and some don't. Use AT+HTTPSSL=? to interrogate. device with ssl will respond like, 'HTTPSSL 1'. If you get an error your device doesn't have ssl. This took some work with the factory for me to determine this.
You must also use to hit ssl site. I am using the wifi101 ssl client.
fona.setHTTPSRedirect(true);
dy3
I have encoutered this error as well. The cause of the problem may be that there is not enough money in the phone number account. You may check it.
601 is some custom implemented Error code.
Here is the list of standard HTTP Status codes
+HTTPACTION:0,601,0
The above AT response code (601) for HTTP session start indicates that
there is a network error. Then make sure that the PDP context is setup
properly.
source
https://m2msupport.net/m2msupport/at-command-for-http-functions-for-remote-server-data-access/
I have spent many hours with this module right now.
My experience is that when you dont get a 200 reply from remote server, you should check IP address to verify you are still on the network sendng a ping to a working server (AT+CIPPING="XX.XX.XX.XX").
If it succeeds: Try AT+SAPBR=2,1 and AT+CIFSR. You should get same address for both commands.
If you dont get same address, login again to the netword/service with AT+CIPCSGP=1, "yourapn.com", "user", "password".
If nothing works, power down the module. Wait a couple of minutes, and restart again.
Just in case someone is affected by this problem and stumbles on this post 4 years later: in my case the module had a small "sticker" type antenna and it got somehow damaged.
I could connect to the network but when I tried to use HTTP over the GPRS networks I only got return code 601 (network error) or 603 (failed to resolve DNS).
Once I replaced the antenna with a new one, everything worked perfectly.
Again, in case somebody has the same problem. In my case it was a typo in url:
AT+HTTPPARA="URL"," http://www.google.com"
Did you notice the space before http? For several hours, I didn't notice it too.
Usually after this command AT+SAPBR=3,1,"CONTYPE","GPRS" you enter your "APN", "USR" & "PWD" details also using SAPBR=3,1 etc. These details must match the SIM card / mobile phone provider.
Then it is recommended to check that your device has now received an IP address. Sometimes this is not straight away. Use AT+SAPBR=2,1 to query and this will return your IP address which you should check for confirmation.
Once you have IP address you can enter AT+HTTPINIT, AT+HTTPPARA="CID",1 etc.
Now to use GET you have to include a "?" after the URL to provide your php script with a key=value pairing.
Thus in your case it is something like, AT+HTTPPARA="URL","http://<Public_Ip_Address>:8080/folder/savedata.php?A=1001" where A is the key and 1001 is the value.
Now send the AT+HTTPACTION=0 and you should get a +HTTPACTION: 0,200,1000 response where 200 is the OK and 1000 is the payload size. AT+HTTPREAD will allow you to read the response if it is required.
Change URL. 601 is a URL has been moved. Is a redirect.
I am creating a syslog formatted message according to RFC3164 and sending it to my linux default syslog server which is listining of port 514.
The message i am sending is
<187>Nov 19 02:58:57 nms-server6 %cgmesh-2-outage: Outage detected on this device
I open a socket, make a datagram packet and send this packet on that socket.
Now in the var/log/syslog.log which i have configured to receive all the syslog messages as
. /var/log/syslog.log
I am getting this extra hostname getting inserted by the server automatically as show below
Nov 19 02:58:57 nms-server6 nms-server6 %cgmesh-2-outage: Outage detected on this device
as you see nms-server6 is getting repeated twice while i am sending it just once...so somehow the server is inserting it by default..
can some one share some knowledge on this ?
Are you adding the hostname in your message? If so, I don't think that's necessary as the hostname will be taken from the packet - which would explain the duplication.
Also, as a side note - it's nice that you've added the %fac-sev-mnemonic: portion, but that is not a standard, it's used by Cisco devices.
Here's a link to a good whitepaper that covers Cisco Mnemonics (and syslog management):
Building Scalable Syslog Management Solutions:
http://www.cisco.com/en/US/technologies/collateral/tk869/tk769/white_paper_c11-557812.html