I installed an instance of Kaa in AWS, and by following the instructions all the ports listed below were set as open, however I wanted to know which service is running under each port to know exactly if all of the ports need to be open to be accessed outside my network, or if only those ports for some particular services need to be open outside my network. I could find info for 6 of them, anyway please confirm if you can:
>PORT SERVICE
>22
>8080 Admin UI
>9999 Operations Server
>9998
>9997 Operations Server
>9889 Bootstrap Server
>9888 Bootstrap Server
>9887
>9080 Sandbox
Thanks in advance
22 - it's port for ssh.(use this link for more details )
9998 and 9887 ports don't used from kaa 0.8.0 version (for more details use official documentation page)
Bootstrap ports - 9889, 9888
Operations ports - 9999, 9997
you can change ports of bootstrap and operations services in this files:
bootstrap-http-transport.config
bootstrap-tcp-transport.config
operations-http-transport.config
operations-tcp-transport.config
Related
I'm using Ant Media Server on AWS and it works perfectly fine. However, some of our users have blocked UDP ports and therefore I want to know if it is possible to use TCP instead of UDP for WebRTC.
And with this in your User data in AWS you'll get the current instance public IP inserted automatically on boot:
sed -i "s/server.name=.*/server.name=$(curl -s http://169.254.169.254/latest/meta-data/public-ipv4)/g" /usr/local/antmedia/conf/red5.properties
Yes, we can make use of TCP ports for WebRTC.
Please open TCP Port range 50000-60000 on the AWS Security group (for AMS v2.4.2.1 and above, for older version use port range 5000-65000).
Go to the Application settings:
/usr/local/antmedia/webapps/<AppName>/WEB-INF/red5-web.properties
Edit the red5-web.properties file and set
settings.webrtc.tcpCandidateEnabled=true
Restart Ant Media Server
sudo service antmedia restart
If you are using a cloud service like OVH or if there is pubic IP directly associated with the instance, then webrtc should work.
If you are using a cloud service like AWS with private/public IP, then some additional settings are required to be configured.
Go to server configuration settings
/usr/local/antmedia/conf/red5.properties
Edit the red5.properties file and set
server.name=Instance_Public_IP
Go to the application settings again and edit the red5-web.properties
/usr/local/antmedia/webapps/<AppName>/WEB-INF/red5-web.properties
set
settings.replaceCandidateAddrWithServerAddr=true
Save the settings and restart Ant Media server
sudo service antmedia restart
Webrtc should work fine afterwards.
Thank you.
antmedia.io
We do have one server [Windows Server 2016] and i want to monitor that server, by installing Wazuh Tool.
I saw the documentation, but still i am getting confused. Should i need to install,
Wazuh Server
Wazuh Agent
Kibana
in server.? I don't see any article related to installing Wazuh Server in Windows Machine.
After following up the wazuh documentation, i can able to go up to a certain limit.
Installed Virtual Box in Windows Server.
Downloaded Wazuh OVA file and imported the same into virtual box.
Now i can able to connect to Wazuh Server, using the default credentials.
Now i stuck up at one place. I need to get the IP. I tried with 'Ip addr' command. But still, it is showing 127.0.0.1/8
As far as i checked, it is creating some dynamic IP's. Is there a way to setup Static IP. So that, i can able to access Wazuh Web console
through that IP.
Some of my findings:
It seems that the eth0 network interface for the VM does not have an IPv4 address assigned to it.
In the video in the documentation when running 'ip addr' it shows a dynamic IPv4 address as well as the IPv6 address so I suspect that this is the reason you cannot access the web console. This could be caused by the type of network interface you created for the VM in virtual box.
-------- Edited----------
As per your guidence, i did the following things.
Wazuh Server:
Virtual Box -> Adapter 1 -> Bridged Adapter
Virtual Box -> Adapter 2 -> Host-only Adapter
Started the Virtual Box and checked the 'Ip addr' command. Got the following IP's, eth0 [192.168..] and eth1 [10.0..]
In browser, i tried https://192.168.. and i can able to login to kibana.
Wazuh Agent:
The server which ever i am going to monitor, i installed Wazuh Agent. In the Wazuh Config file, i need to specify
Here i am bit confused. Should i need to give the actual server IP [where the wazuh server is] or i need to specify the IP's which i am getting in 'Ip Addr' command.?
I have tried all the IP's. When i check the Logs, it is showing like,
start_agent.c:100 at connect_server(): ERROR: (1216): Unable to connect to 'xx.xx.xx.xxx': 'Bad file descriptor'.
I recommend you reading the Architecture guide for a better understanding of how Wazuh works. Its architecture is based on agents, which means you need to install Wazuh agent on those endpoints you want to monitor (for example, your Windows server), and then connect these agents to a Wazuh Manager server (which need to be installed in a Linux machine, so you will need another server).
Kibana/Splunk are optional and useful tools to index the data generated by the manager for better visualization. I recommend using Kibana and the Elasticsearch Stack.
For the Linux Wazuh Manager server I recommend trying the all in one deployment, or, if you will have few agents connected and doesn't want to deploy any instance from scratch, you could try the pre-built Virtual Machine appliance (OVA)
I hope this helps you. The best point to start using Wazuh is the Getting started guide. I recommend you read that first of all.
------------------------ edit --------------------
Hello,
I'm sorry if I weren't clear enough. Wazuh has two main components: Manager (server in the documentation) and Agent.
The manager is also called a server because it serves the Wazuh service itself. That means the part of Wazuh that analyzes security events and generates alerts.
But Wazuh agent (despite its name) is also installed on servers that you want to monitorize and it is used to send security events to the Wazuh Manager (server) so they could be analyzed.
That said, if you want to correctly monitorize a Windows server you need to install the Wazuh Windows agent on it because it is designed to monitorize Windows servers. And you need to connect this agent to a Wazuh server. Here, you have different options:
You could install the Wazuh Manager in another (Linux) server.
You could install docker and docker-compose on your Windows server and use the wazuh-docker GitHub repository to deploy a Wazuh manager stack (with Wazuh, Elasticsearch and Kibana) to connect you, agent, to.
You could install the Wazuh OVA (VM appliance) on Virtualbox or similar software (this Virtual machine has installed by default Wazuh Manager, Elasticsearch and Kibana as well).
I see that you're trying with the 4th, deploying the Wazuh OVA on Virtualbox. Nevertheless, remember that you must have to install the Windows agent as well and connect it to the Wazuh Manager.
Regarding the IP question. My advice here is to enter the VirtualBox configuration for the machine and set up two network interfaces (or adapters). One host-only adapter (which will have a static IP that you could use to connect from your local browser) and other with a bridged adapter (to connect to the internet). Then, I recommend using nmtui (a console user interface for network manager) to set up your static IP as in the attached capture. That should be enough.
I am currently running a service with systemctl, and it is running as an http proxy, not normal http. Is this something that Google does? I am using port 8080 and I can't connect to it via http. My daemon is using port 8080, while using the type http-proxy (I am seeing this with the command nmap -sV -sC -p 8080 35.208.25.61 -vvvv -Pn). Instead, I want the daemon I'm running (wings.service) to use http, so it can use that type of connection to connect to my panel.
The panel is part of a piece of software along with the daemon, it's called pterodactyl. Anyways, I have tried everything on what to do, and I think this problem that I am addressing is the problem that causes dysfunction on my panel. I might just have to move to a different service to host my bots for discord.
Let me know if there's anything I can do to fix this.
As per I can understand you are unable to access the panel via web URL.
Pterodactyl web server can be installed using NGINX or Apache web servers, and both web servers by default listed on port 80 based on Pterodactyl web server installation guide, so you must enable HTTP port 80 traffic on your Compute Engine VM instance
The default firewall rules on GCP do not allow HTTP or HTTPS connections to your instances. However, it is fairly simple to add a rule that does allow them following this steps:
1.-Go to the VM instances page.
2.- Click the name of the desired instance.
3.- Click Edit button at the top of the page.
4.- Scroll down to the Firewalls section.
5.- Check the Allow HTTP or Allow HTTPS options under your desired VPC network.
6.- Click Save.
Note: The Pterodactyl panel and Daemon installation are not the same for each operating system, if after checking the VPC firewall rules on the VM settings and also the status of the web server in the instance (NGINX or Apache) you still cannot access your panel, please provide a step by step list with all commands you followed to complete the installation, including the OS version you used.
We are planning to install zabbix in our production environment as we need to monitor around 10-12 servers. The key point here is we are planning to install the zabbix server on an external internet server while these 10 agents are on intranet.These agents have restricted accesses and cannot be accessed from outside.
I would like to know if it is possible to connect these agents with the server using http proxy.How?
While you cannot use a HTTP proxy (at least without tunneling through it), your agents can connect to the server using active items in Zabbix. Note that this is configured on the item level.
I'm trying to automate some system using Siemens PLC; for that we have developed a WinCC Flexible RT application for control and monitoring, and have also declared the PC based HMI panel as the OPC server. Which is working fine.
Now, when i try to create a OPC Client application either in WinCC or Labview, on the same PC, am able to access all the tags of the server on the client, am able to do so.
When i try to create the client application on some other computer connected over the local area network [perfectly fine and well configured network working], am unable to access the OPC server/tags in that case.
What can be done in this case.?
The easiest way to establish connection between OPC client and server applications is to perform the following:
turn off the firewalls on both machines
create the same windows account on both machines using the same login name and password
for windows account (pointed out in 2) allow all "access permissions" and "Launch and Activation Permissions" by running "dcomcnfg" command and navigating to "console root->component services->computers->my computer->com security"
The more detailed example of how to do steps described above is given in this article http://opc-da.com/Winsetup.html
Also, there is a powerful OPC client API implemented on LabVIEW using OPC .NET API with detailed documentation on how to use: http://opc-da.com
It would be helpful if you mentioned the OS on the server and the client computers. Anyway, I'm guessing that this is a DCOM issue, as #Ken mentioned.
It's been a while since I worked with this sort of thing, but you can try this article: http://www.opcactivex.com/Support/Tutorials/DCOM_Tutorial_-_Configuring_th/DCOM_XP/dcom_xp.html and see if it helps.
Make sure the firewall isn't blocking the connection. Disable it on both sides.
Take a look at this NI article: http://zone.ni.com/reference/en-XX/help/371361G-01/lvhowto/psp_firewall/
keep in mind, the tcp ports used by OPC/shared variables changed somewhere between LV2009 and LV2011, so depending on what version you have, the ports may be different.
In addition to the ports and the firewall...
Make sure that the account in which the the OPC client is running has access to the OPC server, either through the DCOM default settings or the OPC Server-specific settings (also part of DCOM configuration) on the server machine.