For some reason when I try to use get or put from a Solaris box to an IBM mainframe, the ftp client appears to hang.
I've tried all sorts of different variations (for example, including using quotes and not), and all I ever get is a "200 Port Request OK". But I never get the prompt back, and eventually the connection breaks.
ftp> open ibm.some_server
Connected to ibm.some_server
230 USER1 is logged on. Working directory is "USER1.".
Remote system type is MVS.
ftp> cd 'Z.TABS.'
250 "Z.TABS." is the working directory name prefix.
ftp> get 'SAMASCPY' samas.txt
200 Port request OK.
Anyone know what could be going on?
You need to enable passive mode. With Solaris 10's ftp:
ftp> passive
Passive mode on.
The FTP protocol as originally defined makes the server open a connection back to the client when a file transfer is initiated. That's what the PORT command in your question shows -- the client requested that the server connect back to its address on a specific port number. These days, with ubiquitous firewalls & NAT traversals, that rarely works.
Enabling passive mode tells the client to connect directly to the server, and fixes this issue. Most ftp clients now use passive mode by default; Solaris' does not.
Related
I have a remote site connected via a LTE modem and ngrok. It runs on Raspberry Pis.
My problem is that when I try and login I get a password failure (n.b the login prompt for account is correct).This could obviously be fixed if I travelled the 50 miles and reset the system but I was rather hoping that there was a way I could do it remotely!
Now the technical details;
a) ngrok did work with the remote connection before entering this failure mode
b) The site does do occasional file transfers and these appear to be working perfectly
c) One of the items in b) is the ngrok address which has not changed
d) The fault is repeated if I put in the wrong ngrok address
Is there any way to reset the link remotely?
(The logical explanation for all this is that ngrok has changed the connection parameters which I am not picking up correctly. I use 'curl -s localhost:4040/api/tunnels | jq -r .tunnels[0].public_url' at the remote end, which is then both e-mailed on change, and file transferred to another Pi. However today I could access the device without problems for several hours without any change to the login parameters and then it stopped working again.)
The remote unit has now been brought back to the house for testing so I am able to both use ngrok via the LTE modem and a direct ethernet connection.
I can confirm that the remote computer:
a) Can be logged into as normal via ethernet
b) ps ax | grep ngrok -> 613 ? Ssl 12:19 /snap/ngrok/38/ngrok start --all --config=/home/pi/ngrok/config.yml (the old PID indicating that it has been running for some time)
c) The result of the method given previously for getting the tunnel address is unchanged from when it was working perfectly yesterday
Any suggestions on other tests to run?
When I create the Hello World example in C++ from The Guide on ZeroMQ found here:
http://zguide.zeromq.org/page:all#Ask-and-Ye-Shall-Receive
and run the application, I get a Windows Security Alert that asks if I would like to allow the application to communicate on public or private networks.
It looks like this:
Here is where things get interesting.
I only need my program to listen on port 5555 for connections from localhost and I do NOT need to allow incoming connections on port 5555. This is because I only want to communicate between applications on the localhost.
Client and server are both running on the same machine.
Here is my current process. I start the server, the Windows Security Alert comes up, since I am running the application as a non-administrator account, I only have standard permissions. Then I click Cancel on the Alert.
Clicking cancel on the alert puts an explicit deny inbound rule on all ports for HelloWorldServer.exe. This is totally fine.
Then I start the client. Since the client is connecting to the localhost. I actually does not need to send messages outside of the local machine, and all of its messages arrive at the server just fine.
Given an explicit deny rule on incoming connections to HelloWorldServer.exe, the messages can still arrive from the client on the local host. This is a desirable result.
Now the question becomes is there anyway to automatically respond to the Windows Security Alert to click cancel? Is there any way to suppress it from popping up since the allow is not needed?
The prompt is undesirable because it implies that the application needs to create a vulnerability when it does not.
Please assume that Named Pipes are not a valid alternative to tcp as a means of inter-process communication.
When binding the socket the caller may specify the IP address the socket is bound to. The coding samples provided by ZeroMQ specify
socket.bind ("tcp://*:5555");
where * appears to be specify all possible addresses (INADDR_ANY in BSD socket-derived parlance) which will trigger the Windows firewall as it allows remote and local addresses.
Calling socket.bind with the localhost address 127.0.0.1
socket.bind ("tcp://127.0.0.1:5555");
limits the sockets allowed to connect to the local machine and should silence the firewall warning for most Windows firewall configurations.
I've been trying to set up a server using Google Compute Engine but find myself being stuck.
I've installed everything that needs to be installed, I can start the server, no problem. Only thing is, i'm unable to connect to the server.
I've opened the required ports in a firewall rule (udp:16261; tcp:16262-16270) for all source IP as normal, but when I try to connect, i get this message on the server's console :
User jet is trying to connect.
Connected new client jet ID # 0 and assigned DL port 16262
testing TCP download port 16262
And it waits and waits, nothin happens. I'm pretty sure it's because no connection has been requested from the outsite of the network on that specific port (16262) that the outgoing traffic can't be sent, but I was wondering if anyone else has tried to make it work.
Thanks for your help guys !
According to the documentation; in the "Forwarding Required Ports" Section:
Project Zomboid dedicated servers require the following open ports to successfully connect to clients:
8766 UDP
16261 UDP
If the client's public ip address is known, you can perform a basic troubleshooting whitin Google Compute Engine using Cloud Logging. A basic query returning all the logs containing that ip address as source or destination would be:
jsonPayload.connection.src_ip="public-ip-address" OR jsonPayload.connection.dest_ip="public-ip-address"
Firewall Rules Logging has to be "on" for every rule involved in the connection. Follow these steps for Enabling firewall rules logging.
For troubleshooting purposes an "allow all" Firewall rule can be created and logging enabled on it, that would allow you to see exactly what ports are involved.
Note: If the traffic hitting the firewall rule(s) is too much, it can lead to unanticipated storage costs. Please enable the firewall rules logging just for troubleshooting purposes, don't forget to disable it after you're done.
When I use WinSCP in Windows to connect to VMware with Ubuntu, it prompted this:
The server rejected SFTP connection, but it listens for FTP connections.
Did you want to use FTP protocol instead of SFTP? Prefer using encryption.
What's the matter?
I can succeed to ping Ubuntu in Windows.
The fact that you can ping the server has nothing to do with what protocols it supports.
The message says that the server does not listen on port 22 (SSH, SFTP), but listens on port 21 (FTP). The point of the message is that WinSCP defaults to SFTP protocol, what is not common. So it tries to help users who expect FTP to be a default. But that's not relevant to you apparently.
As #ps2goat suggested, make sure you setup SSH/SFTP server.
For more details, see the documentation for the error message The server rejected SFTP connection, but it listens for FTP connections.
If you see this error all of a sudden (when SFTP has always worked for you for this particular server), and if you are using CSF (ConfigServer Security & Firewall), then it might be that your IP was blocked for SSH access. Try flushing all blocks. Also, try restarting the SSH server.
Old question but still responding so others might get benefited.
I stumbled upon this error and the first thing I checked was if my ubuntu machine had ssh installed. It was there and the latest version and I still would get this error.
As long as you have ssh access to the target, check the ssh service status and most certainly it'd be found inactive. Turn it on using
sudo service ssh restart
and you should be back in the game.
Do check the status of the SFTP by using
sudo service ssh status
and take any corrective action.
I have a situation where a 2008 server with IIS7 has been application level compromised and is sending spam from port 25. We have ran a virus scan and removed the infected files yet the spam is still being sent.
We know the spam is coming from a local file as the firewall has port 25 blocked inbound and the SMTP log is showing all requests appearing from the local server. We have ran a LogParser scan of the sites (which there are many) for any POST data to files on the server but the results all look genuine. The PID sending the data on port 25 is simply inetinfo.exe so this isn't much use either.
I would like to identify what file is sending this e-mail, can anyone think of a way to do this?
Have you shut down the smtp server under properties for local outbound? meaning 127. etc...? also, have you looked in the que folder under inetpub to see if the offending message is in there? In some cases a file can change the remote server on smtp in IIS to send via aproxy or some other service so it would ignore your scans.
in addition, not all mail has to use port 25 to send emails. it can hit any port if the creator tells it to.