Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 1 year ago.
Improve this question
I saw a video in which a person scanned a public IP(it was his SOHO network) using nmap. It showed all the open ports and other info but I don't understand how can nmap scan ports and tell which are open when there are multiple devices on that network. Is it that nmap scans all the devices on that network using that public IP and then shows a collective result or is it something else?
Link for that video
at 7:43
When NMAP scans an IP, it, in theory only scans the device who is running on that IP.
But there is a catch, if the IP that the NMAP scans is a device with port forwarding, it will forward the scan for that port to the device that the port forwarding is directed at.
To give you an example, I will define few stuff
You have 3 devices, 1 router that has a public IP, 2 servers that are
behind the router.
We will be scanning 4 ports, 10, 20, 30, 40
Port 10 is open on the router itself, its used for public communication
Port 20 is not opened on the router and its not being port forwarded
Port 30 is being port forwarded to Server 1, who has that port open
Port 40 is being port forwarded to Server 2, but that server doesn't have that port open
In the results on NMAP, you will get the following result.
Ports 10 and 30 will show up as open, while ports 20, 40, will show up closed or maybe filtered
So while we only scanned the one public IP and one device on that IP, we can see the device that is behind the router.
But that is only possible because when we try to connect to a port on a router, the router is saying:
"Okay, this connection is trying to go to port 30, I have a configuration here that says that port 30 should go to Server 1 on that port, I will redirect the traffic to that server and then when I get the response from the server, I will redirect to the device that made the request"
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 5 years ago.
Improve this question
I want to set up a reverse proxy in my home network. The idea is to route traffic to correct port number based on subdomain in the request URL.
Example: I'm setting two subdomain A records on my domain: nas.mydomain.tld and wiki.mydomain.tld. Both A records point to my dedicated IP address at home. I want a reverse proxy that routes:
nas.mydomain.tld => 192.168.2.2:5001
wiki.mydomain.tld => 192.168.2.2:8090
Can this be done in e.g. my ASUS RT-AC55U router, or can I route all traffic to my file server and have a reverse proxy there route the traffic to correct IP addresses and ports?
From what I found out, the problem lies in that the functionality I want (multiple types of content retrieved from the same IP and port) cannot be done without some kind of middle-man; a reverse proxy server that fetches the content based on the URL and relays it.
Asus router: My ASUS RT-AC55U router doesn't have a reverse proxy server, at least not with standard firmware. I haven't researched if some unofficial kind of firmware contains a reverse proxy server for doing this. So the only option is to use a NAT record to route port 80 to a specific port. The downside is that it only supports one web service on the IP address.
Web hotel: Creating a rewrite in a .htaccess file on the web hotel of a registrar, but it will only redirect and not rewrite/mask URL. Otherwise, the registrar would need a reverse-proxy server to fetch the content from the web services to relay it. I don't think my current registrar supports this, and I can understand if they don't want to do it from a security standpoint.
Apache reverse proxy server: Apache supports this using the mod_proxy module and an entry in the conf file. More info on it here: https://httpd.apache.org/docs/2.4/vhosts/examples.html#proxy
CCProxy: CCProxy is definitely the easiest solution that I've found so far. It's a simple GUI application where you can add URL's, host names/IP addresses and ports, and the application takes care of the rest. Also has a very nice graphical representation of usage/bandwidth, and a graphical log of ongoing sessions. More info here: http://www.youngzsoft.net/ccproxy/
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 5 years ago.
Improve this question
I have a command-line application on linux that uses a specific port to talk to a remote server. Unfortunately, at work, that port is blocked.
I am able to connect my laptop via VNC to the network, and the laptop is on a wifi connection that does have port access to the remote server. I am able to ssh to my laptop from the secure network when it is connected.
Is there a way of using ssh port tunnelling to work around this? Can I port tunnel to my laptop and have my laptop act as a middle-man between the firewalled network and the remote server?
Many thanks.
If I understood you correct you can call ssh from where you are to reach your laptop. Then you should be able to do something like this:
ssh -f -N -L <local port>:<remote server ip or hostname>:<remote server port> <laptop ip or hostname>
This will create start a tcp listening port on the host where ssh originates that forwards to your remote host and port via the machine you ssh to.
Excerpts from https://man.openbsd.org/ssh
-L [bind_address:]port:host:hostport
-L [bind_address:]port:remote_socket
-L local_socket:host:hostport
-L local_socket:remote_socket
Specifies that connections to the given TCP port or Unix socket on the local
(client) host are to be forwarded to the given host and port, or Unix
socket, on the remote side. This works by allocating a socket to listen to
either a TCP port on the local side, optionally bound to the specified
bind_address, or to a Unix socket. Whenever a connection is made to the
local port or socket, the connection is forwarded over the secure channel,
and a connection is made to either host port hostport, or the Unix socket
remote_socket, from the remote machine.
Port forwardings can also be specified in the configuration file. Only the
superuser can forward privileged ports. IPv6 addresses can be specified by
enclosing the address in square brackets.
By default, the local port is bound in accordance with the GatewayPorts
setting. However, an explicit bind_address may be used to bind the
connection to a specific address. The bind_address of “localhost” indicates
that the listening port be bound for local use only, while an empty address
or ‘*’ indicates that the port should be available from all interfaces.
-f
Requests ssh to go to background just before command execution. This is
useful if ssh is going to ask for passwords or passphrases, but the user
wants it in the background. This implies -n. The recommended way to start
X11 programs at a remote site is with something like ssh -f host xterm.
If the ExitOnForwardFailure configuration option is set to “yes”, then a
client started with -f will wait for all remote port forwards to be
successfully established before placing itself in the background.
-N
Do not execute a remote command. This is useful for just forwarding ports.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 10 months ago.
Improve this question
I've searched extensively on this topic, yet I'm still confused about what exactly a 'port' is.
I know what it is 'conceptually', and I know that there are many different ports, and that some numbers, like 80 are reserved for certain uses, and I know that by typing in the 'netstat' commands in the CMD I can check if they are in use.
But I still don't understand what a port is. Does it 'physically' exist on my computer? Because all I see is one Ethernet connection line that I plug in, not some 6000 different ports that do different things.
And I don't really get how it's got to do with my internet browser. When I click on my 'Chrome.exe.' icon, does that 'open' the 80 -number port?
To reach a service on any networked computer you need to know 3 parameters. Some of them you provide explicitly and some of them are deduced by operating system implicitly. The three parameters are IP Address, Protocol, Port number. So any running service can be uniquely described by a combination of these three numbers.
Imagine, that we did not use port numbers. That would mean that on each computer we could have only one service using any of the protocols. So a web server could only serve HTTP protocol, mail server could only provide SMTP services and so on.
Usage of ports allows us to multiplex services on same computer. A port number is nothing more than a number, indicating what service should get a data packet. So we can have HTTP server, SMTP server and SSH server all running on a same computer and all using same protocol - namely TCP.
Also, these ports have nothing to do with a physical ports you see on your computer. Once again - they are just a number, allowing to distinguish which service (i.e. program) should receive which packet.
For example when I enter www.stackoverflow.com in my web-browsers address bar, my OS sends a HTTP request to {IP:104.16.34.249, Proto: TCP, Port: 80}. How does it know these numbers? IP address is resolved from the host name using the DNS protocol. Web browser is running HTTP protocol, which is using TCP. Port 80 is default port for HTTP. Behind the scenes, each packet will have destination address IP set to the above value and TCP payload will have destination port set to 80. On the SO computer, there will be a web-server running, which is listening for data received on port 80 and replies to my packet.
A port number is a 16-bit unsigned integer, thus ranging from 0 to 65535. For TCP, port number 0 is reserved and cannot be used, while for UDP, the source port is optional and a value of zero means no port.
A process associates its input or output channels via an Internet socket, which is a type of file descriptor, associated with a transport protocol, an IP address, and a port number. This is known as binding.
A socket is used by a process to send and receive data via the network. The operating system's networking software has the task of transmitting outgoing data from all application ports onto the network, and forwarding arriving network packets to processes by matching the packet's IP address and port number to a socket. For TCP, only one process may bind to a specific IP address and port combination.
Common application failures, sometimes called port conflicts, occur when multiple programs attempt to use the same port number on the same IP address with the same protocol.
https://en.wikipedia.org/wiki/Port_(computer_networking)
For short, ports are just logical numbers (not exists physically) related to services (or server software) whats are running above the operating system (ftp server, web server etc). When there is an incoming connection (or any traffic) addressed to a specific port, the OS can forward the traffic to the proper service for handling.
By default browsers are addressing the given site with port number 80 so
http://www.randomsite.com and http://www.randomsite.com:80 are identical.
If you request something from the internet then it has to send data to your request but the data is been sent in the form of data packets and the server needs some address to where it has to send the data packets and here comes the role of IP address.
An IP address identifies a machine in an IP network and is used to determine the destination of a data packet.
So the data will reach to your system or computer but still it doesn't know which application it has to send the data so here we use port number to identify the applications.
Port numbers identify a particular application or service on a system.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
I am working on a simple Node.js app. This requires a particular port to be open. For example if I want the app to listen to port (say) 5122, I will have to first open the port 5122. For this I have applied the following rule in my iptables
iptables -I INPUT 3 --proto tcp --dport 5122 -j ACCEPT
service iptables save
Initially this worked for me. But suddenly after some it stopped working.
I now, wanted to check whether the port 5122 is really open or not. I issued the command
nmap -sT -O localhost
I don’t see any such ports listed here. But
sudo iptables -L shows it like this -
ACCEPT tcp -- anywhere anywhere tcp dpt:5122
ACCEPT tcp -- anywhere anywhere tcp dpt:5122
I see this line 2 times. Still confused! No idea.
I now opened the following url http://www.yougetsignal.com/tools/open-ports/ and entered my host IP and Port and it says, Port 5122 is closed on 50.56.246.162 (which is my host IP)
My question is how do I permanently keep a particular port open for listening.
Any help would be highly appreciated.
You need to start running your application (using that port number) for the port to appear as open. As soon as it starts running and successfully listening on Port 5122, a local nmap scan will list that port as being open.
You only need to modify firewall rules once your application works to your satisfaction and you want to allow access to it from external host(s).
The output of iptables -L shows that your iptables command has
successfully modified the firewall rules to allowed external access to your application. In fact, it looks like you inserted the rule twice; this doesn’t do any harm as the second rule won’t be processed.
Explanation
By default, all TCP and UDP ports are closed (not in a listening state). Only when a server or similar program opens a network socket and starts “listening” to a port number will that port appear to be open.
E.g., running nmap -sT localhost locally on my server shows that most ports are closed and only lists the ones that are open:
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00019s latency).
rDNS record for 127.0.0.1: localhost.localdomain
Not shown: 995 closed ports
PORT STATE SERVICE
25/tcp open smtp
80/tcp open http
3306/tcp open mysql
A firewall such as Netfilter / iptables can be used to selectively block
access to ports whether they’re already open or not. In this case, those ports are considered to be filtered – though confusingly, some people and websites refer to filtered ports as being “closed” and the act of removing the firewall filter as “opening” a port.
E.g. running nmap -sT server.name on the same server from an external host reports different results since now the packets from the remote host are being filtered by the firewall:
Interesting ports on server.name (78.47.203.133):
Not shown: 1679 filtered ports
PORT STATE SERVICE
80/tcp open http
Note that locally, ports 25 and 3306 are open but from an external perspective they are shown as being filtered.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 13 years ago.
Improve this question
Ok, computers have ports for applications to transfer data from the outside world into a firewall and then into a computer.
Then how does firefox and internet explorer use the same port on the same computer?
And why can't we use port 80 to pass all traffic from all places into the computer.
So why do we need specific ports?
It's not the ports on local that are important generally. It's the remote ports.
So when you open a browser and go to a site, you are establishing a connection from a (somewhat) random port on your end, to port 80 on the server end. The server responds back to you on the same connection. Web servers use TCP/IP, so this is what is called and established connection. If you were to go look at netstat -an on the server you connected to during web traffic, that is exactly what you would see:
tcp 0 0 ::ffff:192.168.1.223:22 ::ffff:192.168.1.230:2369 ESTABLISHED
That line says that my local machine has established a connection to my remote machine on port 22. My local machine picked a random outgoing port of 2369 to make this connection.
In this case, this is an ssh connection to my webserver in the basement.
Ports that servers should use for a particular service are listed here, but if you are going to control both ends of the connection, there is nothing stopping you from running a webserver on port 8383 if you wanted to. Just don't expect anyone else to get to it without you telling them about it. (or it being found in a port scan).
If you were running a webserver on your computer, it would open port 80 and listen for connections. Only one service can be LISTENing per IP address, so you couldn't run two web servers at once. Same thing if you then connected to your local webserver. You'd open a random local port and connect to your local port 80 on the same IP.
The opening the random local port is what allows you to have multiple local connections to a known remote port like 80.
There are 65536 ports available so it's unlikely you will ever run out, but many have 'well known' usages and are therefore avoided for your end of the connection. Generally everything above 1023 is fair game though. ( All services which require any kind of priviledge run on ports below 1023 )
This is a TCP/IP connection. TCP/IP has internal language to ensure the reliable delivery of information and does a handshake at the open of every connection to ensure the data can be transmitted.
Another common type of connection would be UDP. UDP does not establish a connection and is therefore a bit faster and has lower latency, but the programs that use it must be able to loose information and still work. It's basically a send off the data and pray protocol. Many online games work this way.
Each connection has a source and destination port. This is what allows you to have multiple connections from your machine to (say) a web server running on port 80. Connections are uniquely identified by SourceIP:SourcePort and DestIP:DestPort.
So in your example, Firefox and IE will be using the same port on the remote web server (port 80), but will have a different ports on your machine to tell them apart.
Try running netstat in a command prompt to see current connections.
ports can be used for anything, but there are conventions of the protocols to expect on certain ports.
and you can use 80 for other functions, some people do that as a simple way of bypassing firewalls...
however, only 1 application can be listening on a port.
Some netstat output can show you what's going on:
C:\Temp> netstat -an
TCP 192.168.XXX.150:1493 74.125.45.100:80 ESTABLISHED
TCP 192.168.XXX.150:1504 69.59.196.213:80 ESTABLISHED
TCP 192.168.XXX.150:1507 74.125.91.138:80 ESTABLISHED
TCP 192.168.XXX.150:1510 65.55.11.162:80 ESTABLISHED
TCP 192.168.XXX.150:1518 69.59.196.211:80 ESTABLISHED
TCP 192.168.XXX.150:1519 69.59.196.216:80 ESTABLISHED
TCP 192.168.XXX.150:3711 64.208.186.96:80 CLOSE_WAIT
Note that the 192.168.XXX.150 address is my computer's address on my home network. The 4 digit numbers following the IP address are the local port my computer is using to communicate with port 80 on a bunch of different servers.