nmap: nping echos to stderr - node.js

On macOS High Sierra, nping is available via brew install nmap and it works:
nping --tcp-connect --count=1 --dest-port=443 8.8.8.8
Starting Nping 0.7.70 ( https://nmap.org/nping ) at 2018-04-04 18:46 PDT
libnsock mksock_bind_addr(): Bind to 0.0.0.0:0 failed (IOD #1): Invalid argument (22)
SENT (0.0030s) Starting TCP Handshake > 8.8.8.8:443
RCVD (0.0166s) Handshake with 8.8.8.8:443 completed
Max rtt: 13.790ms | Min rtt: 13.790ms | Avg rtt: 13.790ms
TCP connection attempts: 1 | Successful connections: 1 | Failed: 0 (0.00%)
Nping done: 1 IP address pinged in 0.02 seconds
nping --version
Nping version 0.7.70
Note the line echoed to stderr by macOS:
libnsock mksock_bind_addr(): Bind to 0.0.0.0:0 failed (IOD #1): Invalid
argument (22)
Any clever npingers able to explain how to fix this?

You need to run the command with root privilege. Try this:
sudo nping --tcp-connect --count=1 --dest-port=443 8.8.8.8

Related

MinIO HTTPConnectionPool [Errno -2] Name or service not known

Goal: run Python program with MinIO access.
I can login via. Browser, and can upload/ edit files and am disconnected from VPN.
Ubuntu WSL can't see any sockets, such as my VPN when connected.
Powershell:
PS C:\> wsl -l -v
NAME STATE VERSION
* Ubuntu Stopped 1
Terminal:
(sdg) me#PF2DCSXD:/mnt/c/Users/me/Documents/GitHub/foo$ poetry run python -m sdg healthcare
Program started
Getting categories from Minio. Bucket: my-bucket
An exception of type MaxRetryError occurred. Arguments:
("HTTPConnectionPool(host='CENSORED.com', port=9000): Max retries exceeded with url: /my-bucket?location= (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7fa1083cca00>: Failed to establish a new connection: [Errno -2] Name or service not known'))",)
Make sure to pass in a valid path or an array of categories
(sdg) me#PF2DCSXD:/mnt/c/Users/me/Documents/GitHub/foo$ wget CESNORED.com
--2022-02-17 13:15:39-- http://CENSORED.com:9001/
Resolving CENSORED.com (CENSORED.com)... failed: Name or service not known.
wget: unable to resolve host address ‘CENSORED.com’
(sdg) me#PF2DCSXD:/mnt/c/Users/me/Documents/GitHub/foo$ ss -s
ss: get_sockstat: No such file or directory
ss: get_snmpstat: No such file or directory
Total: 0
TCP: 0 (estab 0, closed 0, orphaned 0, timewait 0)
Transport Total IP IPv6
RAW 0 0 0
UDP 0 0 0
TCP 0 0 0
INET 0 0 0
FRAG 0 0 0
It fails to connect.
"Make sure to pass in a valid path or an array of categories"
Updated wsl.conf:
$ cat etc/wsl.conf
[network]
generateResolvConf = false
Powershell:
PS C:\Users\me> ipconfig /all
Windows IP Configuration
DNS Servers . . . . . . . . . . . : X.X.X.X
Copy the DNS IPv4.
Bash:
sudo nano /etc/resolv.conf
Type in nameserver X.X.X.X and save.
Powershell:
PS C:\Users\me> wsl.exe --shutdown
Open up Bash again:
wget <url>
Sources:
WSL2 - VPN Fix
Write to resolv.conf

netstat gives 1 as PID for all ssh connections

In my custom linux image using netstat 1.42 (2001-04-15) from the package net-tools 1.60 I am seeing different behaviors for different linux versions..
On Linux 5.4.28:
# netstat -tnp | grep ESTABLISHED
tcp 0 0 <local_ip>:22 <client_ip>:14321 ESTABLISHED 29342/1
tcp 0 40 <local_ip>:22 <client_ip>:22470 ESTABLISHED 28443/0
On Linux 5.10.65:
# netstat -tnp | grep ESTABLISHED
tcp6 0 52 <local_ip>:22 <client_ip>:22470 ESTABLISHED 1/init
tcp6 0 52 <local_ip>:22 <client_ip>:33679 ESTABLISHED 1/init
The thing to note here is that on Linux 5.10, netstat shows PID as 1 and process as init for all ssh sessions. But in older linux, I am seeing correct PIDs for all ssh sessions. I need to know the client_ip and the PID for every ssh session so I can kill the session for whichever client I want.
From online searches, I could not figure out any fixes.
One alternative that I can see till now is using who to get this output:
# who
root pts/1 00:00 Jan 12 07:16:19 <client_ip>
root pts/2 00:03 Jan 12 08:21:07 <client_ip>
grep this with client_ip then use ps and grep that with the second column, like ps | grep pts/1 for first client.
Is there anything I can do to netstat to fix this though? Because netstat also give the client port which is useful for me.

Tunnel Gre problem between two hosts (vps and dedicated server)

Hello guys i need to resolve this problem (all server have installed centos 7): i'm trying to create a gre tunnel through vps (in Italy - OpenVZ) and a dedicated server (in Germany), but they do not communicate internally (ping and ssh command tests). Next i create a gre tunnel trought vps (in Italy - OpenVZ) and vps (in France - KVM OpenStack) and their communicate, i next i had create a tunnel trought vps (in France - KVM OpenStack) and a dedicated server (in Germany) their communicate. I can not understand why the vps (in Italy - OpenVZ) and the dedicated server (in Germany) do not communicate, ideas on how I can fix (
I also tried with iptables disabled, firewalld is not enable)? Thanks
In other words:
In other attempts (by this i mean that i managed to successfully create the GRE Tunnel between these machines):
The VPS (in France) and VPS (in Italy) communicate internally (ping and ssh command tests)
The VPS (in France) and Dedicated Server (in Germany) communicate internally (ping and ssh command tests)
Problem (by this i mean that i could not successfully create the GRE Tunnel between these machines):
The VPS (in Italy) and Dedicated Server (in Germany) do not communicate internally (ping and ssh command tests). I also asked hosting services if they had any restrinzione but nothing.
My configuration:
VPS command for tunnel:
echo 'net.ipv4.ip_forward=1' >> /etc/sysctl.conf
iptunnel add gre1 mode gre local VPS_IP remote DEDICATED_SERVER_IP ttl 255
ip addr add 192.168.168.1/30 dev gre1 ip link set gre1 up
Dedicated server command for tunnel:
iptunnel add gre1 mode gre local DEDICATED_SERVER_IP remote VPS_IP ttl 255
ip addr add 192.168.168.2/30 dev gre1
ip link set gre1 up
[root#VPS ~]# ping 192.168.168.2
PING 192.168.168.2 (192.168.168.2) 56(84) bytes of data.
^C
--- 192.168.168.2 ping statistics ---
89 packets transmitted, 0 received, 100% packet loss, time 87999ms
[root#DE ~]# ping 192.168.168.1
PING 192.168.168.1 (192.168.168.1) 56(84) bytes of data.
^C
--- 192.168.168.1 ping statistics ---
92 packets transmitted, 0 received, 100% packet loss, time 91001ms
[root#VPS ~]# tcpdump -i venet0 "proto gre" tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on venet0, link-type LINUX_SLL (Linux cooked), capture size 262144 bytes ^C 0 packets captured 1 packet received by filter 0 packets dropped by kernel
[root#DE ~]# tcpdump -i enp2s0 "proto gre" tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on enp2s0, link-type EN10MB (Ethernet), capture size 262144 bytes ^C 0 packets captured 0 packets received by filter 0 packets dropped by kernel
[root#VPS ~]# lsmod | grep gre
ip_gre 4242 -2
ip_tunnel 4242 -2 sit,ip_gre
gre 4242 -2 ip_gre
[root#DE ~]# lsmod | grep gre
ip_gre 22707 0
ip_tunnel 25163 1 ip_gre
gre 13144 1 ip_gre
Console image with full command output
If ip_forwarding is required for the tunnel to work, you need to do /sbin/sysctl -p
And what does the output of ip tunnel show and ip route show on both the ends

Web page not reachable

I am installing a Musicbox Frontend on a Debian Server.
Everything works on the local server, by accessing 127.0.0.1:6680.
On other machines in the same subnet i can't reach this webpage by using 192.168.0.50:6680
I added the port to the ip-table, i have this output:
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:6600
ACCEPT tcp -- anywhere anywhere tcp dpt:6680
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:6680
ACCEPT tcp -- anywhere anywhere tcp dpt:6600
When i use nmap to inspect the ports, the port doesn't seem to be reachable
Starting Nmap 6.47 ( http://nmap.org ) at 2015-02-08 03:32 Romance Standard Time
NSE: Loaded 118 scripts for scanning.
NSE: Script Pre-scanning.
Initiating ARP Ping Scan at 03:32
Scanning 192.168.0.50 [1 port]
Completed ARP Ping Scan at 03:32, 0.13s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 03:32
Completed Parallel DNS resolution of 1 host. at 03:32, 0.02s elapsed
Initiating SYN Stealth Scan at 03:32
Scanning 192.168.0.50 [1000 ports]
Discovered open port 22/tcp on 192.168.0.50
Discovered open port 3389/tcp on 192.168.0.50
Completed SYN Stealth Scan at 03:32, 0.21s elapsed (1000 total ports)
Initiating Service scan at 03:32
Scanning 2 services on 192.168.0.50
Completed Service scan at 03:33, 6.01s elapsed (2 services on 1 host)
Initiating OS detection (try #1) against 192.168.0.50
NSE: Script scanning 192.168.0.50.
Initiating NSE at 03:33
Completed NSE at 03:33, 1.12s elapsed
Nmap scan report for 192.168.0.50
Host is up (0.0023s latency).
Not shown: 998 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 6.0p1 Debian 4+deb7u2 (protocol 2.0)
3389/tcp open ms-wbt-server xrdp
MAC Address: XXXXXXXXXXXX
Device type: general purpose
Running: Linux 3.X
OS CPE: cpe:/o:linux:linux_kernel:3
OS details: Linux 3.11 - 3.14
Uptime guess: 0.031 days (since Sun Feb 08 02:47:48 2015)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=262 (Good luck!)
IP ID Sequence Generation: All zeros
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
TRACEROUTE
HOP RTT ADDRESS
1 2.27 ms 192.168.0.50
the Musicbox listen address is 127.0.0.1:6680? if so you can't reach this webpage by using 192.168.0.50:6680, you can inspect it by using netstat -anop | grep 6680

NTPD on arm box version 4.2.6p5

i have managed to cross compile ntpd 4.2.6p5 for my arm box. I have a custom toolchain provided by the manufacturer.
Box is running busybox + some variant of debian linux.
So I have no installation of ntp and did a manual copy, created a conf file for the ntpd and tried to run it.
ntpd always returns this when in debug mode:
~/ntp # ./ntpd -c ntp.conf -d
ntpd 4.2.6p5#1.2349 Mon Apr 7 19:58:25 UTC 2014 (1)
9 Apr 07:39:44 ntpd[3592]: signal_no_reset: signal 13 had flags 4000000
9 Apr 07:39:44 ntpd[3592]: proto: precision = 91.000 usec event at 0 0.0.0.0 c01d 0d
kern kernel time sync enabled
Finished Parsing!!
9 Apr 07:39:44 ntpd[3592]: ntp_io: estimated max descriptors: 1024, initial socket
boundary: 16
9 Apr 07:39:44 ntpd[3592]: Listen and drop on 0 v4wildcard 0.0.0.0 UDP 123
9 Apr 07:39:44 ntpd[3592]: unable to bind to wildcard address :: - another process
may be running - EXITING
before that I had to add into /etc/services also
ntp 123/udp
my ntp.conf looks like:
~/ntp # cat ntp.conf
server 193.2.4.6
server 193.2.4.2
driftfile ntp.drift
So I have checked netstat and nothing is running on port 123, no ntpdate etc...
~/ntp # netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.3.1 0.0.0.0 UG 0 0 0 eth0
192.168.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
~ # netstat -a | grep 123
~ #
Therefore it must be something with the config, or this arm box does not have something configured...
Oh and running manually ntpdate works:
~/ntp # ./ntpdate 193.2.4.6
9 Apr 07:49:16 ntpdate[3614]: step time server 193.2.4.6 offset -0.755704 sec
~/ntp #
So yes i could use ntpdate in cron, but this is not my intent!
Any idea?
Thank you and best regards!
The following error indicates that ntp had trouble binding to the ipv6 wildcard:
9 Apr 07:39:44 ntpd[3592]: unable to bind to wildcard address :: - another process
may be running - EXITING
I think your problem is ipv6 but it is hard to tell because your diagnosticinformation was not very good. Your netstat -a |grep 123 command is useless because netstat would substitute ntp for port 123. Try it again with:
netstat -a -n | grep 123
Along those lines netstat -rn only works with ipv4, try it again with -6:
netstat -r -n -6
Your test ntpdate used an ipv4 host. Does your server support ipv6? What happens when you run:
$ sntp -d -6 time.nist.gov
I used sntp because I do not know if ntpdate has a -6option and sntp does.

Resources