How to using telnet to test fix protocol? - protocols

I am sending a Logon request in telnet:
$ telnet example.com
Trying example.com...
Connected to example.com
Escape character is '^]'.
8=FIX.4.4 9=103 35=A 49=Q142 56=XCD1 34=221 52=20170929-09:36:39 98=0 108=30 553=primexm_hgnh_uat_1_q 554=tVN84Y93THc5 10=023
Then I try to capture the request in Wireshark:
It alert me: the BeginString field is missing, what's the problem when using telnet for test fix protocol

Related

"curl" connection to ftp impossible : "500 ?"

I am trying to connect to my NAS FTP server from a raspberry pi using the command "curl". The connection use ssl encryption, so I am using the following command type:
curl --ftp-ssl <FTPSERVEUR>:21 --user "<USER>:<PASS>"
Unfortunately, I get :
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 10 allowed.
220-Local time is now 20:38. Server port: 21.
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 10 minutes of inactivity.
530 You aren't logged in
500 ?
500 ?
500 ?
500 ?
500 ?
And then nothing appends.
It seems that curl is even not able to transmit my ID to the server.. Do you have any idea of what is going on ?
Thank you in advance for your help.
You need to use the URL syntax, i.e. ftp://host.... Otherwise curl does not know which protocol to use and will assume the default, i.e http://.... What you see in the output is actually the result of sending a HTTP request to the FTP server on port 21: First you get the response of the FTP server to the TCP connect (welcome message) which is then followed by several error messages as the result of trying to interpret the lines in the HTTP request as FTP commands.

forticlientsslvpn doesn't work with a proxy on Cent OS 7

I'd like to use forticlientsslvpn on Cent OS 7 through a proxy but it doesn't work with a message "Can not connect to proxy" or "Can not resolve proxy address". I guess it needs some dependent libraries but I don't know them.
I downloaded the latest Forticlient SSLVPN 4.4.2329-1 64bit from here. (I installed it on debian then copied the forlder(/opt/forticlientsslvon) to the clean Cent OS 7.)
Both forticlientsslvpn CLI and GUI failed on the same error. This is the result of the cli command.
[root#cent7 /]# cd ~/forticlient-sslvpn/64bit/
[root#cent7 /]# ./forticlientsslvpn_cli --proxy 10.0.0.73:3128 --server 203.0.113.1:10443 --vpnuser myuser
Password for VPN:
STATUS::Setting up the tunnel
STATUS::Connecting...
NOTICE::Can not connect to proxy.
STATUS::Set up tunnel failed
SSLVPN down unexpectedly with error:2
Press Ctrl-C to quit
Clean up...
# Another proxy variable
[root#cent7 /]# ./forticlientsslvpn_cli --proxy http://10.0.0.73:3128 --server 172.17.97.85:10443 --vpnuser myuser
Password for VPN:
08/19/2016 18:19:26 [23461] can not resolve name http://10.0.0.73
Init SSLVPN error:Can not resolve proxy address
# Check the proxy connection
[root#cent7 /]# telnet 10.0.0.73 3128
Trying 10.0.0.73...
Connected to 10.0.0.73.
Escape character is '^]'. # OK
# Check DNS
[root#cent7 /]# nslookup 10.0.0.73
Server: 10.0.0.70
Address: 10.0.0.70#53
Non-authoritative answer:
73.0.0.10.in-addr.arpa name = dns.example.com.
Of cource my forticlient on windows in the same network works with the proxy to the server. And FireFox/wget on this Cent OS 7 server works with the proxy. Does anyone know anything about "Can not connect to proxy" error?
My IP was wrong and needed ip route add
Although the error message was "Can not connect to proxy", my destination forti IP was wrong. It was connected after I fixed it.
One more thing, I noticed a confusing point. I have two proxies like a socks proxy and a web proxy at this time. I knew ssl-vpn uses only web connections but I guessed forticlient might use ssh command during the connection. But it didn't. Forticlient_sslvpn needs only a web proxy so we just need to fill the proxy form of forticlient with a web proxy's url.
And one more thing. After I connected to ssl-vpn, it doesn't work perfectly because I can ping to internal server but not to DMZ(Of course my windows forticlient works well for both). I added ip route to DMZ and it started to work.
ip route add 192.168.3.0 via 10.0.0.5
I guessed this GW 10.0.0.5 is not the same everytime and every machine so I made the dynamic command.
ip route add 192.168.3.0/24 via $(ip route | grep 10.0.0 | awk '{print $3}' | head -1)
I hope this helps someone.

Available UDP port

I have a RedHat node behind central firewall and I would like to be able to check if the firewall guys have opened a port for me on which still nothing in listening. When I want to check that for TCP port I use telnet and I get:
When not opened:
[myname#78 ~]$ telnet myhost 4080
Trying myhostip...
telnet: connect to address myhostip: Connection refused
telnet: Unable to connect to remote host: Connection refused
[myname#78 ~]$
When opened:
[myname#78 ~]$ telnet myhost 4080
Trying myhostip...
Connected to myhost (myhostip).
Escape character is '^]'.
So how do I do that for an UDP port?
You can accomplish this using Netcat which you can install on RHEL with yum(1) using command yum install nc.
After you've installed Netcat, put it in listen mode on the receiving end ie. on the host you're trying to reach from outside world. You can do this with nc -l -u <your external I -address> 4080. This command will hang on your terminal and wait for any connections to port you specify on the command line.
Then connect from outside world, using Netcat again, but this time leave the -l out ie. use netcat -u <your external IP address> 4080. This command will also just sit there. Typing any input now should be visible on the receiving end Netcat. In case it is not, something blocks the traffic between two the two hosts.

Transparent Proxy Issue with SSL

I have a RHEL5 server in a private zone. I've set up a transparent proxy for ports 80 and 443. When I try a wget on 443, I get the following:
# wget -O- https://www.google.com
--2013-02-14 15:16:50-- https://www.google.com/
Resolving www.google.com... 74.125.129.147, 74.125.129.104, 74.125.129.106, ...
Connecting to www.google.com|74.125.129.147|:443... connected.
OpenSSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
Unable to establish SSL connection.
I assume the proxy works because it's connecting. I don't know what else could be causing this.
This OpenSSL error indicates that wget sent the initial SSL ClientHello message, but gets an unexpected response from the server (or proxy) which was not an SSL ServerHello message.
This can be because the proxy speaks plain HTTP with the client, instead of HTTPS, because of a configuration error (e.g. with squid if port 443 is redirected to a http_port instead of https_port with the transparent option), or because it does not support transparent proxying of SSL at all. To debug, you may try connecting to http://www.google.com:443/ to see what happens. To know what's going on, you might want to run tcpdump while connecting to see what the server responds with. Also check the error log of your transparent proxy.
Without the transparent proxy configuration it is hard to tell what the problem is.

How to allow curl via a local proxy?

According the the Charles Proxy configuration page, you can manually set up a proxy if you use your localhost with port 8080.
The syntax is curl --proxy localhost:8080 http://google.com/
However, this is not working for me. Here is my syntax and results - i'm also using the -v option for debugging:
curl -v --proxy localhost:8080 http://google.com/
* About to connect() to proxy localhost port 8080 (#0)
* Trying 127.0.0.1... Connection refused
* Trying ::1... Connection refused
* Trying fe80::1... Connection refused
* couldn't connect to host
* Closing connection #0
curl: (7) couldn't connect to host
I can connect to localhost:8080 in the web browser, and the results are logged in the proxy. However this is not working, the connecting is refused and nothing is logged.
So far I have also tried:
- executing this as root
- using 127.0.0.1 instead of localhost
- using wget instead of curl
- disabling the system firewall
What am I doing wrong? What else can I try?
I had some success using port 8888:
curl http://www.google.com --proxy 127.0.0.1:8888
Connection refused would suggest that nothing is listening on port 8080. Charles has to be running (and listening on port 8080) for curl to be able to use it as a proxy. That or you've got a firewall actively blocking that port, preventing anything from connecting.

Resources