I'm trying to connect to a mobile host connected over a 3G cell router from linux with
ssh root#74.198.25.XXX -p 2200
and all I immediately get is (doesn't even seem to run into a timeout)
ssh: connect to host 74.198.25.220 port 2200: Network is unreachable
However, when I try the same IP on port 2200 with putty on Windows, it presents my with the password prompt just fine as I'd expect.
What's going on here, do I need to increment my ssh timeout period to get this going or what?
Thank you,
Ron
Network unreachable implies the following:
The host is not on your local network
The network the host is on is not reachable from your local network
The reason for this could be many, but things to check would be:
Ensure that the device you're connecting from has a proper network connection
Ensure that the device you're connecting from has a proper gateway setup
Ensure that the device you're connecting from has a route leading to the target (Normally sorted by the abvoe)
Ensure that there's nothing between you and the target device firewalling port 2200
Related
I've been coding a port scanner in Rust, and for detecting open ports what I do is create a TcpStream and try to connect to different ports on a given host to see if it allows the connection.
The problem I'm having is that when the connection fails, the OS (Linux) returns one of three codes:
101 - It is displayed if network is unreachable.
111 - It is displayed if connection is refused.
113 - It is displayed if there is no route to host.
And I've been looking for in-depth explanations of each error and what causes them, but I just find the same text over and over again.
Network unreachable → most likely explanation is that your computer is not connected to any network (Wi-Fi down, ethernet unplugged, …)
Connection refused means that you were able to reach the target computer, but that it refused the connection → no application is listening on the requested port on the other computer, or the firewall blocked the connection.
No route to host means that you were unable to reach the target computer. Either it is off, or there is a problem somewhere in the network between your computer and the target.
Well I'm running ssh server on my laptop which I'm portforwarding to my router and I assume that I can now connect through my routers ipv4 and port in order to tunnel back to my laptop but it doesn't work like that does it.
Can someone explain to me what I need to do in order to make this work. Simply please I don't want to get confused and I know this is a noob question but I went straight to other things instead of learning some basics and now I'm feeling the consequences lol.
Depends from where do you want to access your laptop. If it's just from your local network or LAN, you don't need to setup anything on the router. If, however, you want to access it from the internet, you need to setup port forwarding on the router, but probably also set it up with your ISP.
SSH server setup
SSH server normally runs on port 22 (SSH port). At first your laptop's firewall blocks all incoming traffic! So in order allow people to access your laptop through SSH, you need to tell your firewall to allow incoming traffic on port 22. Also, if you haven't already, set a static IP on your laptop so that you can configure the router for port forwarding and access your laptop easily. And make sure to exclude the static address from the DHCP range (so that your router doesn't your static IP to another device).
LAN connection
In case of SSH connection only on your local network, all you need is the local IP of your laptop. That's it.
WAN connection (internet)
So first, of course, you need to enable port forwarding on your router and specify the port 22 and your laptop's local IP address. But you need to know how are you connected to the internet. Because, ISP's can have an intermediate layer (or layers) network. And this network eventhough is way bigger than you home network is still a private network, and uses private IP addresses. So in order to access your laptop through the internet, you have to talk to your ISP. And the final public IP is the one you would need to access the SSH server.
I got a notification from my kaspersky antivirus on my windows 10 (which is always on)
Apparently, there was a port scan and it was blocked.
User: NT AUTHORITY\SYSTEM
User type: System user
Component: Network Attack Blocker
Result description: Blocked
Name: Scan.Generic.PortScan.TCP
Object: TCP from 104.152.52.xxx at 192.168.0.10:1701
Additional: 192.168.0.10
Databases release date: Yesterday, 1/19/2022 12:34:00 PM
192.168.0.10 is a virtual machine running debian; I have UFW on this debian and port 1701 is not in any UFW rules. (so it's not allowed)
I have done a grep on the ports of the debian VM using: sudo netstat -tulpn | grep 1701 Found nothing
I assume the port scan has been done on all the machines in my network?
How can I find out where the scan comes from?
What are the consequences? What should I do next?
So from what i understand of what you published, 104.152.52.xxx made a scan. What's odd is how could he effectively reach your machine at 192.168.0.10, so i believe you have port forwarding enabled on your router. *-{see edit}
I also assume that the IP address of your VM is bind directly to your home network 192.168.0.0\24 (and not in a sub network on Windows 10). So your router should be accessible at 192.168.0.1 (or 192.168.0.254 sometimes)
Consequences of a scan ?
most likely, none, except if you have some port opens, kaspersky blocked the 1701, but probably other ports have been scanned. So verify the configuration of your router
Is it normal ?
Yes. Every device accessible from internet is constantly scanned. Always.
What to do next ?
Make sure no port-forwarding is enabled on your router
If port forwarding is enable, and needed. Make sure the software behind it is secured and up to date. if you have a password access, the password should be strong. If you have an SSH server, deactivate the authentication by password and activate the authentication by public key.
== EDIT ==
Other possibility than port forwarding and seems to be the answer:
If the VM is in a DMZ, then all unassigned ports on the router may be (depends on the router) redirected to the VM, therefore, a scan on the public ip address, would result on a scan on the VM.
I have two Azure VMs I set up to test a program I made. The program is to be run on both VMs, where synchronous operations are performed, requiring the VMs to communicate with eachother on different ports using TCP protocols. To access my Azure VMs, I SSH'd into them on port 22 using Putty on my local machine. The VMs are on the same subnet, and I am trying to get them to communicate with eachother via their public IP. I have set up both VMs inbound rules to accept messages from eachother on any port, using any protocol here is an example of this.
During the execution of my program, I encounter the following error "Unable to connect to remote host: Connection refused". After this, I did some investigating. First, I had both VMs ping eachother, which they successfully did. Then, on both VMs, I ran the command "telnet other.ip 22", where other.ip is the other VMs public IP. This seems to work, as seen in this image. When I run "telnet other.ip 6000", or any other port besides 22 for that matter, I get the same error of "Unable to connect to remote host: Connection refused". My rational is that if I can get the "telnet" command running on any port, that my program will likely work too.
I am not too sure what my issue could be at this point, and my internet searches have not helped me. I doubt there is an issue of a port being backlogged with communication requests given my current inbound rules. Also, I did try to change my inbound rules so that my VMs would receive messages on any port, using any protocol, from any source, which resulted in the same error (I then changed it back from 'any source' to only my other VMs public IP for security purposes).
According to your description, you may check two points:
If there is any firewall inside the VM that is blocking the connection from the external network with port 6000. For example, if you are using Ubuntu VM, you can refer to How to Set Up a Firewall with UFW on Ubuntu 18.04. Then disable the firewall with the command sudo ufw disable or add a firewall rule to verify this.
Run the command on Linux to see open ports. sudo netstat -tulpn | grep LISTEN. You should see port 6000 in the output. If not, it might mean that your program is not started well.
Let me know if you have any concerns.
Check your firewall rules. If your organization tent to use firewall then add port 6000 in inbound and outbound chain.
you can connect the remote host with port number only when it is in listening state.
sudo netstat -tulpn | grep LISTEN.
I have a server connected to the network with the ip 192.168.xxx.xxx. I can ping the ip but when i try to access from the browser to the server's localhost, obviusly with the IP, i can't.
What is wrong??
UPDATE!!
There was a network error... not configuration!! Thanks for help! Problem solved!
Check if the port you are trying to connect is open. If it is not, you have to bring up the port first, Example: if you are trying to run an app from tomcat, start tomcat first,
There are multiple reasons why this would happen:
The server is not set up to receive incoming connections. Check your firewall settings
The server isn't publicly visible (Meaning the server will appear to a ping, but all the ports are closed
The server isn't able to make outbound connections, again, check the firewall.
To test ports, either port forward, or put the server in to a DMZ (All ports are open)
Manually attempt a file transfer or another service by using ftp <IP of server>:<port number eg 21) or an SSH tunnel. If the FTP passes, then the HTTP port of the server may be down (port 80/8080).
Verify the router interconnecting your PC and the server isn't restricting local peer crosstalk.