Re: what is the default firewall on a fresh install of Debian7 arm on a pogop0lugE02
On Wed, 24 Apr 2013 20:52:33 +0300
Timo Juhani Lindfors <timo.lindfors@iki.fi> wrote:
> Richard Bown <richard@g8jvm.info> writes:
> > whats the default firewall mechanism on a fresh install of wheezy on a
> > pogoplugE02.
>
> There is no firewall.
>
> > I ran webmin and while the daemon was running port 10000 was open, on a reboot that was closed
> > again.
>
> How did you determine this?
>
>
By running nmap:-
and at this point motion was active, and webmin was not active.
This is with ufw running as well .
[richard@localhost ~]$ sudo nmap -vv -p1-20000 -sS 192.168.101.13
Starting Nmap 6.25 ( http://nmap.org ) at 2013-04-24 19:07 BST
Initiating ARP Ping Scan at 19:07
Scanning 192.168.101.13 [1 port]
Completed ARP Ping Scan at 19:07, 0.01s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 19:07
Completed Parallel DNS resolution of 1 host. at 19:07, 0.02s elapsed
Initiating SYN Stealth Scan at 19:07
Scanning 192.168.101.13 [20000 ports]
Discovered open port 22/tcp on 192.168.101.13
Discovered open port 631/tcp on 192.168.101.13
Completed SYN Stealth Scan at 19:08, 41.76s elapsed (20000 total ports)
Nmap scan report for 192.168.101.13
Host is up (0.0016s latency).
Scanned at 2013-04-24 19:07:45 BST for 42s
Not shown: 19995 filtered ports
PORT STATE SERVICE
22/tcp open ssh
631/tcp open ipp
8080/tcp closed http-proxy
8081/tcp closed blackice-icecap
10000/tcp closed snet-sensor-mgmt
MAC Address: 00:25:31:04:97:78 (Cloud Engines)
Read data files from: /usr/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 41.89 seconds
Raw packets sent: 40027 (1.761MB) | Rcvd: 1633 (186.864KB)
root@Pogopig:/etc# ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing)
New profiles: skip
To Action From
-- ------ ----
22/tcp ALLOW IN Anywhere
8080/tcp ALLOW IN Anywhere
8081/tcp ALLOW IN Anywhere
631/tcp ALLOW IN Anywhere
10000/tcp ALLOW IN Anywhere
22/tcp ALLOW IN Anywhere (v6)
8080/tcp ALLOW IN Anywhere (v6)
8081/tcp ALLOW IN Anywhere (v6)
631/tcp ALLOW IN Anywhere (v6)
10000/tcp ALLOW IN Anywhere (v6)
And this is with ufw diabled so the port should be open
Starting Nmap 6.25 ( http://nmap.org ) at 2013-04-24 19:14 BST
Initiating ARP Ping Scan at 19:14
Scanning 192.168.101.13 [1 port]
Completed ARP Ping Scan at 19:14, 0.01s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 19:14
Completed Parallel DNS resolution of 1 host. at 19:14, 0.02s elapsed
Initiating SYN Stealth Scan at 19:14
Scanning 192.168.101.13 [20000 ports]
Discovered open port 22/tcp on 192.168.101.13
Discovered open port 631/tcp on 192.168.101.13
Completed SYN Stealth Scan at 19:14, 3.88s elapsed (20000 total ports)
Nmap scan report for 192.168.101.13
Host is up (0.0058s latency).
Scanned at 2013-04-24 19:14:16 BST for 4s
Not shown: 19998 closed ports
PORT STATE SERVICE
22/tcp open ssh
631/tcp open ipp
MAC Address: 00:25:31:04:97:78 (Cloud Engines)
Read data files from: /usr/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 4.03 seconds
Raw packets sent: 20013 (880.556KB) | Rcvd: 20001 (800.036KB)
With no firewall enable ports especially where Motion is running and using ports 8080 & 8081 /tcp
should be open.
But they are not.
Something else is holding those ports shut.
--
--
Best wishes / 73
Richard Bown
Email : richard@g8jvm.info
HTTP :http://www.g8jvm.info
nil carborundum a illegitemis
##################################################################################
Ham Call G8JVM . OS Fedora FC18 x86_64 on a Dell Inspiron N5030 laptop
Maidenhead QRA: IO82SP38, LAT. 52 39.720' N LONG. 2 28.171 W ( degs+mins )
QRV VHF 6mtrs 200W, 4 mtrs 150W, 2mtrs 350W, 70cms 200W
Microwave 23 cms 140W, 13 cms 100W, 6 cms 0W & 3cms 5W
##################################################################################
Please do not use the e-mail address of richard@g8jvm.com
Mail hosted by 1and1, Domain screwed up by 1and1 and Freeparking
Reply to: