|
[ _deran_ @ 18.02.2007. 12:07 ] @
[ vladared @ 18.02.2007. 13:58 ] @
definiši preko iptables da ti je port 22 otvoren...
[ _deran_ @ 18.02.2007. 14:05 ] @
nov sam u ovome pa ne znam kako :)
za http, ftp i neki moj program nisam morao da diram iptables a radi. [ Miroslav Strugarevic @ 18.02.2007. 19:00 ] @
Ovo su dva načina pomoću kojih možeš da utvrdiš da li je sshd up i da li "sluša" na port-u 22 kao što bi trebalo.
# ps aux | grep sshd # netstat -anp | grep 22 [ _deran_ @ 18.02.2007. 22:31 ] @
ispise:
zveri:/home/deran# ps aux | grep sshd root 14874 0.0 0.4 15152 2188 ? S 23:31 0:00 sshd: deran [priv] deran 14877 0.0 0.4 15160 2236 ? R 23:31 0:00 sshd: deran@pts/1 zveri:/home/deran# netstat -anp | grep 22 tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 4180/inetd tcp 0 52 192.168.0.1:22 192.168.0.2:1739 ESTABLISHED14874/sshd: deran [ unix 2 [ ACC ] STREAM LISTENING 8229 4771/gconfd-2 /tmp/orbit-deran/linc-12a3-0-1d69af6d10a7e unix 2 [ ACC ] STREAM LISTENING 6722 4013/dbus-daemon-1 /var/run/dbus/system_bus_socket unix 2 [ ACC ] STREAM LISTENING 29637 13922/firefox-bin /tmp/orbit-deran/linc-3662-0-3de33bd2a3a44 unix 3 [ ] STREAM CONNECTED 29640 13922/firefox-bin /tmp/orbit-deran/linc-3662-0-3de33bd2a3a44 unix 3 [ ] STREAM CONNECTED 29635 13922/firefox-bin unix 3 [ ] STREAM CONNECTED 29626 13922/firefox-bin unix 3 [ ] STREAM CONNECTED 8822 4776/bonobo-activat /tmp/orbit-deran/linc-12a8-0-766dc340caa8d unix 3 [ ] STREAM CONNECTED 8522 4727/x-session-mana unix 2 [ ] DGRAM 8224 4771/gconfd-2 zveri:/home/deran# [ Tyler Durden @ 19.02.2007. 08:23 ] @
Imaš li ti uopšte javnu IP adresu na toj mašini?
Jel taj računar prikačen direktno na net ili preko nekog gateway-a, rutera i sl.? [ _deran_ @ 19.02.2007. 09:09 ] @
imam fixni javni ip, a na net idem preko rutera TP-Link TL-R860 na kojem sam ukljucio DMZ ("...DMZ host forwards all the ports at the same time....") i to funkcionise jer mi radi apache i proftpd. dakle sa drugog racunara koji je na drugom provideru stranica se ucitava. http://85.222.164.67
[ Mitrović Srđan @ 19.02.2007. 10:20 ] @
Forwarduj port 22 na ruteru.
Ako zelis da vidis dal je service running Code: lsof -i :22 [ _deran_ @ 19.02.2007. 12:59 ] @
izgleda da je servis startovan
DMZ opcija na ruteru forwarduje sve portove. (probao sam i rucno da unesem port 22) [ Not now, John! @ 19.02.2007. 13:22 ] @
"iptables -L -v"?
[ _deran_ @ 19.02.2007. 13:40 ] @
imam 5 racunara u mrezi, taj sa debianom mi je gateway
zveri:/home/deran# iptables -L -v Chain INPUT (policy ACCEPT 29971 packets, 12M bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 19780 packets, 15M bytes) pkts bytes target prot opt in out source destination 15308 2157K ACCEPT all -- any any localnet/24 anywhere 19760 15M makina all -- any any anywhere 192.168.0.2 0 0 toshiba all -- any any anywhere 192.168.0.3 7 1761 mama all -- any any anywhere 192.168.0.4 0 0 vlado all -- any any anywhere 192.168.0.99 Chain OUTPUT (policy ACCEPT 28401 packets, 12M bytes) pkts bytes target prot opt in out source destination Chain makina (1 references) pkts bytes target prot opt in out source destination Chain mama (1 references) pkts bytes target prot opt in out source destination Chain toshiba (1 references) pkts bytes target prot opt in out source destination Chain vlado (1 references) pkts bytes target prot opt in out source destination zveri:/home/deran# [ Mitrović Srđan @ 19.02.2007. 13:45 ] @
Jel imas ti svoju javnu licnu ip adresu?
[ _deran_ @ 19.02.2007. 13:52 ] @
pa rekao sam, 85.222.164.67
radi http i ftp [ Mitrović Srđan @ 19.02.2007. 14:09 ] @
Da sorry.
220 ProFTPD 1.2.10 Server (Debian) [192.168.0.1] tek sad vidim. Code: C:\Documents and Settings\bl00dz3r0>telnet 85.222.164.67 22 Connecting To 85.222.164.67...Could not open connection to the host, on port 22: Connect failed nema firewalla? servis slusa na tom portu? probl moze biti samo do rutera. Proveri mozda sshd_config da nema deny na spoljasne hostove ili neka druga podesavanja. Postuj sshd_config Code: web:~# nmap -sV -p 22 85.222.164.67 Starting Nmap 4.00 ( http://www.insecure.org/nmap/ ) at 2007-02-19 15:13 CET Interesting ports on 85.222.164.67: PORT STATE SERVICE VERSION 22/tcp filtered ssh Znaci fw stoji ispred problem do rutera verovatno. [ _deran_ @ 19.02.2007. 14:26 ] @
fw na ruteru iskljucen
/etc/hosts.deny i /etc/hosts.allow prazni (probao sam i da dodam u hosts.allow) [ Tyler Durden @ 19.02.2007. 15:09 ] @
Aj još jednom meni za dušu uradi
netstat -natp | grep LISTEN i daj ovdje output. [ _deran_ @ 19.02.2007. 17:38 ] @
zveri:/home/deran# netstat -natp | grep LISTEN
tcp 0 0 127.0.0.1:674 0.0.0.0:* LISTEN 4314/famd tcp 0 0 0.0.0.0:548 0.0.0.0:* LISTEN 4200/afpd tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 4180/inetd tcp 0 0 0.0.0.0:5900 0.0.0.0:* LISTEN 4780/vino-server tcp 0 0 0.0.0.0:684 0.0.0.0:* LISTEN 4318/rpc.statd tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN 4180/inetd tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 3527/portmap tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 4344/perl tcp 0 0 0.0.0.0:113 0.0.0.0:* LISTEN 4180/inetd tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 4180/inetd tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 4180/inetd tcp 0 0 0.0.0.0:5432 0.0.0.0:* LISTEN 4260/postmaster tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 4174/exim4 tcp 0 0 0.0.0.0:1723 0.0.0.0:* LISTEN 4295/pptpd tcp6 0 0 :::80 :::* LISTEN 12869/apache2 tcp6 0 0 :::5432 :::* LISTEN 4260/postmaster zveri:/home/deran# [ caiser @ 19.02.2007. 17:50 ] @
A da ti to lepo pokrenes van glupog inet-a?
[ _deran_ @ 19.02.2007. 18:06 ] @
rado. kako?
[ caiser @ 19.02.2007. 18:50 ] @
Prvo komentujes liniju sa sshd-om u inetd.conf-u, onda uradis inetd -c, i na kraju /etc/init.d/sshd start. Ovo sve pod uslovom da imas sshd startup skriptu, a verovatno imas.
[ _deran_ @ 19.02.2007. 19:16 ] @
komentovo sam liniju sa sshd-om, inetd -c kaze invalid option a posle /etc/init.d/inet.d restart (i reload) izgleda da nema promene (po netstat -natp). nemam /etc/init.d/sshd
[ Miroslav Strugarevic @ 19.02.2007. 22:01 ] @
Probaj:
# sshd -f /etc/ssh/sshd_config & [ _deran_ @ 19.02.2007. 22:13 ] @
zveri:/home/deran# sshd -f /etc/ssh/sshd_config &
[1] 17141 [1] Done sshd -f /etc/ssh/sshd_config zveri:/home/deran# ali i dalje zatvoreno :( moguce da je do providera? [ Miroslav Strugarevic @ 19.02.2007. 22:19 ] @
Kada to uradiš,
# lsof -i | grep ssh [ _deran_ @ 19.02.2007. 22:29 ] @
zveri:/home/deran# lsof -i | grep ssh
inetd 4180 root 5u IPv4 6952 TCP *:ssh (LISTEN) sshd 17129 root 1u IPv4 40154 TCP zveri.logic.org:ssh->192.168.0.2:2527 (ESTABLISHED) sshd 17129 root 2u IPv4 40154 TCP zveri.logic.org:ssh->192.168.0.2:2527 (ESTABLISHED) sshd 17129 root 3u IPv4 40154 TCP zveri.logic.org:ssh->192.168.0.2:2527 (ESTABLISHED) sshd 17129 root 4u IPv4 40154 TCP zveri.logic.org:ssh->192.168.0.2:2527 (ESTABLISHED) sshd 17129 root 5u IPv4 40154 TCP zveri.logic.org:ssh->192.168.0.2:2527 (ESTABLISHED) sshd 17129 root 6u IPv4 40154 TCP zveri.logic.org:ssh->192.168.0.2:2527 (ESTABLISHED) sshd 17132 deran 0u IPv4 40154 TCP zveri.logic.org:ssh->192.168.0.2:2527 (ESTABLISHED) sshd 17132 deran 1u IPv4 40154 TCP zveri.logic.org:ssh->192.168.0.2:2527 (ESTABLISHED) sshd 17132 deran 2u IPv4 40154 TCP zveri.logic.org:ssh->192.168.0.2:2527 (ESTABLISHED) sshd 17132 deran 3u IPv4 40154 TCP zveri.logic.org:ssh->192.168.0.2:2527 (ESTABLISHED) sshd 17132 deran 4u IPv4 40154 TCP zveri.logic.org:ssh->192.168.0.2:2527 (ESTABLISHED) sshd 17132 deran 5u IPv4 40154 TCP zveri.logic.org:ssh->192.168.0.2:2527 (ESTABLISHED) sshd 17132 deran 6u IPv4 40154 TCP zveri.logic.org:ssh->192.168.0.2:2527 (ESTABLISHED) zveri:/home/deran# [ Miroslav Strugarevic @ 19.02.2007. 23:20 ] @
Izgleda da je sshd podrška za inetd još uvek uključena. Proveri još jednom:
# grep ssh /etc/inetd.conf Ako jos uvek stoji linija tipa ssh stream tcp nowait root /usr/sbin/tcpd /usr/local/sbin/sshd -i Onda stavi komentar ispred nje "#". # /etc/init.d/inetd reload Kill-uj sshd i ponovo ga pokreni. # pkill -9 sshd # sshd -f /etc/ssh/sshd_config & [ _deran_ @ 20.02.2007. 10:29 ] @
jos uvek nista... :(
[ Miroslav Strugarevic @ 20.02.2007. 17:58 ] @
Još uvek ništa tipa sshd je još uvek aktivan preko inetd-a ili nešto drugo?
[ _deran_ @ 21.02.2007. 13:06 ] @
stavio # ispred linije za sshd, odradio "inetd stop" i "pkill -9 sshd" ali "lsof -i | grep ssh" mi i dalje kaze LISTEN za ssh. cak i posle reseta pri dizanju sistema mi se ponovo podize ssh iako stoji # ispred njega.
Copyright (C) 2001-2025 by www.elitesecurity.org. All rights reserved.
|