determine if udp socket can be accessed via external client
- by JohnMerlino
I don't have access to company firewall server. but supposedly the port 1720 is open on my one ubuntu server. So I want to test it with netcat:
sudo nc -ul 1720
The port is listening on the machine ITSELF:
sudo netstat -tulpn | grep nc
udp 0 0 0.0.0.0:1720 0.0.0.0:* 29477/nc
The port is open and in use on the machine ITSELF:
lsof -i -n -P | grep 1720
gateway 980 myuser 8u IPv4 187284576 0t0 UDP *:1720
Checked the firewall on current server:
sudo ufw allow 1720/udp
Skipping adding existing rule
Skipping adding existing rule (v6)
sudo ufw status verbose | grep 1720
1720/udp ALLOW IN Anywhere
1720/udp ALLOW IN Anywhere (v6)
But I try echoing data to it from another computer (I replaced the x's with the real integers):
echo "Some data to send" | nc xx.xxx.xx.xxx 1720
But it didn't write anything. So then I try with telnet from the other computer as well:
telnet xx.xxx.xx.xxx 1720
Trying xx.xxx.xx.xxx...
telnet: connect to address xx.xxx.xx.xxx: Operation timed out
telnet: Unable to connect to remote host
Although I don't think telnet works with udp sockets.
I ran nmap from another computer within the same local network and this is what I got:
sudo nmap -v -A -sU -p 1720 xx.xxx.xx.xx
Starting Nmap 5.21 ( http://nmap.org ) at 2013-10-31 15:41 EDT
NSE: Loaded 36 scripts for scanning.
Initiating Ping Scan at 15:41
Scanning xx.xxx.xx.xx [4 ports]
Completed Ping Scan at 15:41, 0.10s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 15:41
Completed Parallel DNS resolution of 1 host. at 15:41, 0.00s elapsed
Initiating UDP Scan at 15:41
Scanning xtremek.com (xx.xxx.xx.xx) [1 port]
Completed UDP Scan at 15:41, 0.07s elapsed (1 total ports)
Initiating Service scan at 15:41
Initiating OS detection (try #1) against xtremek.com (xx.xxx.xx.xx)
Retrying OS detection (try #2) against xtremek.com (xx.xxx.xx.xx)
Initiating Traceroute at 15:41
Completed Traceroute at 15:41, 0.01s elapsed
NSE: Script scanning xx.xxx.xx.xx.
NSE: Script Scanning completed.
Nmap scan report for xtremek.com (xx.xxx.xx.xx)
Host is up (0.00013s latency).
PORT STATE SERVICE VERSION
1720/udp closed unknown
Too many fingerprints match this host to give specific OS details
Network Distance: 1 hop
TRACEROUTE (using port 1720/udp)
HOP RTT ADDRESS
1 0.13 ms xtremek.com (xx.xxx.xx.xx)
Read data files from: /usr/share/nmap
OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 2.04 seconds
Raw packets sent: 27 (2128B) | Rcvd: 24 (2248B).
The only thing I can think of is a firewall or vpn issue. Is there anything else I can check for before requesting that they look at the firewall server again?
