[SOLVED] I can't make a Telnet from Windows to CentOs

[josea]

Hello,

I have a Sybase database install in CentOS 5, and it is listening in the port 5000.

I am trying to test if I have access from a Windows 7 machine to the CentOS machine using Telnet. Boath machines are in 192.168.x.x

I use the command telnet 192.168.x.x 5000 to my CentOS machine and then I have a Connection Error in the Port 5000.

I stopped Iptables, and disabled selinux

My selinux config file:
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted

Someone know if there other security option, firewall, or what something else that could make me can't allow access to the port 5000?

Thank you, and sorry for my english, I am not a native speaker.

[pschaff]

Hopefully disabling SELinux and IPtables is a temporary measure while debugging. A better approach is to put SELinux in permissive mode with "setenforce 0" rather than disabling it in the config file. Did you reboot after making the change?

Can you ping the CentOS system from the Windows system? Can you connect with an SSH client such as PuTTY? Are you certain the service is actually running and listening on port 5000? Have you tried an [b]nmap[/b] port scan to verify that?

[josea]

Hello,

Thank you for the answer.

Yes I did reboot for the CentOS system.

Yes I can make a ping, the ssh and ftp works fine.

If I make a nmap in the CentOS machine the result is:

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2012-04-18 10:03 CEST
Interesting ports on localhost.localdomain (127.0.0.1):
Not shown: 1674 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
111/tcp open rpcbind
969/tcp open unknown
5000/tcp open UPnP

If i use Zenmap, that is a nmap aplication for windows, and I execute nmap -p 1-65535 -T4 -A -v 192.168.1.7 the result is

-----------------------------------------------------------------------------------------

Starting Nmap 5.51 ( http://nmap.org ) at 2012-04-18 09:58 Hora de verano romance
NSE: Loaded 57 scripts for scanning.
Initiating ARP Ping Scan at 09:58
Scanning 192.168.1.7 [1 port]
Completed ARP Ping Scan at 09:58, 0.10s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 09:58
Completed Parallel DNS resolution of 1 host. at 09:58, 0.04s elapsed
Initiating SYN Stealth Scan at 09:58
Scanning 192.168.1.7 [65535 ports]
Discovered open port 21/tcp on 192.168.1.7
Discovered open port 111/tcp on 192.168.1.7
Discovered open port 22/tcp on 192.168.1.7
Discovered open port 969/tcp on 192.168.1.7
Completed SYN Stealth Scan at 09:58, 4.84s elapsed (65535 total ports)
Initiating Service scan at 09:58
Scanning 4 services on 192.168.1.7
Completed Service scan at 09:58, 11.03s elapsed (4 services on 1 host)
Initiating RPCGrind Scan against 192.168.1.7 at 09:58
Completed RPCGrind Scan against 192.168.1.7 at 09:58, 0.80s elapsed (2 ports)
Initiating OS detection (try #1) against 192.168.1.7
Retrying OS detection (try #2) against 192.168.1.7
Retrying OS detection (try #3) against 192.168.1.7
Retrying OS detection (try #4) against 192.168.1.7
Retrying OS detection (try #5) against 192.168.1.7
NSE: Script scanning 192.168.1.7.
Initiating NSE at 09:59
Completed NSE at 09:59, 3.94s elapsed
Nmap scan report for 192.168.1.7
Host is up (0.0000040s latency).
Not shown: 65531 closed ports
PORT STATE SERVICE VERSION
21/tcp open ftp vsftpd 2.0.5
22/tcp open ssh OpenSSH 4.3 (protocol 2.0)
| ssh-hostkey: 1024 e2:83:3a:42:9f:49:50:b1:3b:8e:32:b8:3c:f9:e4:ac (DSA)
|_2048 b6:e7:e6:29:5c:3f:56:dc:78:38:91:5c:22:57:fa:ff (RSA)
111/tcp open rpcbind 2 (rpc #100000)
969/tcp open status 1 (rpc #100024)
MAC Address: D4:AE:52:6E:E6:63 (Unknown)
No exact OS matches for host (If you know what OS is running on it, see http://nmap.org/submit/ ).
TCP/IP fingerprint:
OS:SCAN(V=5.51%D=4/18%OT=21%CT=1%CU=41693%PV=Y%DS=1%DC=D%G=Y%M=D4AE52%TM=4F
OS:8E7452%P=i686-pc-windows-windows)SEQ(SP=107%GCD=1%ISR=106%TI=Z%CI=Z%II=I
OS:%TS=A)OPS(O1=M5B4ST11NW7%O2=M5B4ST11NW7%O3=M5B4NNT11NW7%O4=M5B4ST11NW7%O
OS:5=M5B4ST11NW7%O6=M5B4ST11)WIN(W1=16A0%W2=16A0%W3=16A0%W4=16A0%W5=16A0%W6
OS:=16A0)ECN(R=Y%DF=Y%T=40%W=16D0%O=M5B4NNSNW7%CC=N%Q=)T1(R=Y%DF=Y%T=40%S=O
OS:%A=S+%F=AS%RD=0%Q=)T2(R=N)T3(R=Y%DF=Y%T=40%W=16A0%S=O%A=S+%F=AS%O=M5B4ST
OS:11NW7%RD=0%Q=)T4(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T5(R=Y%DF=Y%T=
OS:40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0
OS:%Q=)T7(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)U1(R=Y%DF=N%T=40%IPL=1
OS:64%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G)IE(R=Y%DFI=N%T=40%CD=S)


Uptime guess: 0.737 days (since Tue Apr 17 16:17:52 2012)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=263 (Good luck!)
IP ID Sequence Generation: All zeros
Service Info: OS: Unix


TRACEROUTE
HOP RTT ADDRESS
1 0.00 ms 192.168.1.7


Read data files from: C:\Program Files (x86)\Nmap
OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 33.86 seconds
Raw packets sent: 65631 (2.892MB) | Rcvd: 65611 (2.628MB)


-----------------------------------------------------------------------------------


So, in localhost the port is Open and the service is Running, but from Windows is unreachable.

[markkuk]

Check the Sybase configuration, it appears it's set up to listen only on the local loopback interface (127.0.0.1).

[josea]

Hello, and thanks for the answers.

Yes, it was a configuration problem rather than CentOS firewall problem.

Now it's solved.

Thank you again.

[pschaff]

You are welcome. Thanks for reporting back. Marking this thread [SOLVED] for posterity.