here's the output of nmap of my gateway/firewall:
Port State Service 22/tcp open ssh 111/tcp open sunrpc 194/tcp filtered irc 4000/tcp filtered remoteanything 6346/tcp filtered gnutella 6667/tcp filtered irc 27374/tcp filtered subseven
(i have a question about the filtered ports, but more about that later)
i am not able to connect to a vnc-server thats running behind the firewall. i know that the vncserver is running because i can open vncviewers from other clients behind the firewall. but when i ssh to the gateway from [EMAIL PROTECTED] with the -L 5903:vncserver:5903 option and forward from the gateway to the vncserver using another ssh -L ..., i am not able to connect to the vncserver at port 5903 on localhost. with a RealVNC viewer, i get an error like "channel 2 or 4: administratively prohibited" and with TightVNC, i get just a connection failure. nmap output for the gateway after the port 5903 forwarding gives the same results as above. but for the vncserver behind the firewall, everything seems ok:
22/tcp open ssh 25/tcp open smtp 111/tcp open sunrpc 2049/tcp open nfs 5801/tcp open vnc-http-1 5803/tcp open vnc-http-3 5901/tcp open vnc-1 5903/tcp open vnc-3 6000/tcp open X11 6001/tcp open X11:1 6003/tcp open X11:3 6112/tcp open dtspc 32771/tcp open sometimes-rpc5 32775/tcp open sometimes-rpc13 32777/tcp open sometimes-rpc17
why isn't the gateway/firewall allowing vnc ports to be forwarded to the vncserver? or isn't that the problem? what should a tweak with the firewall (which is a standard iptables ruleset)?
secondly, how can i close the filtered ports? i cannot find what process is keeping them. i know that i disabled ICMP requests on my gateway, so do those filtered ports just mean that nmap could not find their state?
thanks
-praveen
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
