On Fri, 18 Jan 2002, Tzafrir Cohen wrote: > Date: Fri, 18 Jan 2002 01:08:00 +0200 (IST) > From: Tzafrir Cohen <[EMAIL PROTECTED]> > To: Tal Amir <[EMAIL PROTECTED]> > Cc: the linux-il mailing list <[EMAIL PROTECTED]> > Subject: Re: access problem > > On Thu, 17 Jan 2002, Tal Amir wrote: > > > hi all, > > > > this is kind of trickey, so i'll try to be as clear as i can. > > i have a RH 6.2 machine at work, functioning as a mail-relay to an > > exchange server sitting in the local LAN, with NAT address. > > the linux machine is in a DMZ, with 1 nic, real ip. > > everything worked wonderfull for more then 2 years, until last week, when > > someone did a hard reset to that machine. > > > > Yuck. It is possible that some files got trashed in the process.
thats my guess to... ;( > > > as for now, users that try to telnet this machine > > <ssh-advocacy> > Install sshd and use it! > Installing an ssh client on every windows machine is not practical. > Download putty and put putty.exe on some SMB share > </ssh-advocacy> > ssh is installed, but that does not explain why telnet isnt working. i use ssh most of the time. > > or get mail from it (using ms outlook) are > > getting stuck in the autontication.the mail client gets stuck on > > "verifying username and password" for 1-2 > > minuetes, and then gives up with a connection timeout. > > Outlook has very strange-looking error messages. Figuring them out is not > always easy. > > telnet your-server 110 > > If and when a (tcp) connection is established, try writing the following: > > USER username > PASS topsecretpasswordinplaintext > QUIT > > (wu-imapd is very polite, and will give you a prompt for every step. > telnet to port's 110 and 25 works. only mail clients cant get to authonticate. this is the most wierd part (?!) > > > i forgot to mention that some users use this machine as a pop3 server, and > > others use the exchange (all mail messages > > are forwarded to teh exchange, except for users that have "CL username" in > > sendmail.conf . > > from the outside, all services work just fine. > > pop3 over the internet? Consider using spop3 (when you have some time) > > > this is not a firewall problem, since i unloaded the policy, tried and got > > nothing as well. > > for some reason, i cannot get to authonticate (as pop3 or telnet) from the > > internal network. > > there is nothing preventing me to access in hosts.deny . > > i am able to ping that machine from the inside, but thats about all i can > > do. nothing more. > > i did not change anything,or even touched that machine since the last > > time it worked, so there is no way that i did > > something wrong in any of the configuration files. > > the only change that was "made" was that hard reset. (boy, is that guy > > gonna get it) ;) > > > > any idea's are welcomed. > > tal. > > Let's go one step at a time: > > * Is anybody listening on the ports of the internal interfaces? Perhaps > your programs only listen on specific IPs? > there ARE NO internal interfaces. 1 interface (eth0) with 1 real ip. this machine is in a dmz, and the firewall translates everything to it. this is why its accesible from both internal and external locations, and vice versa (it can access NAT addresses). > Use netstat -ln --tcp and see if any service listens on an address that is > not 0.0.0.0 (=all interfaces). > > > * Do packets from the clients get to the server? > Use tcpdump or any other sniffer. This could be a DNS problem or a routing > problem. > no routing problem. as i said, i can ping it from the internal LAN. also from outside. this is not the problem. > * Have you looked at the logs? Any connection attempts logged? > another thing i forgot to mention : syslogd is running but not logging anything. the last log entry is at the same date when the hard reset acourd. i dont think that there is a connection, but go figure.. > * Have you eliminated packet filtering? > Make sure you log any packet that you drop. Watch the logs and see if > connections don't yield messages of dropped packets. nothing of that kind. everything from the internal lan to that machine (DMZ) is allowed. like i said, i even unloaded the firewall's policy to make sure that this is not a firewalling problem. and this machine does not run any firewalling of its own, or filter's any traffic..its all done by the firewall. > > -- ----------------------------------- _|_|_ Best Regard's , ( ) * Amir Tal, /v\ / System Administrator /( )X (m_m) | | ICQ : 15748705 | (_)_ __ | | | '_ \| | | \ \/ / | | | | | | |_| |> < |_)_|_|_| |_|__,_/_/\ http://whatsup.homelinux.com ----------------------------------- ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
