Question

A question about Nmap scan results

Asked by: snyperj

I am having a problem connecting via odbc to a MySQL database on a remote host.  The host said the problem is not on their end.  I don't think the problem was on my end becuase I can connect to other MySQL databases using odbc on other hosts.

I downloaded a copy of NMap and rant it on both hosts.  The problem host (HOST A) and the host where I CAN connect (HOST B).  Port results are below.

Questions:  I know MySQL listens on port 3306.  As you can see, on Host B, 3306 is shown as OPEN where it is working fine.  However 3306 does not even show on the HOST A results.  DOes that mean it is definitely NOT open?

What makes a port display here or not display on this scan list.  Both hosts have many ports (83 & 89) that are "Not Shown".  What keeps them from being shown and if they are not shown, does that mean they are closed?

I am confused by that because on HOST A it does include some "closed" ports on their list.

Just trying to understand this... I already sent them an email that said I didn't think they had 3306 open... so I hope I didn't "jump the gun..."

This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.

Subscribe now for full access to Experts Exchange and get

Instant Access to this Solution

  • Plus...
  • 30 Day FREE access, no risk, no obligation
  • Collaborate with the world's top tech experts
  • Unlimited access to our exclusive solution database
  • Never be left without tech help again

Subscribe Now

Asked On
2009-08-28 at 06:38:02ID24689703
Topics

Linux Network Security

,

Miscellaneous Security

,

Network Management

Participating Experts
2
Points
500
Comments
19

Trusted by hundreds of thousands everyday for fast, accurate and reliable tech support.

  • "The time we save is the biggest benefit of Experts Exchange to Warner Bros. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange." Mike Kapnisakis, Warner Bros.
  • "Our team likes having a resource that is more secure than just using Google and most experts using this service really know their stuff. It's nice to look here first versus using Google." Dayna Sellner, Lockheed Martin
  • "Anytime that I've been stumped with a problem, 9 out of 10 times Experts Exchange has either the accepted solution or an open discussion of the potential solution to the problem." Kenny Red, eBay Inc.

See what Experts Exchange can do for you.

Got a question?

We've got the answer.

Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.

Screenshot of Experts Exchange Knowledgebase

Need individual assistance?

Our experts are ready to help.

If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.

Screenshot of Experts Exchange Knowledgebase

Want to learn from the best?

Read articles from industry experts.

Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.

Screenshot of an Article

Working on a long term project?

Store your work and research.

Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.

Screenshot of Experts Exchange Knowledgebase

Access the answers to your technology questions today.

Subscribe Now

30-day free trial. Register in 60 seconds.

What Makes Experts Exchange Unique?

Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.

Trusted by the world's most respected brands.

image of each brand's logo

Faithfully serving IT professionals since 1996.

Experts Exchange Logo

Try it out and discover for yourself.

Subscribe Now

30-day free trial. Register in 60 seconds.

Related Solutions

  1. Nmap Question
    I have a tutorial question to: Using the nmap command, write a script (/usr/local/bin/log-nmap) to log which systems are running a service on port 80. Append the output to /var/log/nmap_log. The script should append to the log file every minute. I did: nmap -p 80 --randomi...
  2. nmap UDP scan
    nMap version 4.01 How does one scan UDP ports on nMap? Can one do a general scan for the popular UDP ports or does one have the specify a range of ports? I tried this to scan UDP/69 but the syntax doesn't work nmap -PU [69] 10.1.1.80
  3. NMAP Question
    Hola Experts, I ran an Nmap scan from Nmap-Online.com and here are the results: PORT STATE SERVICE 25/tcp open smtp 53/tcp open domain Only thing is, checked my Pix Firewall and the Inbound acess-list only permits 25. I do not permit DNS into the network, so how is it fin...
  4. Nmap
    been trying to work out how to do a nmap scan so i can tell which computers r alive or not? anyone know if it can be done with nmap?

Free Tech Articles

  1. WARNING: 5 Reasons why you should NEVER fix a computer for free.
    It is in our nature to love the puzzle. We are obsessed. The lot of us. We love puzzles. We love the challenge. We thrive on finding the answer. We hate disarray. It bothers us deep in our soul. W...
  2. SCCM OSD Basic troubleshooting
    SCCM 2007 OSD is a fantastic way to deploy operating systems, however, like most things SCCM issues can sometimes be difficult to resolve due to the sheer volume of logs to sift through and the dispe...
  3. Migrate Small Business Server 2003 to Exchange 2010 and Windows 2008 R2
    This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Windows 2008 R2 with Exchange 2010. For this migration to work you will need the fo...
  4. Create a Win7 Gadget
    This article shows you how to create a simple "Gadget" -- a sort of mini-application supported by Windows 7 and Vista. Gadgets can be dropped anywhere on the desktop to provide instant information, ...
  5. Outlook continually prompting for username and password
    There have been a lot of questions recently regarding Outlook prompting for a username and password whilst using Exchange 2007. There are a few reasons why this would happen and I will try to cover t...
  6. Backup Exchange 2010 Information Store using Windows Backup
    There seems to be quite a lot of confusion around the ability to backup Exchange 2010 using the built in Windows Backup feature. This stems from the omission of this feature prior to Exchange 2007 s...

Cloud Class Webinars

  1. Avoiding Bugs in Microsoft Access
    Alison Balter takes and in-depth look at avoiding bugs in Access. In this webinar you will learn about using the immediate window to debug your applications, invoking the debugger, using breakpoints to troubleshoot, stepping through code, setting the next statement to execute, ...
  2. Top 10 Best New Features in Visio 2010
    Scott Helmers gives live demonstrations of the top 10 new features in Visio 2010. This webinar will teach you how to create compelling diagrams by adding shapes to the page with a single click, linking the shapes in a diagram to data in Excel (or SQL Server, or SharePoint), ...
  3. IT Consultant Business Secrets Revealed
    Michael Munger, Experts Exchange tech pro and IT consultant, pulls back the curtain on his very successful businesses and answers question on every IT consultant and business owner should know about. He shares secrets on what he did to solve the 5 most common problems in IT, ...
  4. Disaster Recovery and Business Continuity
    Quest CTO, Mike Billon, gives an overview of the steps involved in building a dunamic disaster recovery plan. Through case studies and an examination of software/hardware tooles for monitoring and testing, you'll gain a better understandin of where you are, where you want ...
  5. Organize Your Visio Diagrams with Containers and Lists
    Scott Helmers uses cross functional flowcharts, wireframe diagrams, data graphic legends and seating charts to teach you: how to ustilize all three new structured diagram components in Visio 2010, the best practices for organizeing shapes in previous version of Visio, how to organize ...
  6. How to Us Objects, Properties, Events and Methods in Microsoft Access
    Alison Dalter gives an in-depbth look at objects, properties, events and methods in Microsoft Access. In this webinar you will learn about using the object browser, referring to objects, working with properties and methods, working with object variables, understanding the ...

Join the Community

Give a Little. Get a Lot.

Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.

Join the Community

Answers

 

by: abodettePosted on 2009-08-28 at 08:09:21ID: 25208468

closed means it checked that port but no application was listening on it.  The fact that 3306 does not show up for the host should mean either 1.) mysql is not running and so not listening on port 3306, or 2.) access to port 3306 has been blocked although generally that will show as "filtered" if a firewall is actively blocking it although it might just not show up depending on how the firewall works.

So by all means send the nmap results along saying that port 3306 is not open for requests and suggest they check the status of mysql and any firewall they have on that host.  Also ask if maybe they are using a non standard port to run mysql on.

 

by: nemws1Posted on 2009-08-28 at 08:16:21ID: 25208534

If 'nmap' does not list a part, it does NOT mean that there is not a service on that port.  It is possible to have a service running on a port and still hide it from nmap (easily done w/ a firewall/iptables).

In your situation, though, you should be able to connect to port 3306 on Host A.

From host B, do this:

  telnet host_a.whatever.com 3306

Do you get anything?  If you see "Escape character is '^]'" you connected - otherwise, something is blocking you.

 

by: snyperjPosted on 2009-08-28 at 08:16:31ID: 25208538

In the connection settings they gave me yesterday they specified 3306.  It was odd, it worked fine at 330pm EST when they first sent me the connection settings.  I connected, I could readdb tables, etc...

Then I worked on something else, then I went back to this at 530pm EST and could no longer connect and they said they didn't change anything on their end.  I believe them, but what could have happned?  The website itself is working right now- so mysql must be running, right?

I am guessing based on what you said above that it must have something to do with their firewall?  I just don't understand how it would become blocked all of a sudden... unless they did do something and don't even realize that they did...(scratches head...)

 

by: nemws1Posted on 2009-08-28 at 08:20:22ID: 25208575

Is this Dreamhost you're working with?

 

by: snyperjPosted on 2009-08-28 at 08:22:30ID: 25208594

"From host B, do this:

  telnet host_a.whatever.com 3306"


I am not really versed in this area (i am a programmer!) but I opened on cmd on by own Pc and entered the above, substituting the real address of course, and I got:

Connecting to....www.xxx.com..could not open connection to the host on port 3306: Connect failed


So I presume all this means they have the port blocked.

 

by: snyperjPosted on 2009-08-28 at 08:23:09ID: 25208601

Not dreamhost, now.  A private host who built a website for us.

 

by: abodettePosted on 2009-08-28 at 08:27:05ID: 25208652

If it was working and then stopped and you couldn't talk to mysql anymore combined with nmap showing 3306 not open on their end I'd definitely put that on them to fix.  Just send them everything you know including the nmap stuff.

 

by: snyperjPosted on 2009-08-28 at 08:57:08ID: 25208966

I did.  I just got an email from the owner that said:

'I just tried to telnet both from home and my office and I had no problems connecting (of course I had to add my home IP to the access hosts)

That's the only other thing I can think of.. Can you verify that your IP is valid (within range) with what we put in hosts yesterday?  In any case, I don't think it's a port issue."


I know it's valid.  What else could be the problem?  It's almost like we are at a stalemate.


 

by: snyperjPosted on 2009-08-28 at 08:58:25ID: 25208976

Plus, before we put my IP's in yesterday, we were gettng a specific error that was the problem.  Today it doesn't say that. Just won't connect.

 

by: nemws1Posted on 2009-08-28 at 09:04:34ID: 25209040

You should try the telnet again, record the exact time you did so, and ask the owner if they're getting any error messages (like "Access denied for IP xxx.xxx.xxx.xxx") at the the exact time you're attempting your connection.

If they're *not* seeing anything in their log, then the problem is on your side.

Are you running any firewall software?

 

by: snyperjPosted on 2009-08-28 at 09:15:02ID: 25209153

Nothing new since it worked yesterday?

 

by: snyperjPosted on 2009-08-28 at 09:17:20ID: 25209180

Yes, you were spot on.  Before I even did that I received this email from him from when I did it earlier:

'Sorry, I just noticed that you did try to telnet...  I'll keep checking into it and let you know as soon as I know something.'

Any thoughts on what it could be?  I would like to suggest some things because I am desperate to get at this data and very much up against a time frame...

 

by: nemws1Posted on 2009-08-28 at 09:28:56ID: 25209281

Screwed up netmask, missing backslash, who knows - could be anything (having no idea what your host is running for their "access list").

However, I see that you can connect to their host somehow.  If you're using ssh, you could try to create your own port forwarding tunnel to MySQL on their host (they'd have to have it turned on, though, and its off by default in sshd_config).

Lot's of fun, though, if it works. ;-)

  ssh -v -L 3307:localhost:3306 hosta.whatever.com

(and then leave it connected).  If this works, then you can connect to the remote server's MySQL at:

  localhost:3307

 

by: snyperjPosted on 2009-08-28 at 09:32:11ID: 25209313

holy crap, for me, that was like reading Chinese!

 I guess they just need to fix whatever isn't letting my simple little odbc connection from working.....  :)

 

by: nemws1Posted on 2009-08-28 at 09:38:07ID: 25209365

Okay.  Let me back up then.

You were able to connect to 'hosta' somehow and run 'nmap'.  How did you do that?

 

by: snyperjPosted on 2009-08-28 at 09:42:19ID: 25209403

I didn't.  I ran it from my own machine here at my desk and put the server address in ('target'.)
I have like a windows version of it I downloaded when I saw a reference to NMap from another post.  
Never even heard of NMap before today!

 

by: nemws1Posted on 2009-08-28 at 09:50:14ID: 25209490

Ah sorry.  I assumed you could 'ssh' into to the remote host - my bad.

So now, you'll just have to wait on the other end for your provider to get their stuff figured out. ;-(

 

by: nemws1Posted on 2009-08-31 at 12:04:42ID: 25225400

Any follow-up?  You ever get this working?

 

by: snyperjPosted on 2009-08-31 at 13:10:23ID: 25225991

We had to open a port in our firewall.  As soon as we did, I connected.  Our IT people say there is NO WAY I connected the day before- but I did.  I know I did because I wrote down the number of tables in the database.  61, and there is 61.  I never would have pushed the issue on their side if it had never worked, becuase I ALWAYS assume the problem is on this end (you have to work here to understand.)  But, since I had connected... I was pretty much ASSuming the problem was on the other side.  It wasn't.

20120131-EE-VQP-002

3 Ways to Join

30-Day Free Trial

The Experts

98% positive feedback on 31,087 answers since March 2000. angeliii is a Microsoft Most Valuable Professional for his work with MS SQL Server & Develoment.

He has also proven his knowledge of Visual Basic Programming, PHP Scripting and Oracle Databases.

The Experts

97% positive feedback on 10,752 answers since July 2000. lrmoore has more than 18 years experience in the networking industry.

The six-time Mircosoft MVPs specialties include firewalls, virtual private networking, and network management.

Testimonials

"...and excellent source for support... Kind of like having your very own IT dept." Electriciansnet

Testimonials

"I was apprehensive at signing up at first. However... it has already made my life as an IT administrator much easier." JaCrews

Testimonials

"WOW! You guys have great, active, and knowledgeable people on here." moore50

Business Clients

Business Clients

In the Press

"If you’ve got a question... Experts Exchange can supply an answer.”

In the Press

"...an invaluable aid for both IT professionals and those who require tech support."

In the Press

"where IT professionals provide quick answers on just about any topic"

Business Account Plans

Loading Advertisement...