Solved

problem viewing webserver pages

Posted on 2002-05-30
20
253 Views
Last Modified: 2010-03-18
Hi, My original question is in the Web Development Software section under Apache with the same title as above.  I initially thought it was an Apache problem but it may be more a linux problem.  

The first person who can help me with the problem will get all the points from both posts.
0
Comment
Question by:rlivings
  • 8
  • 6
  • 6
20 Comments
 
LVL 16

Expert Comment

by:The--Captain
ID: 7047946
For those as lazy as rlivings:

http://www.experts-exchange.com/jsp/qShow.jsp?ta=apache&qid=20304133

The solution is simple - turn off iptables, and watch for expected traffic w/ tcpdump - if you don't see any traffic, you've managed to annoy the security manager portion of Java (your network setting changed somehow when you upgraded) - if you *do* see traffic, then you know where to look...

Cheers,
-Jon
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7049908
ok, this is a linux TA, should we continue with network analyzing here (leaving other comments in the original question beside), or should it be just a link to the original question (see Jon's link)?

I also suggest to start with tcpdump on the webserver.
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 7050657
If it's not a zero-pointer, comments here are welcome as well, IMO.

Cheers,
-Jon
0
 

Author Comment

by:rlivings
ID: 7051762
I wasn't sure if the post would parse html tags or not but since the Captain explained that.... now I know :p

I will try this tomorrow since I need to study for an exam today.

thank.
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 7052160
hehe - I was joking about the laziness (since I am the king of lazy).  It's what makes us good experts (remember, Larry Wall (author of Perl) includes laziness in his top three programming virtues [along with hubris hehe]).

Let us know how it goes w/ tcpdump...

Cheers,
-Jon
0
 

Author Comment

by:rlivings
ID: 7055111
hey The--Captain, I'm not quite sure how to read tcpdump nor where I'm supposed to read.  I had to do a control-c during the tcpdump output to stop it.  Here is something that was displayed:

14:03:03.785935 uhunix2.its.hawaii.edu.ssh > 128.171.45.220.1147: . 715624:716728(1104) ack 5601 win 24820 (DF)
14:03:03.786420 uhunix2.its.hawaii.edu.ssh > 128.171.45.220.1147: P 716728:717280(552) ack 5601 win 24820 (DF)
14:03:03.787384 uhunix2.its.hawaii.edu.ssh > 128.171.45.220.1147: . 717280:718384(1104) ack 5641 win 24820 (DF)
14:03:03.787873 uhunix2.its.hawaii.edu.ssh > 128.171.45.220.1147: P 718384:718936(552) ack 5641 win 24820 (DF)
 

128.171.45.220 is one of the machines I'm trying to use to access the server.
0
 

Author Comment

by:rlivings
ID: 7055279
just realized that the machines on the LAN can't access the webserver and vice-versa
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7055895
use tcpdump like this:

  tcpdump -l -n -i eth0 not port ssh

where eth0 is the interface where you expect your webserver
0
 

Author Comment

by:rlivings
ID: 7060498
ahoffman, I see a bunch of output that seems to run infinitely.  Is there something that I should be looking for??
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 300 total points
ID: 7061969
to narrow down the amount of output, use something like:

  tcpdump -l -n -i eth0 port 80 and port 443

Then test with a client that works, you should see:
     client-ip.high-port > server-ip.80 S ...
     server-ip.80 > client-ip.high-port P ..

and so on (Just printed the important parts of output)
Then try the same with a client not working and post the messages you see here (feel free to substitute your IPs)
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 

Author Comment

by:rlivings
ID: 7063641
this is my output when I connect to my server via a remote location

ex.my local computer -> remote server -> my local webserver

13:55:12.502128 128.171.45.220.1939 > 128.171.44.7.ssh: P 334934173:334934213(40) ack 3181176822 win 17344 (DF)
13:55:12.515302 128.171.44.7.ssh > 128.171.45.220.1939: P 1:41(40) ack 40 win 24820 (DF)
13:55:12.572020 128.171.44.7.39289 > 128.171.45.31.ssh: S 243095616:243095616(0)win 24820 <nop,nop,sackOK,mss 1460> (DF)
13:55:12.575895 128.171.45.31.ssh > 128.171.44.7.39289: S 2321827900:2321827900(0) ack 243095617 win 5840 <mss 1460,nop,nop,sackOK> (DF)

--------------------
here is my output when I try to connect directly to my webserver.


ex.my local computer -> my local webserver

13:43:22.173363 128.171.45.220.1955 > 128.171.45.31.ssh: S 503416547:503416547(0) win 16384 <mss 1460,nop,nop,sackOK> (DF)
13:43:25.169221 128.171.45.220.1955 > 128.171.45.31.ssh: S 503416547:503416547(0) win 16384 <mss 1460,nop,nop,sackOK> (DF)
13:43:31.188313 128.171.45.220.1955 > 128.171.45.31.ssh: S 503416547:503416547(0) win 16384 <mss 1460,nop,nop,sackOK> (DF)
13:43:43.227092 128.171.45.220.1955 > 128.171.45.31.ssh: S 508725217:508725217(0) win 16384 <mss 1460,nop,nop,sackOK> (DF)
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7063958
ou did not use my suggested command 'cause it still reports the ssh port
Also You should connect with your browser, so you have to see http or https as port.
0
 

Author Comment

by:rlivings
ID: 7069381
ahoffman, there are multiple problems here.  I don't just have problems viewing http and https.  If all the problems are one and the same shouldn't the tcpdump for when I ssh into the machine give similar incorrect output??

Anyway I decided to give up on this problem.  Thanks for all the help ahoffmann, I don't think this idea of back and forth answering will help me due to time constraints.  My impression is that the attempt to solve this problem will go on for quite a bit longer and I will probably still not have the answer I need.

I am going to do a clean installation.
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7070020
hope it helped anyway, feel free to come back for answers
Thanks.
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 7074046
>shouldn't the tcpdump for when I ssh into the machine
>give similar incorrect output??

Not if your problems are limited to http/https...

Please try:

tcpdump -l -n '!port 22'

or

tcpdump -l -n | grep -v ssh

and don't forget the single quotes in the first example.

Cheers,
-Jon

0
 
LVL 16

Expert Comment

by:The--Captain
ID: 7074052
Please don't give up on tcpdump prematurely - it can and will solve your packet delivery problems 99% of the time, if you know how to use it correctly...

Cheersm
-Jon

0
 
LVL 16

Expert Comment

by:The--Captain
ID: 7074054
Dmaned comma is right next to the M key - should be:

Cheers,
-Jon
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 7074058
But I have no excuse for spelling "damned" incorrectly
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7075090
'!port ssh'  ==  not port ssh
;-)

but I suggested:
   tcpdump -l -n -i eth0 port 80 and port 443
which does not list ssh connections
If it does not list anything, there is no activity on port 80 or 443.
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 7079399
Quite correct - I mainly just wanted to see any other traffic oddments if they existed (might also reveal DNS problems).

Cheers,
-Jon
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now