Solved

Did not work

Posted on 2009-05-15
5
457 Views
Last Modified: 2012-08-14
The resolution worked yet didnot ...
netstat -ano
showed that
C:\Documents and Settings\Administrator>netstat -ano
Active Connections
  Proto  Local Address          Foreign Address        State           PID
  TCP    0.0.0.0:135            0.0.0.0:0              LISTENING       680
  TCP    0.0.0.0:445            0.0.0.0:0              LISTENING       4
  TCP    0.0.0.0:1025           0.0.0.0:0              LISTENING       424
  TCP    0.0.0.0:3389           0.0.0.0:0              LISTENING       1536
  TCP    0.0.0.0:6005           0.0.0.0:0              LISTENING       3324
  TCP    127.0.0.1:1026         0.0.0.0:0              LISTENING       1732
  TCP    192.168.1.52:139       0.0.0.0:0              LISTENING       4
  TCP    192.168.1.52:1038      72.14.205.103:80       CLOSE_WAIT      1700
  TCP    192.168.1.52:1039      72.14.205.103:80       CLOSE_WAIT      1700
  TCP    192.168.1.52:1040      74.125.45.101:80       CLOSE_WAIT      1700
  TCP    192.168.1.52:1042      74.125.45.113:80       CLOSE_WAIT      1700
  TCP    192.168.1.52:1055      66.77.107.72:2150      ESTABLISHED     2744
  TCP    192.168.1.52:1063      63.236.58.166:2103     ESTABLISHED     3324
  TCP    192.168.1.52:3389      75.60.14.112:15036     ESTABLISHED     1536
  TCP    192.168.1.52:3389      93.97.211.15:49923     ESTABLISHED     1536
  TCP    192.168.1.52:6005      76.0.48.144:26786      TIME_WAIT       0
  UDP    0.0.0.0:445            *:*                                    4
  UDP    0.0.0.0:500            *:*                                    424
  UDP    0.0.0.0:4500           *:*                                    424
  UDP    127.0.0.1:123          *:*                                    764
  UDP    127.0.0.1:1028         *:*                                    1700
  UDP    192.168.1.52:123       *:*                                    764
  UDP    192.168.1.52:137       *:*                                    4
  UDP    192.168.1.52:138       *:*                                    4

I do not see the ports 5000 thru 15000 listed. does that mean the software is not using these ports right now or that a connection needs to be established first?
0
Comment
Question by:ultreya
  • 3
  • 2
5 Comments
 

Author Comment

by:ultreya
ID: 24399668
0
 
LVL 19

Accepted Solution

by:
nodisco earned 500 total points
ID: 24404992
Hey there

To be honest I am not sure as I don't know the application - UDP is connectionless.  In the previous question you said you saw the traffic going thru the ASA so I assume you mean you see the hits on the access-list for these ports?  
We can only surmise that the machine is not listening on these ports for these reasons:

1) When you open a connection from outside over UDP ports or using 3389 etc - the ASA increments hits on the access-list accordingly so is doing what its supposed to do
2) The 3389 however does connect ok so we know the traffic between the server and the ASA is working correctly.

You're in a bit of a pickle because unless you can prove the ports are working from the inside, testing through the ASA is essentially redundant.

0
 

Author Comment

by:ultreya
ID: 24423303
And the lack of communication from the Server administrator does NOT help either. The last time i talked to him he said it did not work nor has it ever worked. I pointed out the fact that traffic was flowing to his server through the ASA and showed him the hitcnt through the access-list. I expressed that he needs to find a way to test it from inside, however I have heard nothing back. In limbo until I can hear back from the admin...

I love my job.
0
 
LVL 19

Expert Comment

by:nodisco
ID: 24426595
lol

I hear you.  
0
 

Author Closing Comment

by:ultreya
ID: 31582107
Apparently the server admin decided to go another route. I believe he did NOT know what he was doing and found an easier software solution. I believe the ports were opened and running correctly (thank you again). Since the admin has not communicated with me the solutions, nor the results of the program. I can only assume my end was correctly set up. Thank you for your help.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

SSL is a very common protocol used these days when browsing the web.  The purpose is to provide security to communication, but how does it do it?  There are several pieces at work that have to be setup before SSL will even work and it requires both …
This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now