how to open port in linux, ossec client cannot connect

anyone aware of ossec log monitoring software?

i have installed ossec to ubuntu 9 server edition
ubuntu is with default installation, only ossec i installed

ossec is using port 1514 to communicate with clients, from a client pc i telnet to 1514, cannot connect

in server i check
root@ossec:/var/ossec/etc# netstat -an | grep LISTEN
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:445             0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:139             0.0.0.0:*               LISTEN
tcp6       0      0 :::22                   :::*                    LISTEN
unix  2      [ ACC ]     STREAM     LISTENING     4527     /tmp/.winbindd/pipe
unix  2      [ ACC ]     STREAM     LISTENING     2747     @/com/ubuntu/upstart
unix  2      [ ACC ]     STREAM     LISTENING     4529     /var/run/samba/winbindd_privileged/pipe
unix  2      [ ACC ]     STREAM     LISTENING     4365     /tmp/.lwidentity/pipe
unix  2      [ ACC ]     STREAM     LISTENING     4367     /var/lib/likewise-open/lwidentity_privile
ged/pipe
root@ossec:/var/ossec/etc#

wats the command to open port 1514?
ammadeyy2020Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ajay_mhasalCommented:
HI,

After having a look at the output of netstat command it seem that the ossec service is not running and you should start it using command

/var/ossec/bin/ossec-control start

As even it you configure the firewall and block the port it must be displayed in netstat output in Listen state on the host. Hence try to start the service of ossec.
0
ammadeyy2020Author Commented:
attached screenshort, service is already running
1.png
0
gmckeown99Commented:
Those ports are SSH and Samba. Use netstat -atup. OSSEC uses UDP port 1415, not TCP.

Remember to open the port 1514 (UDP) if there is a firewall between the server and the agents.

0
The Ultimate Tool Kit for Technolgy Solution Provi

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!

TobiasHolmCommented:
Hi!

"Remember to open the port 1514 (UDP) if there is a firewall between the server and the agents (if you didn’t choose the local installation)."

To open port in the firewall, follow this document: https://help.ubuntu.com/community/IptablesHowTo

To allow incoming traffic on the port 1514 UDP:

$ sudo iptables -A INPUT -p udp --dport 1514 -j ACCEPT

To check the firewall rules:

$ sudo iptables -L

Regards, Tobias
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ammadeyy2020Author Commented:
hi
iptables -L shows udp port 1514 is open

since the question i asked is about how to open port in linux i will close this question and open new question regarding ossec issue
0
gmckeown99Commented:
You don't "open" a port in Linux. It is OSSEC that listens for connections on a particular port. Try disabling iptables to rule out the port being blocked /etc/init.d/iptables stop.

Did you run netstat -atup ?

Don't filter just for "LISTEN" as you may have a connection that is in the "ESTABLISHED" state.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux

From novice to tech pro — start learning today.