[RndTbl] Trying to open port 36141:TCP for PCI Compliance test

Tyhr Trubiak ttrubiak at gmail.com
Thu Feb 12 15:37:46 CST 2015


I'm trying to have a site host on Red Hat 6.3 PCI compliant through
myControlScan.

The only failure I have is that port 36141:TCP is being blocked
somehow/somewhere, and I do not know where or how to find out.
It is blocked from other servers on the network as well as itself.

# nc -zv 127.0.0.1 36141
nc: connect to 127.0.0.1 port 36141 (tcp) failed: Connection refused
(same result when using nc -zv localhost 36141 as well as the website ip
address)

36141:TCP should be open according to iptables. (iptable list shown below)

# netstat -lnp | grep 36141
(shows nothing)

traceroute gets to myControlScan (207.198.99.3) via default settings, port
80, port 80 TCP, and port 36141, BUT not 36141:TCP.
Confused.

# traceroute -p 36141 -P TCP 207.198.99.3
traceroute to 207.198.99.3 (207.198.99.3), 30 hops max, 60 byte packets
 1  * * *
 2  *^C

# traceroute -p 36141 207.198.99.3
traceroute to 207.198.99.3 (207.198.99.3), 30 hops max, 60 byte packets
 1  67.22.106.161 (67.22.106.161)  0.679 ms  0.734 ms  0.873 ms
 2  66.11.145.82 (66.11.145.82)  1.965 ms  1.963 ms  1.936 ms
 3  ae1-200.tor10.ip4.gtt.net (77.67.79.185)  1.890 ms  1.867 ms  1.839 ms
 4  xe-7-0-1.dal33.ip4.gtt.net (89.149.180.246)  51.948 ms  51.940 ms
 51.916 ms
 5  peer1-gw.ip4.gtt.net (77.67.71.30)  38.730 ms  38.730 ms  38.701 ms

iptable list below:
-----------------
# iptables -nL
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:36141
DROP       tcp  --  195.190.13.0/24      0.0.0.0/0           tcp
DROP       tcp  --  91.217.10.0/23       0.0.0.0/0           tcp
DROP       tcp  --  91.207.8.0/23        0.0.0.0/0           tcp
DROP       tcp  --  91.207.4.0/22        0.0.0.0/0           tcp
DROP       tcp  --  91.207.7.21          0.0.0.0/0           tcp
ACCEPT     all  --  172.16.100.1         0.0.0.0/0
ACCEPT     all  --  172.16.101.102       0.0.0.0/0
ACCEPT     all  --  172.22.25.53         0.0.0.0/0
ACCEPT     tcp  --  127.0.0.1            0.0.0.0/0           tcp dpt:111
ACCEPT     tcp  --  10.200.139.34        0.0.0.0/0           tcp dpt:111
ACCEPT     tcp  --  10.200.139.35        0.0.0.0/0           tcp dpt:111
ACCEPT     tcp  --  172.16.1.164         0.0.0.0/0           tcp dpt:111
REJECT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:111
reject-with icmp-port-unreachable

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:36141

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:36141
ACCEPT     tcp  --  127.0.0.1            0.0.0.0/0           tcp dpt:111
ACCEPT     tcp  --  10.200.139.34        0.0.0.0/0           tcp dpt:111
ACCEPT     tcp  --  10.200.139.35        0.0.0.0/0           tcp dpt:111
ACCEPT     tcp  --  172.16.1.164         0.0.0.0/0           tcp dpt:111
DROP       tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:111
--------------------------------------------------------------------------

Any thoughts or ideas?
Thanks,
Tyhr
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.muug.mb.ca/pipermail/roundtable/attachments/20150212/34e40124/attachment.html>


More information about the Roundtable mailing list