Is there some trick for remote debugging a Tomcat9 from outside localhost?
I have a AWS bastion -> server setup and on the server itself
ss -tunlp sees 127.0.0.1:8787 0.0.0.0:*
but nmap on the bastion server doesn't see 8787 open
the other (visible) stuff on the server ss lists as *:port which looks "wider" for sure
The security group for the server is OK and a reachability analysis confirms it. A also see all the other stuff (MySQL, RDP, SSH etc) that I use in exactly the same way
Thanks in advance,
Nik
/etc/default/tomcat9 (on Ubuntu 20) has the line
#JAVA_OPTS="${JAVA_OPTS} -agentlib:jdwp=transport=dt_socket,address=8000,server=y,suspend=n"
which should be uncommented but apparently is implicitly for binding the listener only on localhost. Changing the port format to
JAVA_OPTS="${JAVA_OPTS} -agentlib:jdwp=transport=dt_socket,address=*:8080,server=y,suspend=n"
widens the binding to external access
Related
Adding an inbound Windows Firewall rule (via COM from C++) for local port 80 and addresses ANY, 127.0.0.1 or 0.0.0.0 does not block a local browser from accessing a local web server running on port 80. For debugging/testing purposes, I need to simulate loss of network connectivity between two programs running on the same computer. Is there a way to do this programmatically, on the command line, or with a tool?
In this question, they say allegedly there is no way to do this in the Windows Firewall:
How do I block localhost connections with the Windows 7/2008R2 firewall?
Is there a way, other than Windows Firewall, just to simulate loss of network connectivity between programs running on the same computer?
There is WIPFW -- a Windows port of FreeBSD's IPFW. However, I failed to get it to block localhost connections. Maybe you'll have more luck.
Alternatively, you can try a hack. If your programs establish a connection using the localhost host name instead of directly by the 127.0.0.1 IP address, you may change your hosts file to point the localhost name to some non-existing or otherwise unreachable address.
I did a lot of research for following matter and I got a lot of helpful information but the matter still remains, so I'm going to write it with full details
I'm trying to run "Remote Server Administration" with VisualSVN Server (Enterprise Edition), the server is Windows Server 2008 connected to the internet via router with port forwarding to this server. The client is not at local network so I use a static IP for the server.
Also I did every things written at this URL: http://www.visualsvn.com/support/topic/00025/
but I still get the following error message Connot connect to WMI namespace "..." : the RPC server is unavalible (0x800706ba) when I'm trying to "connecting to another computer".
On the other-hand, I can browsing the "Repositories" content by any web-browser successfully.
How can I manage the Repositories at remote servers?
"...the RPC server is unavalible (0x800706ba)" error indicates a connectivity issue to the remote machine.
Accessing WMI remotely requires port 135 TCP/UDP and all TCP ports above 1024 (1024-65535) to be opened (and forwarded), by default. You can setup fixed port for WMI to simplify the port-forwarding / proxy setup task. In order to setup the fixed port, follow steps described in the article "Setting Up a Fixed Port for WMI". After you follow these steps you are required to setup port forwarding and proxy rewrites (if any) for 135 TCP/UDP and port 24158 TCP.
"...Access is denied (0x80070005)" error indicates insufficient permissions to access WMI remotely. Add your user account to the local group on the remote machine: "Distributed COM Users".
This might seem like a duplicate question but it is not. I tried to go through similar questions but I couldn't find a fix for my problem. Here is my problem:
I need to set up an ftp connection on company servers.
I can easily connect to ftp server from fileZilla on my PC but when I try it over one of the server machines to the file server all I see is the following:
Response: fzSftp started
Command: open "*****#***.***.***.**" **
Error: Connection timed out
Error: Could not connect to server
Status: Waiting to retry...
Status: Connecting to ***.***.***.**...
Response: fzSftp started
Command: open "*****#***.***.***.**" **
Error: Connection timed out
Error: Could not connect to server
I googled the "Connection timed out"
error and I realized that the first place to check is firewall or router setting. these are outsourced to another company and they say that the issue is solved and it should work fine. I don't know where to look at.
I've had lots of issues with Filezilla. You may try another software first to see if Filezilla itself is the issue.
If you're on Windows, I highly suggest the open source project WinSCP (https://winscp.net/eng/download.php). For Mac, Cyberduck (https://cyberduck.io/?l=en) is solid (and free), though you may prefer Transmit.
I was having this problem after upgrading Filezilla. I downgraded it to a previous version and it worked like charm. I came across this ticket thread and it was absolutely helpful : Filezilla Support Ticket
Check your security group rules. You need a security group rule that allows inbound traffic from your public IP address(Google: What is my ip?) on the proper port.
Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.
In the navigation pane, choose Instances, and then select your instance.
In the Description tab, next to Security groups, choose view rules to display the list of rules that are in effect.
For Linux instances: Verify that there is a rule that allows traffic from your computer(public ip) to port 22 (SSH).
For Windows instances: Verify that there is a rule that allows traffic from your computer(public ip) to port 3389 (RDP).
Also take a look at here and here for more details
I need to set up an ftp connection on company servers. I can easily connect to ftp server from fileZilla on my PC but when I try it over one of the server machines to the file server all I see is the following:
<failure to connect code>
Please note that public IP and internel IPs will be a different address; such as 123.456.675.574 for the public but internal to the server network it will be something more like 192.168.10.574 .
This is why you can easily connect from your PC because it uses the public IP address but from the internal IP network of the company servers that address will not be valid, and the internal one would need to be used instead.
Try this, 200 is just an example, just increase it and try.
Edit --> Settings --> Connection --> Timeout in seconds = 200
I'm using WAMP in my localhost, I put it online, now I did ipconfig in my cmd, my ipv4 address looks like 192.xxx.x.xx,
when I access that address in my PC's browser, it loads my localhost (which is expected), but when I load that ip address in my android tablet device, I'm getting an error:
"The connection to the server timed out"
Anyone knows a fix? Thanks a lot!
are you sure your pad and your PC is in the same lan?
If your Android device and PC are on the same LAN then it is possible that a firewall on your PC is blocking access. Check that Apache (and port 80) are allowed in the firewall configuration.
There are three possibilities for this Problem
Server (your pc) and Client(another pc) are not belongs to same network
Firewall Blocked Connection, Check the OS firewall and also Antivirus if any
The both client and server belongs to same network as public, there is
possibilities to Block, change that private mode and check
How do I detect if a remote client is running Remote Desktop Protocol? and it is also accepting remote desktop connections ??
Like Open an port to detect HTTP and send request, receive request headers and see in request headers information about HTTP so I will know the person is running HTTP weather if he changed the port e.g: running HTTP 6551.
Attempt and make a connection with something that is RDP-connection aware (RDP is not HTTP). Of course, failing to establish an initial handshake is not proof that a connection can not be established. It could be blocked by a firewall, listening on another port, etc.
The MS-RDPBCGR specification, page 16 talks about connecting which in turn defers to X.224, go figure.
It'd likely just be easiest to use Wireshark and observe in-the-wild behavior to develop a minimal detection case. I suspect only the very initial portion of the handshake needs to be generated/replayed in order to "decide" that it's a listening RDP server.
(Or, perhaps use an existing RDP client which has this "test connect" functionality or the ability to be scripted.)
A fast way is to pen a shell and type
telnet IPADDRESS 3389
If you get a connection, chances are good that an RDP server is on the other side. RDP can run on any port, but TCP Port 3389 is set per default.
Windows 7 requires some extra steps to enable the telnet Client.
You could do netstat -a in the command line and see if the default port for remote desktop connection is listening, ie. TCP:3389 but thats only if the client hasn't changed the ports for MSTSC