Listen to specific UDP Port
Hi guys,
I'm using a PHP script which contacts my Mac running growl to subsequently push notifications to my iPhone via Prowl.
This isn't working at all at the moment and it's proving difficult to establish whether A - the PHP script isn't contacting the Mac correctly or B - a firewall or equivalent is blocking access to Growl.
My set up is:
1. iMac running Growl and growl-notify;
2. a DynDNS account which points to my IP address;
3. Netgear router which forwards UDP port 9887 to my iMac (which has been allocated a static local IP address);
Is there anyway I can 'listen' to port 9887 to see what information is being received at that port? That way I can determine whether the plugin has been configured correctly or whether the script is generating an incorrect packet.
Thank you for your time.
Try Wireshark.
Similar Messages
-
Multiple apps listening to one udp port
Launching second app instance gives error
java.net.BindException: Address already in use: Cannot bindIs there some way to make this work?Thanks guys, this definitely verifies what I'm seeing, and I realize it's not just Java's problem. And I can't share the source b/c it's closed, I apologize for that. But it's basic socket level programming.
This really is the goal to run multiple apps, so can I get your advice along that approach-- one app listens on the UDP port, and collects all the data, and makes it available to several presentation clients. How to make it available? Regular TCP sockets? How would this middle tier program know when to flush its buffers--that is, when all the apps have gotten up to date? Does it need to know a count of subscribed presentation clients? Receive notification when they close, track if they've dropped off abnormally, etc... Sorry this sort of confuses me :o)
Maybe if there's a guarantee the UDP listener app is running on the same machine as the presentation clients I can use a different method besides sockets at that point? -
Operations Manager 2012 doesn't listening SNMP Trap UDP port 162
hi,
SCOM 2012 SP1, how come the operations manager started but the SNMP Trap UDP port 162 not listening?
Without this port listening, I can't testing SNMP trap on SCOM.
Thanks...KENHi,
As described in the following blog, the TRAP service should be installed but turned off, we could not get traps coming in until we turned the service back on.
So please verify if the service is on. You can continue audit the ports by running netstat –a.
System Center 2012 Notes From the Field
http://scom-2012.blogspot.in/2012/07/setting-up-snmp-monitoring-in-scom-2012.html
Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.
Hope this helps. -
Howto check if any process listen to a UDP Port
Hi,
I am develop a STREAMS Kernelmodul. If I send a UDP/IP Message upstream and no process is listen at this destiantion port, the OS crashes down.
Is there any possibility to check if any process is listening to this port like "netstat -an | grep <PORTNUMBER>" with Kernelfunctions?
Any help is greatly appreciated
Thank You
ClausThe easiest way is to use lsof -i. (lsof is freeware.)
root@jupiter# lsof -i UDP:111
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
rpcbind 227 root 3u IPv4 0x30002f4be60 0t0 UDP *:sunrpc (Idle)
root@jupiter#
You can also use "netstat -an -P udp" to see if the socket is in use at all.
If you know the process ID, you can uses pfiles <pid>. for information about who the socket is connected to. -
Hi,
I could find a solution for my problem. I need to monitor a UDP port.
For the TCP ports i'm using MP template TCP Port, but for the UDP i don't find any tool.
My question is. It's possible to monitor UPD ports in SCOM 2012 R2? If yes, how?
Thank you,
RuiHi Rui,
I have found a possibility to do this. Hope you understand this and it is helpful. This is a two step process but guess will definitely server the purpose.
Scope: We will be running a tool which will monitor a port (TCP or UDP) for a specific host / IP and will throw a log file.
SCOM will monitor the log file and will throw a alert if the log file contains the string NOT LISTENING (Port not working or unable to open the port) which the program will create the log with the results.
First download the program named: PortQry Command Line Port Scanner Version 2.0 from microsoft using the below link. It is a command line tool.
http://www.microsoft.com/en-in/download/details.aspx?id=17148
Run it using by making a batch file or powershell script using task scheduler as per your time requirement (Every 5 min or 1Hr).
Use this command to monitor a ip / hostname and its port with TCP or UDP.
I have pasted the command file of the program in C:\Port_checker directory so i am using the below syntax
C:\Port_checker\PortQry.exe -N 192.168.1.1 -e 5723 -p UDP -l C:\Port_checker\Result.log /y
-N = Hostname / FQDN of agent or Ip address
-E = Port # what you want to monitor
-P = Protocol (TCP or UDP)
-L = Generate log on the following location and name
/Y = To replace the existing log file name to fresh one without prompt.
The result in the log file will be as follows:
============================
For successful port open:
PortQry Version 2.0 Log File
System Date: Tue Oct 07 09:42:32 2014
Command run:
C:\PortQryV2\PortQry.exe -N 192.168.1.1 -e 5723 -p UDP -l C:\Portqryv2\Result.log /y
Local computer name:
192.168.1.2
Querying target system called:
192.168.1.1
Attempting to resolve name to IP address...
Name resolved to 192.168.1.1
querying...
UDP port 5723 (unknown service): LISTENING
========= end of log file =========
PortQry developed by Tim Rains
For failure port open:
PortQry Version 2.0 Log File
System Date: Tue Oct 07 09:42:32 2014
Command run:
C:\PortQryV2\PortQry.exe -N 192.168.1.1 -e 5723 -p UDP -l C:\Portqryv2\Result.log /y
Local computer name:
192.168.1.2
Querying target system called:
192.168.1.1
Attempting to resolve name to IP address...
Name resolved to 192.168.1.1
querying...
UDP port 5723 (unknown service): NOT LISTENING
========= end of log file =========
PortQry developed by Tim Rains
Now as per the above results NOT LISTENING Port is blocked or is not opened and LISTENING
means working or port is opened.
So now using SCOM you will monitor the log file Result.log
in the location C:\Port_checker\ saying if NOT LISTENING
comes in the log file throw me a alert in SCOM consle or via email.
To configure that alert you need to create a Generic text log alerting Rule which will throw a alert if any thing added in that log which is not to be added and if it is added like NOT LISTENING
then it will throw a alert.
Refer this link on how to open a Generic text log alerting Rule.
http://blogs.technet.com/b/kevinholman/archive/2009/06/20/using-a-generic-text-log-rule-to-monitor-an-ascii-text-file-even-when-the-file-is-a-unc-path.aspx
Gautam.75801 -
How do you block or filter traffic to udp port 192?
We are a company trying to stay an "apple office". We use an airport express for our networking and have recently been trying to become PCI "Payment Card Industry" Compliant for our credit card terminal that uses our wireless network. A company hired by the credit card processing company is running scans on our system and we keep failing because of UDP port 192. The specific message they are sending us is:
"Synopsis : The remote host is a wireless access point. Description : The remote host is an Airport, Airport Extreme or Airport Express wireless access point. It is possible to gather information about the remote base station (such as its connection type or connection time) by sending packets to UDP port 192. An attacker connected to this network may also use this protocol to force the base station to disconnect from the network if it is using PPPoE, thus causing a denial of service for the other users. Solution: Filter incoming traffic to this port and make sure only authorized hosts can connect to the wireless network this base station listens on."
I have tried changing all the settings using the Airport Utility including creating a closed network; un-checking allow setup over WAN, un-checking allow SNMP; using 128 bit encryption. I looked all over apple discussions and the internet and can't find a solution. The testing company told me that I need to find out how to filter traffic to udp port 192 or block the port altogether. Any help or guidance is greatly appreciated as we keep failing these scans.Hi All. I am having the exact same problem with my PCI payment card industry compliance - where I will now be charged a monthly fee because I cannot alleviate this port 192 problem with my airport extreme base station. They very much consider it a security risk and won't budge. They want me to filter/block incoming traffic on this 192 port, I don't know what to do to satisfy their requirements. I have searched and read all the main discussions but, none actually offer a solution - just folks like us looking for help. I also closed network by un-allowing all options in airport utility. I also de-selected automatic date and time stamp. I would very much appreciate any possible suggestions as prefer to remain a long time loyal mac user but cannot afford the monthly fee to be imposed. There's gotta be a solution. I thought mac was ahead of the game in this (and all) areas. Thanks.
-
TCP/UDP Ports and site used by FEP to download updates - needed to allow on perimeter firewall
Can some one point me with information like what TCP/UDP ports are utilized by FEP and what DNS / site Name it uses to download FEP Updates. This is needed to tighten perimeter FireWall policies
Thank youIt should be the same as the documentation for all Software Updates:
https://technet.microsoft.com/en-us/library/bcf8ed65-3bea-4bec-8bc5-22d9e54f5a6d#BKMK_ConfigureFirewalls
Make sure to expand the "restrict access to specific domains" section to see the update related URLs. -
Identify Ports for AD - External UDP port scanner
Greetings all,
I am trying to figure out which UDP port is alarming on the "AD - External UDP port scanners (13005)" signature. By default, the signature is set to summarize which looks something like this "NumDestIps=100; currentTHreshold=100. protocol=1".
From the "Protocol = 1" line I am assuming all scanning is hitting up on a single destination protocol - I need to know which protocol / port number.
I've already attempted to turn on "log attacker, pair, and victim" packets. Verbose is not an option for this signature. I have also tried changing alert Frequency to "fire all" or just uncheck the "Summary Mode" box. None of this tells me the destination/victim port. I do see under a protocol field "ICMP" but i don't believe that pertains to the source port. Any ideas on how I might find this information?TCP/445 is used by Microsoft file sharing (CIFS), and by default that port is opened on all Microsoft PC basically to allow file sharing.
If you open up DOS prompt, and type: netstat -na, you would see that your PC is by default listening on TCP/445.
Here is more information on Microsoft-DS (TCP/445):
http://www.linklogger.com/TCP445.htm
http://en.wikipedia.org/wiki/Server_Message_Block
So it really depends on your corporate security policy, whether to allow file sharing or not within the network. IPS is picking that up because it is an easier way of exploiting a PC since the port is opened by default. -
Should I block TCP/UDP ports 135 to 139 on my router?
For the sake of Internet and Desktop security should I block TCP/UDP ports 135 to 139 both ways at all times on my router? This seems to be recommended for Windows environments. Does Mavericks need these ports for its proper operation? When tested, ports 135, 137,18 show as closed whereas all other ports are Stealth. Ideally, they should all be Stealth.
Have a read here: http://securityspread.com/2013/07/26/firewall/
Stealth is just as good as closed, some would argue that stealth is just as much of a giveaway of the port being present as it being closed.
The specific ports you mention pose no risk to OS X as far as I am aware. -
UDP PORT 445 Not listed in System Process
Hi! Can you help me? I need the UDP PORT 445 listed on SYSTEM Process.
I open UDP PORT 445 on Firewall (WSBS 2011), but in Syshelp (symatech validation too) the result is:
Title: One or more network services, ports, protocols or associated processes may need attention
Product: Backup Exec Server
Status: Warning
Details:
Warning SYSTEM's UDP port 445 is not open or listening.
Warning Port is not open or listening.
UDP Process: System
Ok SYSTEM is the correct process for UDP port 137
Ok Port 137 with protocol UDP is open on the following IP addresses: - 25.54.28.213
- 169.254.41.25
- 169.254.244.222
- 192.168.0.6
- 192.168.1.2
Ok Process System has port 137 with protocol UDP open.
Ok Process System has port 137 with protocol UDP open.
Ok Process System has port 137 with protocol UDP open.
Ok Process System has port 137 with protocol UDP open.
Ok Process System has port 137 with protocol UDP open.
Information Network service name not defined. Test skipped.
Information Default settings - Network Service Name: netbios-ns Port: 137 Protocol: UDP Process: System
Ok SYSTEM is the correct process for UDP port 138
Ok Port 138 with protocol UDP is open on the following IP addresses: - 25.54.28.213
- 169.254.41.25
- 169.254.244.222
- 192.168.0.6
- 192.168.1.2
Ok Process System has port 138 with protocol UDP open.
Ok Process System has port 138 with protocol UDP open.
Ok Process System has port 138 with protocol UDP open.
Ok Process System has port 138 with protocol UDP open.
Ok Process System has port 138 with protocol UDP open.
Information Network service name not defined. Test skipped.
Information Default settings - Network Service Name: netbios-dgm Port: 138 Protocol: UDP Process: System
Ok SYSTEM is the correct process for TCP port 445
Ok Port 445 with protocol TCP is open on the following IP addresses: - 0.0.0.0
Ok Process System has port 445 with protocol TCP open.
Information Network service name not defined. Test skipped.
Information Default settings - Network Service Name: microsoft-ds Port: 445 Protocol: TCP Process: SystemHi,
à
I need the UDP PORT 445 listed on SYSTEM Process.
à
Warning SYSTEM's UDP port 445 is not open or listening.
Based on your description, I’m a little confused with this issue. Please run following commands with administrator
permission and monitor the result. Would you please check and confirm whether any process listened the UDP port 445?
netstat –ab
netstat -a | find /i "445"
In addition, I noticed that you use Syshelp (Symantec validation tool) to check. I suggest that you would post
the warning message in Symantec Forum and confirm this issue. I believe we will get a better assistance there.
If anything I misunderstand, please don’t hesitate to let me know.
Hope this helps.
Best regards,
Justin Gu -
Hi Experts,
Is the above statement true?. I learnt later that adding tcp and udp ports on the nat 0 statements are supported . But does it take away the entire nat statement? Please answer my question at the earliest.
Regards
KrishnaKrishna,
"NAT exemption (nat 0 access-list command)—NAT exemption allows both translated and remote hosts to initiate connections. Like identity NAT, you do not limit translation for a host on specific interfaces; you must use NAT exemption for connections through all interfaces. However, NAT exemption does enable you to specify the real and destination addresses when determining the real addresses to translate (similar to policy NAT), so you have greater control using NAT exemption. However unlike policy NAT, NAT exemption does not consider the ports in the access list. NAT exemption also does not support connection settings, such as maximum TCP connections."
Reference
So, since the documentation clearly says that this rule does not consider any ports in the ACL, then one should not be testing unsupported configurations.
If one adds an ACL with specific ports, then unexpected results may be expected.
My suggestion, dont add any ACL entry with specific ports to your NAT exempt statement.
Thanks.
Portu.
Please rate any helpful posts -
What is the weblogic process or file opened with udp port?
I'm running weblogic 8.1 on linux AS 3.0, whenever I bring it up, there is a process that listens on udp, although my weblogic runs on default tcp port 7001. What file or process opened with up port (32770)? I'm curious to know whats running with udp..
ThanksDoes anyone know why weblogic opens udp port/ which process maps to the port?
Thanks -
How to unblock UDP ports from the firewall of the Time Capsule
Hello i just bought a time capsule and i am trying am using it as a router. I am trying to use Shakespeer
that is like a server where you share files within the University,it runs with Dtella. However, when y try to get online a message tells me that the firewall of the router is blocking the UDP ports needed....how do i unblock those UDP ports so i can get online?
Here is the message:
In order for Dtella to communicate properly, it needs to receive UDP traffic
[19:14] <*Dtella> from the Internet. Dtella is currently listening on UDP port 4000, but the
[19:14] <*Dtella> packets appear to be getting blocked, most likely by a firewall or a router. If
[19:14] <*Dtella> this is the case, then you will have to configure your firewall or router to
[19:14] <*Dtella> allow UDP traffic through on this port. You may tell Dtella to use a different
[19:14] <*Dtella> port from now on by typing !UDP followed by a number.Hello albertoPeralta. Welcome to the Apple Discussions!
To open ports on the Time Capsule, you would use the AirPort Utility to configure Port Mapping.
AEBSn - Port Mapping Setup
To setup port mapping on an 802.11n AirPort Extreme Base Station (AEBSn), either connect to the AEBSn's wireless network or temporarily connect directly, using an Ethernet cable, to one of the LAN port of the AEBSn, and then use the AirPort Utility, in Manual Setup, to make these settings:
1. Reserve a DHCP-provided IP address for the Shakespeer host device.
Internet > DHCP tab
o On the DHCP tab, click the "+" (Add) button to enter DHCP Reservations.
o Description: <enter the desired description of the host device>
o Reserve address by: MAC Address
o Click Continue.
o MAC Address: <enter the MAC (what Apple calls Ethernet ID if you are using wired or AirPort ID if wireless) hardware address of the host computer>
o IPv4 Address: <enter the desired IP address>
o Click Done.
2. Setup Port Mapping on the AEBSn.
Advanced > Port Mapping tab
o Click the "+" (Add) button
o Public UDP Port(s): 4000
o Private IP Address: <enter the IP address of the host server>
o Private UDP Port(s): 4000
o Click "Continue" -
Hello all,
I have recently installed a piece of hardware which transmits information to UDP port 6001 on my computer. Some software then runs on the computer listens to this port in order to detect the hardware.
However, LabVIEW shared variable engine seems to use the same port. On the computer in question the port is used by NITaggerService (National Instruments Variable Engine).
One solution is to stop this service - this works and allows the software to detect the hardware. However, eventually, I want to run this hardware alongside LabVIEW (indeed, LabVIEW will communicate with the hardware), so this is not a desirable solution.
http://www.ni.com/white-paper/12402/en suggestst that UDP ports 6000-6010 are used by Shared Variables and Network Streams, which is consistant with the service identified above. It suggests that these ports are fixed, however, I have noticed that on different computers, port 6001 is used by a different NI Service (e.g. on another computer, it is used by lkTimeSync (National Instruements Time Synchronization) ), suggesting that there is /some/ flexibility. In addition, not all the ports from 6000-6010 are used in practice, suggesting that it might be possible to use another port in the range 6000-6010 rather than 6001.
Does anyone know how to force NI SVE to use a different range of UDP port, or at least to not use 6001?
All the best
James PolyblankHi James,
It is not possible to pre-define which ports the NI services should use. One way to get around this would be to have these services not auto start on windows launch and manually start it once your other software has established communication with the hardware through UDP port 6001.
You have taken the first step in this direction by stopping the service. After the hardware has been detected (on port 6001), restart the NITaggerService that you stopped. This will automatically start the service on a port that is free and available.
Try this and see if it works. You can also try starting the service automatically from your labview application using 'System Exec.vi' .
Thanks and Regards,
Supreeth.K
Applications Engineer
NIUK -
Forwarding UDP port for Remote Desktop Gateway
What is the correct way to forward UDP 3391 port for RDG server?
What direction should I choose for UDP port parameters? "Receive" or "Receive Send" or something else?Aurimas N, Were you able to get RemtoteFX working through TMG? I have the same issue whre I can not get UDP working with clients conneciting over the WAN. Can you tell me specifically how you got this to work on your TMG?
Thanks
I am not sure how to check to be honest, on TMG I only see 443 port being used, and since it is remoteApp there is no connection indicator, or I don't know how to access it.
Maybe you are looking for
-
How to set where clause for a Valueset from OAF Page
Hi all I am customizing a standard page Employee Self Service. I have added some additional fields to existing KFF. There was field say "CHILD NAME" which is a free text field. The client now wants it to be a Drop down(or as LOV) which should display
-
Changing of Item category in bom after being set at once
how can i changethe item category of item in bom while it has been ones used
-
Migrating from SP 2010 to SP 2013
I m new to sharepoint and our new project requirement is to migrate the contents from SP 2010 to SP 2013. we r not going to use any tools , so if we go manually what would be the approach to migrate the custom data to the next version. there is lot o
-
Alternative to specify the jar file location other than server classpath.
Hi, We use weblogic 8.1 for our development purpose... and mostly work on ejb's. Every time a new ear file is created and deployed we need to specify the jar files needed to run that application in server classpath.... is there any alternate way so t
-
VBA dialog box hidden behind EPM processing window
I have a BPC 10 report where I want to validate selections made by the user before refreshing. I wrote a simple piece of code to test using one condition. If the condition is met, I want to display a message and prevent the report from refreshing.