On 08/12/2012 07:46 PM, Reindl Harald wrote: > > Am 12.08.2012 12:53, schrieb Ed Greshko: >> On 08/12/2012 06:05 PM, Reindl Harald wrote: >>> Am 12.08.2012 09:45, schrieb Ed Greshko: >>> >>>> That normally means that the port is open on the remote side (krazy being >>>> your cygwin host) but that the server is not running. >>> wrong >> You can't issue a blanket "wrong" and subsequently include what you've said >> is "wrong". > sure becasue "connection refused" means nothing else than connection > refused and that can be a outgoing firewall, firewall on the > remote-side and any filter/networking component between the machines > > in most networks you see no difference in teh resposne between > service not running or connection denied which is what "refused" > means > >> You could say, "maybe" or "may be not" and then go on to say.... > no because "connection refused" does NOT "normally mean the port is open" > >>> this means that service is not running or a proper firewall configuration >>> is active >>> iptables can reject with "icmp-port-unreachable" and behaves exactly like >>> that >>> however, i drop packages since a DDOS where you do not want additional >>> traffic with ICMP responses...... >> Since the system is a windows system that the OP indicated he hasn't >> changed, >> I choose to believe him, coupled with the failure of "ssh localhost" >> leads me to stand by my diagnosis > yes but the "ssh localhost" came later > > while even this does not say anything in some setups > i have a server where "telnet lcoalhost 445" leads to "connection > refused" while SMB is reachable from the local network - the sense > of this: prevent attacks to zero-day-exploits from php-scripts > running on the webserver (even if there only trustable scripts) > > here are the ICMP answers you can define for each incoming and > outgoing rule up to "network unreachable" only on a single port > to destroy OS fingerprinting: > http://www.linuxtopia.org/Linux_Firewall_iptables/x4550.html >
Whatever you say.... I look forward to your helping the OP to resolve his problem. -- Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning. -- Rick Cook, The Wizardry Compiled -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
