![]() ![]() |_ssl-date: T01:53:11+00:00 -7m34s from scanner time.ģ268/tcp open ldap Microsoft Windows Active Directory LDAP (Domain: HTB.LOCAL, Site: Default-First-Site-Name) ![]() |_ssl-date: T01:53:09+00:00 -7m35s from scanner time.ĥ93/tcp open ncacn_http Microsoft Windows RPC over HTTP 1.0Ħ36/tcp open ssl/ldap Microsoft Windows Active Directory LDAP (Domain: HTB.LOCAL, Site: Default-First-Site-Name) ![]() |_http-title: Site doesn't have a title (text/html).ġ39/tcp open netbios-ssn Microsoft Windows netbios-ssnĤ43/tcp open ssl/http Microsoft IIS httpd 10.0 |_ftp-anon: Anonymous FTP login allowed (FTP code 230)Ĩ0/tcp open http Microsoft IIS httpd 10.0 Just remember to add it in the table just before the related ACCEPT rule and not after, otherwise the LOG rule would be ignored.Nmap -sT -p-min-rate 10000 -oA nmap/alltcp 10.10.10.103 To further verify it you should run iptables -L -n -v more times and check that the packet counter of the rule iptables -I INPUT -p tcp –dport 80 -j ACCEPT remains 0 even if you connect to between a run and the other.Īs last option, for debugging purposes, you could add a LOG rule for packets on the 80 port and study the logs to see if any packet is accepted (syntax is easy, where the logs are depends on your system). ![]() The former because it connects to port 8080 which is open, the latter because it connects to port 80 and gets redirected to port 8080 which is open. You have already verified it, as you said if you add a rule to accept INPUT packets on port 8080, both and work properly. So, in your case, any packet going to port 80 is redirected to port 8080 (iptables -t nat -I PREROUTING -p tcp –dport 80 -j REDIRECT –to-ports 8080) and then it is filtered by the default DROP policy of the INPUT chain, which I assume you are using, in fact it doesn’t match the ACCEPT rule on port 80 (iptables -I INPUT -p tcp –dport 80 -j ACCEPT). More in general the rules from the nat table are applied before the rules in the filter table. As far as I know the PREROUTING rules are applied before the INPUT rules. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |