I'm getting this error when using Putty:
server unexpectedly closed network connection
I try to connect my EC2 ubuntu 14.04 LTS Instance using putty,
and also i generate pem key to ppk key then i upload ppk key in putty and try to connect my Instance.
To create and save a new keep-alive connection, follow these steps:
Open the PuTTY application, and go to the Options panel (labeled "Category") on the left of the window.
Select (click) the "Connection" item.
In the "Sending of null packets to keep the session active" area on the right, change the default value of "Seconds between keepalives" from 0 (turn off) to 1800 (30 minutes).
Select the "Enable TCP keepalives (SO_KEEPALIVE option)" check box. Note: This option may not be available in older versions of the PuTTY client.
On the topmost left side of the Options panel, select (click) "Session".
In the "Host Name (or IP Address)" field, enter the destination host name or IP address (e.g., "destination.ipaddress.here.com" or "192.168.1.1").
In the "Saved Sessions" text-entry box, provide a name for the session (e.g., "savedsession").
Select "Save".
To use the modified session settings, select it from the "Saved sessions" list, then click the buttons marked "Load" and "Open".
If your connected sessions still time out, enter a lower number of seconds into the "Seconds between keepalives" value.
On searching more I also got a point that:
"Uncheck 'Attempt GSSAPI authentication (SSH-2 only)' in Putty: Category - Connection - SSH - Auth - GSSAPI
In my case it seems to be GSSAPI is incompatible to a Ubuntu host that uses Beyond trust (formerly: likewise open)."
Related
I want to block a program from accessing the local server "local host" (On windows) temporary so i can test random disconnections cases ... I tried adding a (rule) to the firewall for disabling both inbound and outbound in all networks types but the program just got block from accessing the internet not the local network
Moving on to an answer instead of a comment - nevertheless, more information on your use-case is greatly appreciated;
I think it is impossible to block access to localhost but allow internet access. Two reasons:
Networking works on different layers ("OSI layers") and localhost communication is looped back before firewall might filter (see ). Not so sure on this though.
localhost communication might be "basic" in a way that it is necessary for applications when they want to communicate via network.
UPDATE after OPs comment
I assume you are on Windows 10, and you know the path to the executable of the program you want to block.
Open "Windows Defender Firewall with Advanced Security".
On the left side, go to "Outbound Rules".
Then, on the right side click on "New Rule...".
A new window will open; Leave "Program" selected and click "Next".
Next to "This program path:" is a Button "Browse..." - select your program here. Click "Next..."
Select "Block the connection", then "Next...".
Select all three; Domain, Private and Public.
After click "Next..." choose an appropriate name, then click "Finish".
From now on, you can disable/enable this rule as you see fit.
Kinda hard to provide detailed answer having only the information you've provided, but I think this scenario can be easily tested with simple containers configuration: having both program under test and "localhost" service running in containers, you can randomly update container's network configuration to simulate connectivity issues.
You can use a reverse proxy like Fiddler and block all requests coming from this application to localhost.
If I understood what you mean then this will do:
To create a rule, select the Inbound Rules or Outbound Rules category at the left side of the window and click the Create Rule link on the right side. The Windows firewall offers four types of rules: Program – Block or allow a program. Port – Block or allow a port, port range, or protocol.
if you are using a third party anti-virus solution with a built-in firewall, go to the firewall option and black list/disable/prevent internet access to your app
Otherwise, disabling your firewall will not stop any access, as it will allow inbound and outbound traffic. you can prevent specific ports but disabling the firewall wall will not only do what mentioned before but it will also leave your device vulnerable for online threatts
Try these 3 simple steps.
run your program
Open cmd ( please check you need admin access for this, if yes then run as admin)
Run the following command to see at which port the localhost is listening.
netstat -ano | findstr :
e.g (if your localhost is listening at port 3900 the command will be as follow;
netstat -ano | findstr :3900
the result will be shown on cmd console, the last column is PID (Process id)
We will just kill that process which will eventually stop the localhost server to listen any request from any source.
taskkill /PID /F
< PID > that you will get from above command.
in this case, only the localhost will stop it's service, but you application will keep communicating to outer network, internet.
Trying to use "Multiply port per ip" from pool on the general tab of settings, but requests go only through 1 IP.
First make sure you have a pool of at least 20 IPs in your zone.
When you select 'Multiply port per IP' there should be a pop up allowing you to select which IPs you want to assign.
Go back to the 'general' screen, you should see the port is now 24000:1..20. Click the tiny dropdown button next to the port to reveal ports 24000 through 24020, each will have it's own unique IP.
I am trying to set up my Azure Virtual machine to become a Perforce remote repository server.
First let me take you through the installation of Helix on the server:
And after the install is complete it says:
So far so good now from my client computer (my local desktop) I attempt to connect to this server, however, I get an error:
Now first I thought that the port wasn't open in my inbound so I added the following network rule in my Azure cloud portal:
However, this didn't do anything for me and I get the same error.
So now I am left kinda stranded. Has anyone had this issue and know how i can connect to my remote machine from perforce?
From the comment below when i type p4 info i get the following:
User name: ******
Client name: PerforceServer
Client host: PerforceServer
Client unknown.
Current directory: c:\Users\*****
Peer address: 127.0.0.1:50413
Client address: 127.0.0.1
Server address: PerforceServer:1666
Server root: C:\Users\*****\VersionControl
Server date: 2018/11/21 14:44:12 +0000 Coordinated Universal Time
Server uptime: 00:01:27
Server version: P4D/NTX64/2018.2/1724420 (2018/11/02)
Server license: none
Case Handling: insensitive
However using the prefix PerforceServer:1666 i still cannot connect
When running netstat:
TCP 127.0.0.1:50688 PerforceServer:1666 TIME_WAIT
TCP 127.0.0.1:50689 PerforceServer:1666 TIME_WAIT
Also if i run p4d i get the following error:
Perforce server error:
Listen 1666 failed.
TCP listen on 1666 failed.
bind: 0.0.0.0:1666: WSAEADDRINUSE
Allow the port through the Windows firewall.
1)Press Windows logo + X keys on the keyboard and select Control panel from the context menu.
2)Select System and Security from the options and click on Windows Firewall from right side panel of the window.
3)Click on Advanced settings and select Inbound Rules from left side panel of the window.
4)Click on New Rule under Actions tab from right side panel and select Port radio button from the window.
5)Follow the onscreen instructions and check if the changes are effective.
I have a machine with CoreOS 1800(or 1855) installed onto disk, and with following systemd-networkd config (there is only one network interface in the machine):
$ cat /etc/systemd/network/zz-default.network
[Network]
DHCP=yes
[DHCP]
ClientIdentifier=mac
UseMTU=true
UseDomains=true
Another notable thing is that this machine is also configured with PXE boot but PXE server will reject boot so it will finally boot from disk.
When I restart the machine, there will be two DHCP IPs allocated for it, I confirmed it by checking /var/lib/dhcpd.leases in DHCP server:
lease 100.79.223.152 {
starts 5 2018/09/28 02:34:00; ends 6 2018/09/29 02:33:59; tstp 6 2018/09/29 02:33:59; cltt 5 2018/09/28 02:34:00;
binding state active; next binding state free; rewind binding state free;
hardware ethernet 08:9e:01:d9:28:64;
option agent.circuit-id 0:5:8:b9:1:0:29;
}
lease 100.79.223.150 {
starts 5 2018/09/28 02:34:29; ends 6 2018/09/29 02:34:28; tstp 6 2018/09/29 02:34:28; cltt 5 2018/09/28 02:34:29;
binding state active; next binding state free; rewind binding state free;
hardware ethernet 08:9e:01:d9:28:64; uid "001010236001331(d";
option agent.circuit-id 0:5:8:b9:1:0:29;
}
The lease record 100.79.223.152 is requested by the PXE loader, though rejected by DHCP server.
The lease record 100.79.223.150 is requested by systemd-networkd of
CoreOS. (I can confirm it by running systemctl restart systemd-networkd and watch the leases file)
All seems fine, but the PXE lease record 100.79.223.152 cause other problem (when really PXE boot the machine and deploy another OS to it then it will get the 100.79.223.152 instead of 150, then cause other private problem).
If I install other OS which does not use systemd-networkd, then the reboot only cause 1 lease record.
You can see the lease 100.79.223.150 has a field uid "001010236001331(d", which means let DHCP server allocate IP by the uid (client identifier), currently it is actually same content of mac address, just be printed as octet.
This is the root cause of two IPs.
To prevent this two IP problem, I've tried to set deny duplicates in /etc/dhcp/dhcpd.conf in DHCP server, but nothing changes.
I was wandering that if it is possible to tell systemd-networkd not to send uid (client identifier). According to source of systemd, it is intentionally implemented to "always send client identifier",
given such condition, how can I prevent systemd-networkd from sending client identifier?
EDIT 2019/02/17: I found that I misunderstood the meaning of deny duplicates, it does not help this problem.
I remembered I had ever tested another option first but not works.
ignore-client-uids on;
The ignore-client-uids statement
ignore-client-uids flag;
If the ignore-client-uids statement is present and has a value of true
or on, the UID for clients will not be recorded. If this statement is
not present or has a value of false or off, then client UIDs will be
recorded.
https://www.isc.org/wp-content/uploads/2017/08/dhcp43.html
The DHCP server version is isc-dhcpd-4.2.4
EDIT 2019-03-12: I had some mistaken and found something, so answered this question myself. Simple answer is ignore-client-uids true; on server side works well, ClientIdentifier=mac on client side does not work well.
Have you tried setting the client identifier to (empty)?
$ cat /etc/systemd/network/zz-default.network
[Network]
DHCP=yes
[DHCP]
ClientIdentifier=
UseMTU=true
UseDomains=true
After many times of experiments, I found that only ignore-client-uids true; works constantly, all mystery disappeared., when you set it, you can confirm that no uid "....." appear in /var/lib/dhcp/dhcpd.leases` file, the server completely ignore the client identifier sent from client and just use MAC to determine how to allocate IP.
If you insist on using ClientIdentifier=mac, you can take a look at what I found:
specifying ClientIdentifier=mac (on client *.network) does let me get same IP as before. The reason why I said it does not work is probably because I have another NIC which also enabled DHCP by default hence caused a new IP.
/lib/systemd/network/zz-default.network
[Network]
DHCP=yes
[DHCP]
UseMTU=true
UseDomains=true
After I change above file to
[Network]
DHCP=no
I got only 1 and same IP as before.
The client identifier will be a string "\0x1" + MAC, you can confirm it grep uid "..." in /var/lib/dhcp/dhcpd.leasesfile, e.g.,uid "001304TDD210272"`, for any non-printable char it will be encoded as 3 digits Octal such as 304. Some client automatically generate an client identifier like this "\0x1" + "MAAS" + MAC ...
The most unfortunate thing is: once a client send client identifier, for the same MAC, if the client send anther request WITHOUT client identifier, it will get new IP.
Considering DDNS, for same MAC, the DHCP request with and without client identifier are treated as different client when DHCP server composing DNS update request for it. Simply speaking,
for DHCP request without client identifier -> server send DDNS request with a hash of the MAC -> DNS server: OK
for DHCP request with client identifier -> server send DDNS request with a hash of the client identifier -> DNS server: rejected due to the hash is not same, for security.
That is all I found, hope it helpful.
You can also check if there is configuration under the /run/.../systemd/network/*.network, I had the same issue because of netplan putting a configuration network file in the /run which is applied instead of the etc or lib one.
The solution in this case is to add the dhcp-identifier: mac in the the netplan yml configuration
I'm using a windows 7 PC
When I try to test an smtp connection through telnet giving the command:
telnet smtp.gmail.com 25
It shows a message:
could not establish connection to host, on port 25: connection failed"
How do I get my PC to establish a connection with the smtp host on port 25?
I checked the possibility of a Firewall blocking the port and also try using the telnet command on ports 465 or 587.
It works for me. Perhaps your ISP has a policy of blocking outbound port 25 connections, except to their official outgoing SMTP servers. That's why many services support
alternate port numbers for their SMTP service. You didn't say what the results were
for the alternate ports, so it's hard to say for sure whether that's your problem.
I also faced the same problem. The solution works for me
Either off the firewall OR Follow the below steps:
Open Windows Firewall with Advanced Security
Open Inbound Rules New Rule
Choose Port type
Choose TCP, and enter the required port - in our case, 25
Choose to Allow the connection Choose all three profiles (Domain+Private+Public)
Enter a custom rule name, e.g. "Port 25"
Press finish
Check whether SMTP port 25 is opened or not
a. Open up a command prompt.
b. Type “telnet <server_ip> 25” then hit enter.
c. Once you are determined the results. Type quit and hit enter
Important: Antivirus software can help protect your computer against viruses and other security threats. In most cases, you shouldn't disable your antivirus software. If you have to temporarily disable it to install other software, you should re-enable it as soon as you're done. If you're connected to the Internet or a network while your antivirus software is disabled, your computer is vulnerable to attacks.
Click Start, Programs, McAfee, VirusScan Console.
Double-click Access Protection
select Anti-virus Standard Protection
Unchecked enable access