port

Powershell Test Network Connection

by Ulysses · Jun 15, 2020

Here’s the command to test a network connection in Powershell.

C:> Test-NetConnection -ComputerName server -Port 443

Result:

ComputerName     : server
RemoteAddress    : 10.0.0.5
RemotePort       : 443
InterfaceAlias   : Ethernet 0
SourceAddress    : 10.1.1.34
TcpTestSucceeded : True

Splunk Search for Tanium Clients

by Ulysses · Feb 24, 2020

Here’s the Splunk search for Tanium clients reporting to the Tanium server.

"data.jsonPayload.rule_details.direction"=EGRESS
"data.jsonPayload.connection.src_ip"="10.0.0.1"
"data.jsonPayload.connection.dest_port"=17472

Passive FTP Firewall

by Ulysses · Nov 18, 2019

Passive FTP is a FTP mode that alleviates the issues with client firewalls. The client initiates a call to the server. The return traffic is allowed as long as the client has initiated it. In addition, the server sends a port command along with an ephemeral port that the client can connect to. The client initiates a call on that ephemeral port, and the connection is then established.

Egress port 21 and ephemeral ports 1024-65535 needs to be opened from the client side.

# From the client side, egress port 21 must be open.
tcp:21
# From the client side, ephemeral ports from port 1024 to 165535 must be open.
tcp:1024-165535

SFTP Login

by Ulysses · Jul 8, 2019

How to login using SFTP on a non-standard port.

sftp -oPort=2233 username@servername

Get list of commands.

sftp help

Testing a Network Port Connection

by Ulysses · Oct 10, 2018

You can test a network port connection using the “nc” command on Linux and “telnet” on Windows.

Format:
$ nc -zv domain.com port
C:\> telnet domain.com port

$ nc -zv domain.com 80
Connection to domain.com 80 port [tcp/http] succeeded!

C:\> telnet -zv domain.com 80
Connecting To domain.com...Could not open connection to the host, on port 80: Connect failed

For Telnet, if a connection is successful, it returns no message.