Apache2 Webserver needs port - apache2

I experienced some issues with Apache2. I’ve bought a domain at strato e.g. webserver.com. Now I am running Apache2 on a raspberry pi. The port forwarding is already configured. I only can forward a specific number of ports in a specific range, e.g. 12000 to 13000. So I forwarded the Webserver on port 12000. The A-Record has my external ip-adress set. If I want to access my page I need to type in: Webserver.com:12000.
How can I resolve this issue?

Related

XAMPP - Share my PC localhost on mobile hotspot to any devices

I wanted to try localhost in my mobile, so I can see if it is really responsive cause in the chrome there are only few selections like iPad,etc.. so My PC has a mobile hotspot. Is it possible to share my localhost to the connected devices?
Why are you using your PC as mobile hotspot? Isn't there another network that both your PC and other devices can connect to and find each other on?
Either way, localhost is just a shorthand for the local loopback IP address (127.0.0.1), which is used for a computer to handle network requests to itself. Now, if the other devices can connect to the PC, then all you need to do is find out what your IP address on the local network is, if XAMPP's Apache server is listening for requests on the network and if any local Firewall isn't blocking access.
(Windows)Before you do anything else, make sure Windows IIS isn't running! It occupies the default http port (80) and is going to cause problems if it's there!
First up, figuring out your IP address:
(Windows)Open the commandprompt (start -> search cmd.exe or run and enter cmd) // (Linux/Unix/Mac)Open a terminal
(Windows)run ip-config and look for the line that specifies your IPv4 address, write it down if you have to // (Linux/Unix/Mac)run ifconfig and look for the line stating inet.
Either way, this address probably looks like 192.168.X.Y
Next, check to see if Apache is listening
As this is often the default setting, it probably is. So grab any other device connected on the same network and open a browser
In the address bar type the 192.168.X.Y IP address of the PC running XAMPP
If you don't see an error, go to your files and enjoy!
If you do get an error, change the config for Apache (httpd.conf) and search for a line containing "Listen 80", if you can't find it then it's probably listening to 0.0.0.0:80 and you need to edit that line to "Listen 80" as that will allow it to listen to all addresses on the network.
Finally, you can't reach it so check if your firewall is blocking access. This is usually Windows firewall not trusting anything that doesn't carry a Microsoft label
Go to Control Panel > Windows Firewall > Allow a program to communicate through windows firewall > Add another program Name: http Port: 80
If it still doesn't work and you're running Windows, refer to this Stack Overflow question as you are not the first person that has trouble setting things up.

Ettercap - ARP poisoning unsuccessful

Yesterday I successfully performed a MITM attack by ARP poisoning between my router and my Windows7 computer. I used Ettercap on a Linux machine.
However, today, running the same command does not work anymore. It looks like Ettercap cannot reach my computer, which IP is 192.168.0.17.
Here is what I got :
We can see that the only host added to the list is the router one (192.168.0.1)... What I don't understand is that it was working few hours ago.
I noticed also another thing.
using the command
sudo arpspoof -i wlp20s0 -t 192.168.0.17 192.168.0.1
The ARP poisonning DOES work this time. But now the problem is that it is acting like a DDOS on my victim... It completely loses internet connection.
And before it was not, it was working as expected.
So I guess something has changed on my victim computer but I cannot figure what.
Thank you.
IP forwarding is the ability for an operating system to accept incoming network packets on one interface, recognize that it is not meant for the system itself, but that it should be passed on to another network, and then forwards it accordingly.
From https://openvpn.net/faq/what-is-and-how-do-i-enable-ip-forwarding-on-linux/
When you perform MITM packets that don't match your IP are being sent to you and are not passed on correctly so the victim can reach out to the internet. With IP forwarding enabled your computer will reroute the packets correctly and the attacked computer will have access to the internet.
On Linux if I remember correctly:
echo 1 > /proc/sys/net/ipv4/ip_forward
will fo the job.
Arp replies are stored in cache, so first of all do some tricks here:
Remove arp cache from windpws with cmd.
(Cause the first priority is the cache and if host cant find the mac address it will generate an ARP request,then your router will repliy with ARP reply)
issue this command to see arp table:
arp -a
When you do Mitm with arp spoof and your computer looses internet connectivity it might be your DNS misconfiguration.
You ll need to enable dns server.
(If wan to brows web pages)
Try to do it with ettercap and enable arp poision and dns spoof module.

bacnet_scan.py running on one VM not detecting device on another in the same NAT Network

I have two virtual machines running on the same host and they are both in the same NAT Network. I started a fake bacnet device on one VM (say VM1) using the utility script volttron/scripts/scalability-testing/virtual-drivers/bacnet.py.
The device started up fine. Now from another VM (say VM2) on the same host and same NAT Network I ran the scan_bacnet.py but my fake device on VM1 is not getting listed.
I verified that the ip address on the BACpypes.ini file has the correct address of the host running the scan_bacnet.py script. I also changed the address in BACpypes.ini to include subnet mask (10.0.2.15/24) still no luck.
Below is the content of my BACpypes.ini on file on VM2
[BACpypes]
objectName: Betelgeuse
address: 10.0.2.15/24
objectIdentifier: 599
maxApduLengthAccepted: 1024
segmentationSupported: segmentedBoth
vendorIdentifier: 15
This is the command I ran in VM1 to start the fake bacnet device
python bacnet.py bacnet_registry.csv 10.0.2.5
I am able to ping from one VM to another and running a tcpdump on the source VM shows that the scan_bacnet.py is sending the whois request to the other VM. Running tcpdump on the destination VM shows that the machine is receiving the whois request yet the fake bacnet device isn't receiving the whois request.
What am I doing wrong?
You need to include the subnet mask in the virtual device command line:
python bacnet.py bacnet_registry.csv 10.0.2.5/24
Also you should check the firewall setting on both VMs. CentOS, for instance, defaults to blocking all incoming traffic. (You will still see it in the output tcpdump.) For BACnet you need to open udp port 47808 for all traffic (broadcast and direct).

Application that connects to node REST api is being blocked by customers firewall

My company and I is developing an angular application that gets its data from our own build API.
The API is build in node.js using express and runs on port 8080.
We sell licences to medium sized / huge companies.
A common problem we have with our clients is that once they try to log in to the system they get rejected (by their own firewall) because it does not allow traffic on port 8080. Which means that each of our clients will have to run by their own IT department to get our system to work.
This is of-course always a bad start with new clients.
So my question is: is there a way to avoid this either by choosing a "safer" more common port or am i doomed to have this embarrassing remark on my system?
I'd say you can simply use port 80. It is the most commonly used port for HTTP. Or 443, the most commonly used port for HTTPS. They are probably the most likely ports not to be blocked by firewalls.

Recommended port for proxy server

I'm trying to create a proxy server, and am having trouble decide on a trivial thing -- the port number on which it will listen. Is there some kind of convention on which port a proxy server should run on? Or should it just be greater than 1024?
Normally, you just pick a port and make it changeable for the user (or yourself). Simply, if it is already used on the system you run your proxy on, use a different one.
Many free proxy servers even listen (e.g. this) to default ports, like 8080. As long as the port is not in use on your system, it does not matter, as the real port is negotiated after a connection attempt.
For your interest, a list of registered ports can be found on the IANA (Internet Assigned Numbers Authority), which manages stuff like that. That is only a hint. I normaly use a random port like 8888 or so, even if someone somewhere already uses that.

Resources