[RndTbl] Trying to open port 36141:TCP for PCI Compliance test

12 Feb 2015


      I'm trying to have a site host on Red Hat 6.3 PCI compliant through
myControlScan.
The only failure I have is that port 36141:TCP is being blocked
somehow/somewhere, and I do not know where or how to find out.
It is blocked from other servers on the network as well as itself.
# nc -zv 127.0.0.1 36141
nc: connect to 127.0.0.1 port 36141 (tcp) failed: Connection refused
(same result when using nc -zv localhost 36141 as well as the website ip
address)
36141:TCP should be open according to iptables. (iptable list shown below)
# netstat -lnp | grep 36141
(shows nothing)
traceroute gets to myControlScan (207.198.99.3) via default settings, port
80, port 80 TCP, and port 36141, BUT not 36141:TCP.
Confused.
# traceroute -p 36141 -P TCP 207.198.99.3
traceroute to 207.198.99.3 (207.198.99.3), 30 hops max, 60 byte packets
 1  * * *
 2  *^C
# traceroute -p 36141 207.198.99.3
traceroute to 207.198.99.3 (207.198.99.3), 30 hops max, 60 byte packets
 1  67.22.106.161 (67.22.106.161)  0.679 ms  0.734 ms  0.873 ms
 2  66.11.145.82 (66.11.145.82)  1.965 ms  1.963 ms  1.936 ms
 3  ae1-200.tor10.ip4.gtt.net (77.67.79.185)  1.890 ms  1.867 ms  1.839 ms
 4  xe-7-0-1.dal33.ip4.gtt.net (89.149.180.246)  51.948 ms  51.940 ms
 51.916 ms
 5  peer1-gw.ip4.gtt.net (77.67.71.30)  38.730 ms  38.730 ms  38.701 ms
iptable list below:
-----------------
# iptables -nL
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:36141
DROP       tcp  --  195.190.13.0/24      0.0.0.0/0           tcp
DROP       tcp  --  91.217.10.0/23       0.0.0.0/0           tcp
DROP       tcp  --  91.207.8.0/23        0.0.0.0/0           tcp
DROP       tcp  --  91.207.4.0/22        0.0.0.0/0           tcp
DROP       tcp  --  91.207.7.21          0.0.0.0/0           tcp
ACCEPT     all  --  172.16.100.1         0.0.0.0/0
ACCEPT     all  --  172.16.101.102       0.0.0.0/0
ACCEPT     all  --  172.22.25.53         0.0.0.0/0
ACCEPT     tcp  --  127.0.0.1            0.0.0.0/0           tcp dpt:111
ACCEPT     tcp  --  10.200.139.34        0.0.0.0/0           tcp dpt:111
ACCEPT     tcp  --  10.200.139.35        0.0.0.0/0           tcp dpt:111
ACCEPT     tcp  --  172.16.1.164         0.0.0.0/0           tcp dpt:111
REJECT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:111
reject-with icmp-port-unreachable
Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:36141
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:36141
ACCEPT     tcp  --  127.0.0.1            0.0.0.0/0           tcp dpt:111
ACCEPT     tcp  --  10.200.139.34        0.0.0.0/0           tcp dpt:111
ACCEPT     tcp  --  10.200.139.35        0.0.0.0/0           tcp dpt:111
ACCEPT     tcp  --  172.16.1.164         0.0.0.0/0           tcp dpt:111
DROP       tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:111
--------------------------------------------------------------------------
Any thoughts or ideas?
Thanks,
Tyhr

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

[RndTbl] Trying to open port 36141:TCP for PCI Compliance test