Return
-
Title
Using ncat and nmap to test communication to ports used by NetVault Backup -
Description
When NetVault backup does a backup it can wind up using many different ports. When firewalls are involved you can limit communication to a range of ports. nmap and ncat are very useful for verifying communication on specific ports. -
Resolution
1. First stop the NetVault Backup services so it doesn't interfere when we use ncat to listen on the ports we want to test.2. Then run the following command to have ncat listenncat -l -p <Port Nunber>&This will make ncat listen on the specified port. The & will let it run in the background, so you can run this command multiple times and it will listen on multiple ports.ncat -l -p 20031&ncat -l -p 20032&ncat -l -p 20033&ncat -l -p 20034&ncat -l -p 20035&3. Run the following command to verify that each instance of ncat is running.ps -ef |grep ncatroot 15909 14627 0 15:35 pts/1 00:00:00 ncat -l -p 20031root 15910 14627 0 15:35 pts/1 00:00:00 ncat -l -p 20032root 15911 14627 0 15:35 pts/1 00:00:00 ncat -l -p 20033root 15912 14627 0 15:35 pts/1 00:00:00 ncat -l -p 20034root 15913 14627 0 15:35 pts/1 00:00:00 ncat -l -p 200354. On the other server run the following command to try to connect.nmap -sT -p 20031-20035 <IP Address>The -p option specifies the ports it will connect to, so change the range to cover the ports you are testing.nmap -sT -p 20031-20035 192.168.1.17Starting Nmap 7.12 ( https://nmap.org ) at 2016-05-18 15:45 Pacific Daylight TimeNmap scan report for new-host.home (192.168.1.17)Host is up (0.00025s latency).PORT STATE SERVICE20031/tcp open unknown20032/tcp open unknown20033/tcp open unknown20034/tcp open unknown20035/tcp open unknownMAC Address: 00:26:18:0D:57:52 (Asustek Computer)Nmap done: 1 IP address (1 host up) scanned in 0.63 secondsIf it was able to connect, the STATE column will say open for that port. The SERVICE column will say unknown or may even appear to have the name of some other service. This is not a problem.It is checking /etc/services on Linux or the nmap-services file on windows to match the port number with services that are known to use that port. It does not mean that software is installedor listening on the port. But if the that software is installed and listening, it would prevent NetVault Backup from using that port.5. When nmap connects, it should cause the ncat processes to end. If the ncat processes are still running, it may cause the NetVault Backup service to not start or backups to fail. Verify thatthe processes have ended.ps -ef |grep ncatroot 16386 14627 0 16:06 pts/1 00:00:00 grep --color=auto ncat[1] Exit 1 ncat -l -p 20031[2] Exit 1 ncat -l -p 20032[3] Exit 1 ncat -l -p 20033[4]- Exit 1 ncat -l -p 20034[5]+ Exit 1 ncat -l -p 20035There may be some messages showing that the processes ended. If you run the command again there should not be any of the ncat processes.ps -ef |grep ncatroot 16420 14627 0 16:09 pts/1 00:00:00 grep --color=auto ncatIf they are still running, it might be that -sT option was not used with nmap. It is possible to kill these processes manually with the kill command.kill <PID>Using the PID information shown in step 3 as an example, you can use the following commands to kill those processes.kill 15909kill 15910kill 15911kill 15912kill 15913