Problems with forwarding port (113) in Win XP using Parallels

Hi!

I'm trying to get an identd server to work in xp using parallels on my macbook, no luck so far.

I've forwarded port 113 in my router and have a identd server running (also tried mirc/flashfxp) with not success.

Using a bridged connection with a specified ip (192.168.0.x).

Any ideas?

 

from osx, can you telnet to your vms ip on port 113 and make any kind of connection ?

 

Yes, I can connect both in osx and in xp

 

Do you know what interface(s) the identd daemon is bound to? Does Windows have an equiavlent of the netstat command to tell you what listeners you have? The point being, if identd is running but not bound to the interface that OS X is attached to then you won't be able to communicate.

On the other hand, if you can connect to port 113 on the Windows box from OS X then your work is done so far as tcp/ip is concerned. If you can connect but no query transpires then it just could be a client or server failure, but identd is one of the simplest protocols out there. I wrote one in REXX years ago for OS/2. It's also one of the most useless protocols left in the toolbox given the ease with which it can be spoofed.

 

Yeah, on windows it's called netstat

 

So, what do I do?

If I portscan my external IP I get 113/tcp filtered auth

 

Well how cool is that?

 

That frequently means the firewall is intercepting that port (filtered) and that the scanner is not connecting to the service. That's where I'd look next - both in OS X and Windows, since you don't say which OS you're port scanning.

 

Had a friend of mine portscan my external IP with netcat.

I should mention that port 113 is open in the os x firewall

 

What about the Windows firewall?

 

XP's firewall wasn't even on, but I turned it on and made an exception for port 113 (tcp) just to rule out any possibility

 

So, no firewalls in the way, and you have identd running as a service in Windows. You need some way to test this, and it is frequently done with telnet. How are you testing it, anyway?

 

That's what I meant with connect, I can connect to port 113 via telnet both in osx and xp

 

So to test it you need to make a connection from Windows to another system. It can be ftp, telnet, or some other tcp protocol. I use telnet. Then you need two open windows in another system that can connect to port 113 on the Windows system.

1. Open two terminal windows on a system that can telnet to port 113 of the Windows system
2. In Windows use telnet or ftp to connect to the system in 1.
3. In one terminal window run netstat. Explore the result for the connection made in 2. The netstat output will be several lines that look like this:

tcp4 0 0 wideglide.local.ftp mini.mydoman.com.64655 ESTABLISHED

This is for an ftp connection.

4. In the other window of the system in 1, run telnet and connect to port 113 on the Windows box. When you get a connection, type in the following:

21,64655 <enter> (obviously use the data from your netstat report and not these numbers)

This is the local connection port (ftp=21) on the system in 1. and the source port of the Windows system (64655) separated by a comma.

The Windows system should return something like this, using the ftp example given:
21,64655 : USERID : UNIX : dkp

Notice I used 21 in the left side of the submission - the particular identd you use may recognize "ftp" instead of 21, but 21 is guaranteed to work. If you use telnet instead of ftp then the port is 23.

Basically what is going on is you are asking the Windows system to identify the user that has opened your port 21 from a source port of 64655. Because these two ports can only be associated with one user, that user will be returned in the reply. Despite the fact that you are using Windows, most identd's will offer UNIX just before the remote user's login id.

This protocol is most often associated with IRC which for reasons that stun my senses, seems to expect this tool to be in place and yet it is sooo easy to spoof. A Linux system running an identd perl script can respond with any name the operator chooses. That, in fact, is exactly why I wrote a REXX version 12 years ago for OS/2.

 

the IP of the Win XP emulation doesn't even show up when I type "netstat" in an empty terminal.

If I telnet to the Win XP IP port 113 I get connected, but after awhile I get: "Connection closed by foreign host."

 

You have to make a connection from the Windows system, using telnet, ftp, what ever, to the system you are running netstat on. If that is your Mac then the Mac needs to have telnet or ftp services running.

The response you see when telneting to port 113 is correct. With no input the session will close after a period of time. To do a limited test you can type in any two numbers separated by a comma and get a response though it will be meaningless.

telnet winhost 113
21,12345 <enter>

This should return a blank line and close the connection. The trick is to use actual numbers from a real connection.

 

Okay, thanks, I didn't understand at first, but now I got it

telnet to the win box gave me:
21, 1058 : USERID : UNIX : wob

should be working, right?

 

It is working perfectly.

 

then how come it won't work, gah

could it be my router?

 

In order for external systems to see your port 113 in Windows you need to enable a proxy service on your router that directs port 113 traffic to your Windows system. This is most easily accomplished using bridged networking rather than shared networking otherwise you will need to proxy your router and your Mac.