Problems with forwarding port (113) in Win XP using Parallels

Discussion in 'Windows Virtual Machine' started by wob, Jun 16, 2007.

  1. wob

    wob Junior Member

    Messages:
    11
    Hi!

    I'm trying to get an identd server to work in xp using parallels on my macbook, no luck so far.

    I've forwarded port 113 in my router and have a identd server running (also tried mirc/flashfxp) with not success.

    Using a bridged connection with a specified ip (192.168.0.x).

    Any ideas?
     
  2. darkone

    darkone Forum Maven

    Messages:
    804
    from osx, can you telnet to your vms ip on port 113 and make any kind of connection ?
     
  3. wob

    wob Junior Member

    Messages:
    11
    Yes, I can connect both in osx and in xp
     
  4. dkp

    dkp Forum Maven

    Messages:
    1,367
    Do you know what interface(s) the identd daemon is bound to? Does Windows have an equiavlent of the netstat command to tell you what listeners you have? The point being, if identd is running but not bound to the interface that OS X is attached to then you won't be able to communicate.

    On the other hand, if you can connect to port 113 on the Windows box from OS X then your work is done so far as tcp/ip is concerned. If you can connect but no query transpires then it just could be a client or server failure, but identd is one of the simplest protocols out there. I wrote one in REXX years ago for OS/2. It's also one of the most useless protocols left in the toolbox given the ease with which it can be spoofed.
     
  5. simplicity

    simplicity Member

    Messages:
    86
    Yeah, on windows it's called netstat
    :D
     
  6. wob

    wob Junior Member

    Messages:
    11
    So, what do I do? :(

    If I portscan my external IP I get 113/tcp filtered auth
     
  7. dkp

    dkp Forum Maven

    Messages:
    1,367
    Well how cool is that? :)
     
  8. dkp

    dkp Forum Maven

    Messages:
    1,367
    That frequently means the firewall is intercepting that port (filtered) and that the scanner is not connecting to the service. That's where I'd look next - both in OS X and Windows, since you don't say which OS you're port scanning.
     
  9. wob

    wob Junior Member

    Messages:
    11
    Had a friend of mine portscan my external IP with netcat.

    I should mention that port 113 is open in the os x firewall
     
  10. dkp

    dkp Forum Maven

    Messages:
    1,367
    What about the Windows firewall?
     
  11. wob

    wob Junior Member

    Messages:
    11
    XP's firewall wasn't even on, but I turned it on and made an exception for port 113 (tcp) just to rule out any possibility
     
  12. dkp

    dkp Forum Maven

    Messages:
    1,367
    So, no firewalls in the way, and you have identd running as a service in Windows. You need some way to test this, and it is frequently done with telnet. How are you testing it, anyway?
     
  13. wob

    wob Junior Member

    Messages:
    11
    That's what I meant with connect, I can connect to port 113 via telnet both in osx and xp
     
  14. dkp

    dkp Forum Maven

    Messages:
    1,367
    So to test it you need to make a connection from Windows to another system. It can be ftp, telnet, or some other tcp protocol. I use telnet. Then you need two open windows in another system that can connect to port 113 on the Windows system.

    1. Open two terminal windows on a system that can telnet to port 113 of the Windows system
    2. In Windows use telnet or ftp to connect to the system in 1.
    3. In one terminal window run netstat. Explore the result for the connection made in 2. The netstat output will be several lines that look like this:

    tcp4 0 0 wideglide.local.ftp mini.mydoman.com.64655 ESTABLISHED

    This is for an ftp connection.

    4. In the other window of the system in 1, run telnet and connect to port 113 on the Windows box. When you get a connection, type in the following:

    21,64655 <enter> (obviously use the data from your netstat report and not these numbers)

    This is the local connection port (ftp=21) on the system in 1. and the source port of the Windows system (64655) separated by a comma.

    The Windows system should return something like this, using the ftp example given:
    21,64655 : USERID : UNIX : dkp

    Notice I used 21 in the left side of the submission - the particular identd you use may recognize "ftp" instead of 21, but 21 is guaranteed to work. If you use telnet instead of ftp then the port is 23.

    Basically what is going on is you are asking the Windows system to identify the user that has opened your port 21 from a source port of 64655. Because these two ports can only be associated with one user, that user will be returned in the reply. Despite the fact that you are using Windows, most identd's will offer UNIX just before the remote user's login id.

    This protocol is most often associated with IRC which for reasons that stun my senses, seems to expect this tool to be in place and yet it is sooo easy to spoof. A Linux system running an identd perl script can respond with any name the operator chooses. That, in fact, is exactly why I wrote a REXX version 12 years ago for OS/2.
     
    Last edited: Jun 17, 2007
  15. wob

    wob Junior Member

    Messages:
    11
    the IP of the Win XP emulation doesn't even show up when I type "netstat" in an empty terminal.

    If I telnet to the Win XP IP port 113 I get connected, but after awhile I get: "Connection closed by foreign host."
     
  16. dkp

    dkp Forum Maven

    Messages:
    1,367
    You have to make a connection from the Windows system, using telnet, ftp, what ever, to the system you are running netstat on. If that is your Mac then the Mac needs to have telnet or ftp services running.

    The response you see when telneting to port 113 is correct. With no input the session will close after a period of time. To do a limited test you can type in any two numbers separated by a comma and get a response though it will be meaningless.

    telnet winhost 113
    21,12345 <enter>

    This should return a blank line and close the connection. The trick is to use actual numbers from a real connection.
     
  17. wob

    wob Junior Member

    Messages:
    11
    Okay, thanks, I didn't understand at first, but now I got it

    telnet to the win box gave me:
    21, 1058 : USERID : UNIX : wob

    should be working, right?
     
  18. dkp

    dkp Forum Maven

    Messages:
    1,367
    It is working perfectly.
     
  19. wob

    wob Junior Member

    Messages:
    11
    then how come it won't work, gah :(

    could it be my router?
     
  20. dkp

    dkp Forum Maven

    Messages:
    1,367
    In order for external systems to see your port 113 in Windows you need to enable a proxy service on your router that directs port 113 traffic to your Windows system. This is most easily accomplished using bridged networking rather than shared networking otherwise you will need to proxy your router and your Mac.
     

Share This Page