Keycloak port 39008 and port scan - jboss

I did a port scan using nmap on my machine running Keycloak and was surprised to find that port 39008 was open. According to nmap:
39008/tcp open unknown
Using the following two commands I found that it is keycloak:
netstat -tulpn | grep 39008
tcp 0 0 0.0.0.0:39008 0.0.0.0:* LISTEN 17270/java
ps -Af | grep 17270
me 17270 17223 0 Dec22 ? 00:13:05 java ...-Djboss.home.dir=/.../keycloak-2.4.0.Final
I cannot find any reference to this port in the config or the docs.
What is this port used for?

Related

How to detect if keepalive is enabled on TCP socket in AIX and Solaris?

I am working on a solution where i am enabling keepalive option on the TCP socket. On linux I am able to see if keepalive is enabled or not using netstat
netstat -o -p |grep processid
ouput is as follows
$ netstat -o
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State Timer
tcp 0 0 himanshu-laptop.l:46096
sjc-not16.sjc.dropb:www ESTABLISHED off (0.00/0/0)
tcp 38
0 himanshu-laptop.l:40156 v-d-1a.sjc.dropbo:https CLOSE_WAIT off
(0.00/0/0)
tcp 38 0 himanshu-laptop.l:54501
v-client-5a.sjc.d:https CLOSE_WAIT off (0.00/0/0)
In command output I see field timer which shows off or keepalive.
But I am not able to get this on AIX and Solaris.
Want to check how to get this information on AIX and Solaris?

Netstat output with boost::Asio

I have created an asio server with acceptor:
m_acceptor(m_ios, asio::ip::tcp::endpoint(asio::ip::address_v4::any(), port_num)
where port number is 3333
At this point, the netstat -antup command shows :
13:tcp 0 0 0.0.0.0:3333 0.0.0.0:* LISTEN 26566/./test
So, I believe this means that local address 0 0.0.0.0:3333 is ready to listen to any connection on port 3333
After this, I start the client which creates the endpoint to ip : 127.0.0.1 and port 3333
After this, the netstat output is:
tcp 0 0 0.0.0.0:3333 0.0.0.0:* LISTEN 26566/./test
tcp 0 0 127.0.0.1:3333 127.0.0.1:46675 ESTABLISHED 26566/./test
tcp 0 0 127.0.0.1:46675 127.0.0.1:3333 ESTABLISHED 26685/./test
Process 26566 is master process
Process 26685 is slave process
What I do not understand is what does the the port 46675 mean in the address shown above? This definitely represents the client side, but from where was this port number allocated to the client?
Does this mean that client has connected to port 3333 but the port from which it itself connects is 46675?
Does this mean that client has connected to port 3333 but the port from which it itself connects is 46675?
Basically. It describes the client endpoint. This is BSD/Posix sockets jargon.
What I do not understand is what does the the port 46675 mean in the address shown above? This definitely represents the client side, but from where was this port number allocated to the client?
It gets automatically chosen (by the TCP stack, usually in the kernel) from the local port range. E.g. on linux you can manipulate that range (if you have permission):
sudo sysctl -w net.ipv4.ip_local_port_range="60000 61000"
(Warning: don't do this unless you know what you're doing). See also https://en.wikipedia.org/wiki/Ephemeral_port

Binding MongoDB to IPv6

All MongoDB programs and processes disable IPv6 support by default, I already try bellow command to binding with IPv6 but it is not working:
mongod --dbpath ~/mongoDB --ipv6 --bind_ip 2004:c000:302::2
How can i enable IPv6 in MongoDB? and how can i bind MongoDB to IPv6?
at the end enable IPv6 by removing --bind_ip, like this:
mongod --dbpath ~/mongoDB --ipv6
As of v3.0 --ipv6 is not required, it supports ipv6 by default, and to bind to a specific address you specifiy the address with net.bindIp in the config file, for example:
bindIp: 2004:c000:302::2,192.168.0.1
Just tested this on a linux box (ubuntu 16), with mongodb v3.4 (community):
$ sudo netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 192.168.0.1:27017 0.0.0.0:* LISTEN 16440/mongod
tcp6 0 0 2004:c000:302::2:27017 :::* LISTEN 16440/mongod
tcp6 0 0 :::22 :::* LISTEN 1385/sshd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1385/sshd
$
The following configuration specifies the required settings which worked for me:
https://docs.mongodb.com/v2.4/reference/configuration-options/
Basically the changes i did were to specify the following in "--config" file
bind_ip = 0::0 # I prefer this over :: as it sometimes causes parsing errors
ipv6 = true
[This is 2.4 format, new YAML format also has similar settings: https://docs.mongodb.com/manual/reference/configuration-options/

openldap fails to bind ldaps://127.0.0.1:636

Here is my testcase :
[root#192.168.121.130 ~$]slapd -d 1 -h ldaps://127.0.0.1:636
#(#) $OpenLDAP: slapd 2.4.23 (Apr 29 2013 07:47:08) $
mockbuild#c6b7.bsys.dev.centos.org:/builddir/build/BUILD/openldap-2.4.23/openldap-2.4.23/build-servers/servers/slapd
ldap_pvt_gethostbyname_a: host=centos-6.3, r=0
daemon_init: listen on ldaps://127.0.0.1:636
daemon_init: 1 listeners to open...
ldap_url_parse_ext(ldaps://127.0.0.1:636)
daemon: bind(7) failed errno=98 (Address already in use)
slap_open_listener: failed on ldaps://127.0.0.1:636
slapd stopped.
connections_destroy: nothing to destroy.
But if I change another port , such as 6361, it works.
My environment:
OS: centos 6.4 x86_64
OpenLDAP: 2.4.23 installed by yum
Any suggestion?
it seems that another service is already running on port 636:
daemon: bind(7) failed errno=98 (Address already in use)
you can try the following command to identify this service:
netstat -tulpn | grep ':636 ' | grep 'LISTEN'
Old post, but still ...
This error is also displayed when SELinux prevents slapd from starting. Personally I experienced this after manually copying data (/var/lib/ldap/) from another server, to this one. I had to restore the imported files to default SELinux security contexts:
restorecon -R /var/lib/ldap
And I see this doesn't apply to you, but this might also happen if you're attempting to bind slapd to a port out of the ordinary. Default on CentOS7, these are the allowed ports:
#semanage port -l | grep ldap
ldap_port_t tcp 389, 636, 3268, 7389
ldap_port_t udp 389, 636
Adding another one to the legal port range, could be done with semanage. (You might need to install the package policycoreutils-python.):
semanage port -a -t ldap_port_t -p tcp 10389
... if you wish to allow slapd to bind on TCP port 10389 in addition to the four listed above. After this, the previous result would look like:
# semanage port -l | grep ldap
ldap_port_t tcp 10389, 389, 636, 3268, 7389
ldap_port_t udp 389, 636

loopback on tcp port from localhost to localhost

I've seen running netstat that there are two strange tcp connection opened:
tcp4 0 0 localhost.49153 localhost.1023 ESTABLISHED
tcp4 0 0 localhost.1023 localhost.49153 ESTABLISHED
I wonder if it is normal. Can someone help me? thank you!
Yes, that's just normal loopback used by OS X. Checkout a Apples port usage publication
port service description
-------------+------------+------------------
600-1023 | ipcserver | Mac OS X RPC-based services
49152-65535 | Xsans | Xsan Filesystem Access
49152-65535 | misc | Back to My Mac