VirtualBox guest responds to ping but all ports closed in nmap

ubuntu virtualbox linux-networking nmap

8,212

Solution 1

I got the hint from the link below. It turns out that there were just no processes set to listen to external IP's. I installed open ssh server to make sure there was a listener and then nmap showed 22 open. Then I edited my db's conf file to listen to external IP's and all was well.

Why can't I access my CouchDB instance externally on Ubuntu 9.04 server?

Solution 2

Ping is an ICMP echo request and does not care about ports. Those are relevant only to TCP and UDP and such which operate on a higher networking layer.

8,212

jeremyjjbrown

Senior Application Developer at Connecture. I like sharing and learn Java and Javascript Design Patterns and everything UNIX.

Updated on September 18, 2022

Comments

jeremyjjbrown almost 2 years

I want to setup a test database on a vm for development purposes but I cannot connect to the server via the network.

I've got Ubuntu 12.04vm installed on 12.04 host in Virtualbox 4.2.4 set to - Bridged network mode - Promiscuous Allow All

When I try to ping the virtual guest from any network client I get the expected result.

PING 192.168.1.209 (192.168.1.209) 56(84) bytes of data.
64 bytes from 192.168.1.209: icmp_req=1 ttl=64 time=0.427 ms
...

Internet access inside the vm is normal

But when I nmap it I get nothin!

jeremy@bangkok:~$ nmap -sV -p 1-65535 192.168.1.209
Starting Nmap 5.21 ( http://nmap.org ) at 2012-11-15 18:39 CST
Nmap scan report for jeremy (192.168.1.209)
Host is up (0.0032s latency).
All 65535 scanned ports on jeremy (192.168.1.209) are closed
Service detection performed. Please report any incorrect results at http://nmap.org/submit/
Nmap done: 1 IP address (1 host up) scanned in 0.88 seconds

ufw and iptables on VM...

jeremy@jeremy:~$ sudo service ufw stop
[sudo] password for jeremy: 
ufw stop/waiting
jeremy@jeremy:~$ sudo iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

I have scanned around and have no reason to believe that my router is blocking internal ports.

jeremy@bangkok:~$ nmap -v 192.168.1.2

Starting Nmap 5.21 ( http://nmap.org ) at 2012-11-15 18:44 CST
Initiating Ping Scan at 18:44
Scanning 192.168.1.2 [2 ports]
Completed Ping Scan at 18:44, 0.00s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 18:44
Completed Parallel DNS resolution of 1 host. at 18:44, 0.03s elapsed
Initiating Connect Scan at 18:44
Scanning 192.168.1.2 [1000 ports]
Discovered open port 445/tcp on 192.168.1.2
Discovered open port 139/tcp on 192.168.1.2
Discovered open port 3306/tcp on 192.168.1.2
Discovered open port 80/tcp on 192.168.1.2
Discovered open port 111/tcp on 192.168.1.2
Discovered open port 53/tcp on 192.168.1.2
Discovered open port 5902/tcp on 192.168.1.2
Discovered open port 8090/tcp on 192.168.1.2
Discovered open port 6881/tcp on 192.168.1.2
Completed Connect Scan at 18:44, 0.02s elapsed (1000 total ports)
Nmap scan report for 192.168.1.2
Host is up (0.0017s latency).
Not shown: 991 closed ports
PORT     STATE SERVICE
53/tcp   open  domain
80/tcp   open  http
111/tcp  open  rpcbind
139/tcp  open  netbios-ssn
445/tcp  open  microsoft-ds
3306/tcp open  mysql
5902/tcp open  vnc-2
6881/tcp open  bittorrent-tracker
8090/tcp open  unknown

Read data files from: /usr/share/nmap
Nmap done: 1 IP address (1 host up) scanned in 0.08 seconds

Answer... Turns out all of the ports were open to the network. I installed open ssh and confirmed it. Then I edited my db conf to listen to external IP's and all was well.

Admin over 11 years

OK, so it answers ping and all the ports are closed -- so what's your question? (ask a question and I'll reopen this...)
Admin over 11 years

Sure, I guess it was not clear that with ufw down and network set to bridged that all ports should be open to the network.
Admin over 11 years

Turns out all of the ports were open. I installed open ssh and confirmed it. Then I edited my db conf to listen to external IP's and all was well.
Admin over 11 years

yeah, that'll do it :-) I've reopened this so you can post that as an answer if you'd like.

jeremyjjbrown over 11 years

"Ping is an ICMP echo request and does not care about ports." Yes I know, but it proves that the vm is reachable from a non vm on the network.
Karma Fusebox over 11 years

Yes, you should have mentioned what you are trying to achieve there. If it is your goal to ignore pings then you can set net.ipv4.icmp_echo_ignore_all=1 via sysctl inside the VM.