attach XP computer to network fror printing

Michael Havens bmike1 at gmail.com
Sun Mar 18 21:09:17 MST 2012


man.... I'm beginning to think I should just reinstall my print server.

On Sun, Mar 18, 2012 at 6:57 PM, Michael Havens <bmike1 at gmail.com> wrote:

> I forgot to mention that they can all ping each other
>
>
>
> On Sun, Mar 18, 2012 at 5:01 PM, Michael Havens <bmike1 at gmail.com> wrote:
>
>> it is strange and I think related to the printing issue that when I try
>> to ssh from the server to the laptop the connection is refused but when I
>> try the other way the connection times out.  Does that little piece of
>> information help any?
>> --more info--
>> ssh server to xp=timeout
>> ssh laptopto XP= timeout
>> ssh xp to laptop=connection refused (cygwin)
>> ssh xp to server=connection timeout (cygwin)
>>
>>
>> On Sun, Mar 18, 2012 at 4:21 PM, Michael Havens <bmike1 at gmail.com> wrote:
>>
>>>
>>>
>>> On Sat, Mar 17, 2012 at 6:35 AM, Lisa Kachold <lisakachold at obnosis.com>wrote:
>>>
>>>> Good Job Michael!  You have negotiated the ufw.  Keep in mind that you
>>>> would not want to open all this on a traveling laptop (since it would
>>>> expose trusted services to all).  Now just because you have opened the
>>>> ports on one system, you can't be sure they are actually "seen" from the
>>>> other system without a test?
>>>>
>>>> From the other system, now run:
>>>>
>>>> # nmap $thissystem
>>>>
>>>> Did you see 22 tcp  open from the other system NOW?
>>>>
>>>> no.
>>>
>>> bmike1 at Michaels-Laptop ~ $ sudo nmap 192.168.0.4  (laptops ip)
>>>
>>> Starting Nmap 5.21 ( http://nmap.org ) at 2012-03-18 15:11 MST
>>> Nmap scan report for 192.168.0.4
>>> Host is up (0.000022s latency).
>>> Not shown: 999 closed ports
>>> PORT    STATE SERVICE
>>> 631/tcp open  ipp
>>>
>>> Nmap done: 1 IP address (1 host up) scanned in 0.29 seconds
>>>
>>> bmike1 at Michaels-Laptop ~ $ sudo nmap 192.168.0.3 (print servers ip)
>>>
>>> Starting Nmap 5.21 ( http://nmap.org ) at 2012-03-18 15:12 MST
>>> Nmap scan report for 192.168.0.3
>>> Host is up (0.0020s latency).
>>> Not shown: 997 filtered ports
>>> PORT    STATE SERVICE
>>> 139/tcp open  netbios-ssn
>>> 443/tcp open  https
>>> 445/tcp open  microsoft-ds
>>> MAC Address: 00:09:6B:78:AB:F0 (IBM)
>>>
>>> Nmap done: 1 IP address (1 host up) scanned in 12.29 seconds
>>> bmike1 at Michaels-Laptop ~ $
>>>
>>> Make sure it's enabled for the service via ufw (on the target system):
>>>>
>>>> # sudo ufw allow ssh
>>>>
>>>> it said the rule already exists.
>>>
>>>
>>>> It appears that your ssh is timing out, but the logs can tell you why:
>>>>
>>>> On the target system:
>>>>
>>>> # tail /var/log/messages
>>>> or
>>>> # tail /var/log/secure
>>>>
>>>> it responded '...no such file...'
>>>
>>> Sshd is setup by default for strict host checking, so you MUST have an
>>>> acceptable /etc/hosts file configuration:
>>>>
>>>> There must be a hostname that matches your host entry, which matches
>>>> your IP address.
>>>>
>>>
>>>  Here is now my /etc/hosts file
>>>
>>> 127.0.0.1       localhost
>>> 127.0.1.1       Michaels-PC
>>> #####################
>>> #added
>>> 192.168.0.2     SonyDesktop      <-this is the computer name..... if I'm
>>> supposed to put something else in please
>>>                                                   tell me how to get
>>> that info on an XP
>>> 192.168.0.4     Michaels-Laptop  <-I put the computer name in because
>>> that is what is in there in /etc/hosts
>>>                                                    [127.0.0.1 (computer
>>> name)]
>>> #added
>>> #####################
>>> # The following lines are desirable for IPv6 capable hosts
>>> ::1     ip6-localhost ip6-loopback
>>> fe00::0 ip6-localnet
>>> ff00::0 ip6-mcastprefix
>>> ff02::1 ip6-allnodes
>>> ff02::2 ip6-allrouters
>>>
>>>
>>>
>>>> You can also do a couple of ssh daemon "hacks", by editing the
>>>> /etc/ssh/sshd_config file:
>>>>
>>>> If I do this I don't need to worry about /etc/hosts?
>>>
>>>
>>>> a) Allow root ssh (which is disallowed by default) [What command are
>>>> you running from the other system to get here?  As root?]:
>>>>
>>>> Find out line that read as follows:
>>>> *PermitRootLogin no*
>>>> Set it as follows:
>>>> *PermitRootLogin yes*
>>>>
>>>> b) Disable Strict
>>>> *StrictHostKeyChecking* *yes
>>>> *set it as follows:*
>>>> **StrictHostKeyChecking* *no*
>>>>
>>>> c)  Change/extend the timeouts:
>>>>
>>>> *ServerAliveInterval 100*
>>>>
>>>>
>>>> These changes can be used to provide more information on why you are
>>>> not connecting.
>>>>
>>>> ALWAYS remember to copy your original CONFIGS to backup before editing
>>>> so you can seamlessly roll forward and back.
>>>>
>>>> Don't forget to restart ssh daemon after making configuration changes!
>>>>
>>>> Nope... didn't work.
>>>
>>>
>>>>
>>>>
>>> On Fri, Mar 16, 2012 at 11:00 PM, James Mcphee <jmcphe at gmail.com> wrote:
>>>>
>>>>> if you're opening that much, just disable iptables until you figure
>>>>> out what you need to leave open.
>>>>> On Mar 16, 2012 6:06 PM, "Michael Havens" <bmike1 at gmail.com> wrote:
>>>>>
>>>>>>      hmmmmmm..... opening the ports didn't help any. I opened:
>>>>>>
>>>>>> bmike1 at Michaels-PC:~$ sudo ufw status
>>>>>> Status: active
>>>>>>
>>>>>> To                         Action      From
>>>>>> --                         ------      ----
>>>>>> 22                         ALLOW       Anywhere
>>>>>> 137                        ALLOW       Anywhere
>>>>>> 138                        ALLOW       Anywhere
>>>>>> 139                        ALLOW       Anywhere
>>>>>> 445                        ALLOW       Anywhere
>>>>>> 389                        ALLOW       Anywhere
>>>>>> 901                        ALLOW       Anywhere
>>>>>> 53                         ALLOW       Anywhere
>>>>>> 80                         ALLOW       Anywhere
>>>>>> 110                        ALLOW       Anywhere
>>>>>> 143                        ALLOW       Anywhere
>>>>>> 443                        ALLOW       Anywhere
>>>>>> 631                        ALLOW       Anywhere
>>>>>> 993                        ALLOW       Anywhere
>>>>>> 995                        ALLOW       Anywhere
>>>>>> 5800                       ALLOW       Anywhere
>>>>>> 5900                       ALLOW       Anywhere
>>>>>> 9418                       ALLOW       Anywhere
>>>>>> 8080                       ALLOW       Anywhere
>>>>>> 22                         ALLOW       Anywhere (v6)
>>>>>> 137                        ALLOW       Anywhere (v6)
>>>>>> 138                        ALLOW       Anywhere (v6)
>>>>>> 139                        ALLOW       Anywhere (v6)
>>>>>> 445                        ALLOW       Anywhere (v6)
>>>>>> 389                        ALLOW       Anywhere (v6)
>>>>>> 901                        ALLOW       Anywhere (v6)
>>>>>> 53                         ALLOW       Anywhere (v6)
>>>>>> 80                         ALLOW       Anywhere (v6)
>>>>>> 110                        ALLOW       Anywhere (v6)
>>>>>> 143                        ALLOW       Anywhere (v6)
>>>>>> 443                        ALLOW       Anywhere (v6)
>>>>>> 631                        ALLOW       Anywhere (v6)
>>>>>> 993                        ALLOW       Anywhere (v6)
>>>>>> 995                        ALLOW       Anywhere (v6)
>>>>>> 5800                       ALLOW       Anywhere (v6)
>>>>>> 5900                       ALLOW       Anywhere (v6)
>>>>>> 9418                       ALLOW       Anywhere (v6)
>>>>>> 8080                       ALLOW       Anywhere (v6)
>>>>>>
>>>>>> bmike1 at Michaels-PC:~$
>>>>>>
>>>>>>
>>>>>>      What else do you think I should open?
>>>>>>
>>>>>>
>>>>>> On Fri, Mar 16, 2012 at 10:44 AM, Michael Havens <bmike1 at gmail.com>wrote:
>>>>>>
>>>>>>> look what I found in my quest to open ports for printing: I found a
>>>>>>> program called ufw which is a 'program for managing a netfilter
>>>>>>> firewall.' And one of the commands is:
>>>>>>>
>>>>>>>        ufw allow 53
>>>>>>>        This  rule  will allow tcp and udp port 53 to any address on
>>>>>>> this
>>>>>>>        host.
>>>>>>>
>>>>>>> Which is the printers port?... of course 631. my search engine is
>>>>>>> givong me another: 515? But both of my computers print.
>>>>>>> Do you know if I can specify more than one port in the command?
>>>>>>> oops... I just found the correct syntax:
>>>>>>>      ufw allow 18:25,50:110,130:150,389:445,
>>>>>>> 631,900:1000,5800:5900,8080,9418
>>>>>>> the man page says I'm allowed 15 numbers in there. No spaces,
>>>>>>> separated by a coma, and ranges (x:y ) count as two numbers.
>>>>>>>
>>>>>>> What other ports does the great brain known as PLUG believe is good
>>>>>>> to open?
>>>>>>> I think ufw is basically a program to make iptables easier. Or do
>>>>>>> you want to give me a tutelage on iptables. I'm willing if you are! Does
>>>>>>> anyone have any pointers about ufw?
>>>>>>>
>>>>>>> ufw probably is an acronym for unix fire wall. or perhaps ubuntu
>>>>>>> fire wall.
>>>>>>>
>>>>>>>
>>>>>>
>>>> --
>>>> (503) 754-4452 Android
>>>> (623) 239-3392 Skype
>>>> (623) 688-3392 Google Voice
>>>> **
>>>> it-clowns.com
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> ---------------------------------------------------
>>>> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
>>>> To subscribe, unsubscribe, or to change your mail settings:
>>>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>>>>
>>>
>>>
>>>
>>> --
>>> :-)~MIKE~(-:
>>>
>>
>>
>>
>> --
>> :-)~MIKE~(-:
>>
>
>
>
> --
> :-)~MIKE~(-:
>



-- 
:-)~MIKE~(-:
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20120318/00f3f10f/attachment.html>


More information about the PLUG-discuss mailing list