Quantcast
Channel: Ignite Realtime: Message List
Viewing all 12162 articles
Browse latest View live

port-scanning - how to hide Openfire information ?

March 8, 2014, 5:32 am
$
0
0

Hello

 

I have a small ubuntu server exposed to internet, running Openfire 3.9.1 for buddies and family (users are fixed).

My Openfire has disabled Server-to-Server, disabled XMPP inbound user creation etc .

Only open Port is 7070 (tls mandatory) instead of 5222

 

The question is how to hide Openfire's information when someone port-scans my server's IP.

I would like to hide/change the type of server (Openfire xxx) and server name (my domain name) if its possible

 

here are the results by doing a nmap port scan at server:

(although my openfire is 3.9.1, it shows as 3.8.1 at nmap scan)

 

7070/tcp  open jabber       Ignite Realtime Openfire Jabber server 3.8.1

xmpp-info:

   STARTTLS Failed

   info:

capabilities:
unknown:
features:
compression_methods:
errors:
   bad-namespace-prefix
   (timeout)
xmpp:
   server name: ******MyDomainNameIsHere*******
   version: 1.0
stream_id: TBM2h
auth_mechanisms:

 

here is info about nmap's xmpp-info

http://nmap.org/nsedoc/scripts/xmpp-info.html

 

Thanks in advance

Search

Re: invisible user when chat room

March 8, 2014, 6:47 am
$
0
0

Yes, unfortunately, you have to change this setting for every user who is not an admin or owner of the room.

Re: sign out disabled

March 8, 2014, 6:48 am
$
0
0

0.. or 0,2 I think only Jason (SnakeDoc) is doing something in his spare time. But he has his main job and not much time for Spark.

Re: port-scanning - how to hide Openfire information ?

March 8, 2014, 11:28 am
$
0
0

you cannot.

 

if your server is accessible on the public internet, then anyone will be able to tell what its doing.

 

it's common for people to think that by switching ports, they are hiding their running services. unfortunately as you have seen, you cannot hide from nmap.

 

Nmap works by crawling every possible port number, and sends a variety of packets at every port until it provokes a response from the running service. the response, often times leaks a lot of information about the running service, as you have seen above. once nmap knows a service is running on a particular port, it will do more things to expose more inforamtion. your server is not just advertising this data, but it's coming out in it's normal server respones. nmap will aslo make guesses at what is running based on packet information it gets back from the server, so it does not necessarily mean your server is just telling it everything, but rather nmap is very smart.

 

changing service port numbers is, however, a good way to avoid the low-tier "dumb" bots that crawl the internet, ie, if someone wrote a bot that looks for xmpp servers on the default port.

 

you need to not worry about hiding what your server is... but rather protecting it so that even if somebody has this info, there's not much they could do with it. Make sure you have proper firewalling for all ports you do not wish to expose to the public internet. make sure you have strong passwords for not just administrator accounts, but all accounts. Make sure the server OS is updated regularly so it has the recent vulnerbility patches, disable any OS-level user accounts not in use and not needed by the server to operate, etc. Just the normal good-server practices.

Re: asmack android file trasfer problem

March 10, 2014, 9:03 am

Presence Service - 403 error

March 10, 2014, 9:13 am
$
0
0

I updated Openfire to 3.9.1, and installed the Presence service so as to put status in our Confluence wiki.

 

Presence installs fine, and I configured the plugin to allow anyone to see status (not just subscribers), but when I visit the URL like:

 

http://im01:9090/plugins/presence/status?jid=user@domain.tld&type=xml

 

I get this:

 


<presence type="error" from="user@domain.tld"><error code="403" type="auth"><forbidden xmlns="urn:ietf:params:xml:ns:xmpp-stanzas"/></error></presence>

 

It happens for valid & invalid jid's, not sure where to go from here.  Any idea what I've done wrong?

Re: Friend information get?

March 10, 2014, 10:23 am

Re: asmack android file trasfer problem

March 10, 2014, 10:44 am
$
0
0

Hi CSH,

I know, and I'll make a document on it soon,

at the time I'm so busy, and because of integration, I couldn't post the whole solution,

But I'll make a sample project, and implement simple file tarnsfer solution there for android using asmack, to be helpfull for others.

I'll try to work on different situations that will cause problem and make a list to resolve each problem by help of other people who faces problems with  file tarnsfer on android.

 

As you could see my problem was somthing else: The Receiver receives file transfer query but had no reaction, Listener didn't triggered.

Search

Re: MultiUserChats disappearing after openfire restart

March 10, 2014, 12:02 pm
$
0
0

Go and check your log files and confirm that you do not have any errors

Re: MultiUserChats disappearing after openfire restart

March 10, 2014, 12:33 pm
$
0
0

No errors anywhere after restart... :/

Re: Friend information get?

March 10, 2014, 12:41 pm
$
0
0

One idea would be to publish the user's avatar via Personal Eventing Protocol as described in XEP-0084: User Avatar

 

Another idea is to update the image in vCard and then send update notification via XEP-0153: vCard-Based Avatars

 

For the user's hour (I guess you mean timezone?!), you can use XEP-0202: Entity Time.

 

Afaik, you are using aSmack?! Still don't know why you ask your questions in the Openfire forum, then.

 

All three are client-side protocols and all are not implemented in Smack (except PEP I think), so you have to do it yourself.

Re: "Monitoring Service", bag from "Open Archive", request history

March 10, 2014, 2:26 pm

Re: SparkWeb problem "Not Authorized"

March 10, 2014, 2:44 pm
$
0
0

la solucion es facil

en el archivo Sparkweb.html

<script type="text/javascript">

function jive_sparkweb_getConfig()

{

        return {

                server: "el nombre de tu servidor o ip", desde afuera cuando hacen login (usuario ip publica pass)

                connectionType: "socket",

                port: "5222",

                autoLogin: "false"

        };

}

</script>

 

 

y aqui biene lo mas practico nat puertos 5220 al 5230, tambien el 80 que se puede redirigir, como asi tambien es conveniente cambiarle el nombre a la carpeta sparkweb por ej chats, tambien cambiarle el nombre a Sparkweb.html por el que ustedes quieran, yo utilizo linux asi que agrego un header de php para que llame al archivo directamente.

 

index.php

 

<?php header("Location: Sparkweb.html"); exit; ?>

Re: Constant Spark disconnects - "your connection was closed due to an error"

March 10, 2014, 4:07 pm
$
0
0

Just checking in.  I have done multiple builds on different Win2012 server machines trying to get a stable instance.  Today I am starting over on Debian w/ MySQL5.6.  I'll report back.

Re: Constant Spark disconnects - "your connection was closed due to an error"

March 11, 2014, 10:00 am
$
0
0

are you still getting database errors in your logs? maybe try switching to a previous version of mysql or maybe a different database for testing (try the embedded database, it's easy and will help determine if we have a database problem still, or something else). in the past, people have had issues with mysql version 5.6...

Search

Re: Constant Spark disconnects - "your connection was closed due to an error"

March 11, 2014, 10:05 am
$
0
0

My new build is on Postgres.

 

The DB errors we've seen in the logs don't always coincide with the client disconnects.  Fantastic, huh?

 

I may have spoken too soon when I said "Spark is still disconnecting" in this scenario - I saw disconnects right off but it seems to have settled down now.  I'll continue to work on this and report back.

 

I really want to thank both of you who have taken the time to contribute to this discussion.  I'm grateful.

Re: Constant Spark disconnects - "your connection was closed due to an error"

March 11, 2014, 10:22 am
$
0
0

I didn't say - trying Spark from offsite, no disconnects.  Internally, well, I did just get another disconnect but Spark was also behaving funny during a user search just then, so I have not yet deemed it stable or unstable in-house.

Re: Constant Spark disconnects - "your connection was closed due to an error"

March 11, 2014, 10:38 am

Re: Constant Spark disconnects - "your connection was closed due to an error"

March 11, 2014, 10:39 am
$
0
0

make sure your xmpp domain is a fqdn, not an ip address or a short host name. For example, someserver.yourdomain.com

 

and, you cannot change this once openfire is setup. if you do, you must re-do the first time setup.

Re: Constant Spark disconnects - "your connection was closed due to an error"

March 11, 2014, 11:53 am
$
0
0

All good points.  I did learn the hard way early on you need to declare the proper and final fqdn at setup, and I am pointing DNS (A record) at im.company.com.  Internally, I've configured DNS to point clients at im.company.com via NAT.  I'm wondering if that internal name resolution is confusing a client or clients or something.

Viewing all 12162 articles
Browse latest View live
Search