I have created a server in Java with socket and a client that connects to the server. This works between two pc on the same wifi, how can i make it work on two different wifi (two pc in two different houses)?
P.S. sorry my bad english.
You have to make your server available publicly to be able to make connection from other client (connected from some other wifi network)
One possible solution is to use ngrok which will make it possible to map your local server to publicly accessible url. This server is absolutely free to use and I have personally used it multiple times for publicly exposing my local servers.
Edit 1 -
Let say your socket server is running on port 6666, you need to run following command -
./ngrok tcp 6666
this will result in following response
Session Status online
Account ********#gmail.com (Plan: Free)
Version 2.3.35
Region United States (us)
Web Interface http://127.0.0.1:4040
Forwarding tcp://0.tcp.ngrok.io:15341 -> localhost:6666
Connections ttl opn rt1 rt5 p50 p90
0 0 0.00 0.00 0.00 0.00
after this, you will be able to connect you server using following command from other java client -
socket = new Socket("0.tcp.ngrok.io", 15341);
Related
So I'm trying to connect two clients in a Java application, but in a way that one client acts as a server and other client acts as a ... client. I managed to connect them locally which works perfect, but I've been researching whether I can connect a client to a server that are not on a same network (via IPv4 or IPv6). I have read that I should do port forwarding on my router server-side. I know how to port forward, but shouldn't it be possible to do without port forwarding? If I understand correctly, only server-side should be port forwarded and the server can respond to the client without the need for the client to port forward their router? So if I'm correct, another solution would be a 'global' third party server(that is port forwarded) that would connect two clients by receiving and passing information from one client to another?
I'm just learning here, so I'm sorry if this has already been answered here but I haven't found answers to all of this in one place and I'm trying to come to a conclusion.
Yes, you can access a computer from outside the network and connect to a server
You must download the (ngrok) tool on the device that contains the server and run the tool
The client will contact the server without the need to forward the ports
ngrok
Explain the use of the tool on the site with a download link
shouldn't it be possible to do without port forwarding
Yes, you can make a connection between two machines without port-forwarding.
Example: Web servers
Take for example, web servers. By default a web server sits there listening on port 80, with 80 being the port assigned by convention for HTTP.
The web client (browser or such) sends a request by trying to connect on port 80. If there are no obstacles in the way, then the connection proceeds.
Restricted port access
However, there may be an obstacle.
One common obstacle: Unix-oriented operating systems (BSD, macOS, Solaris, Linux, AIX, etc.) by convention restrict access to ports numbered under 1,024 for security reasons. The operating system blocks any incoming connections on port 80. With that security blockage in place, the web request never reaches the server.
Port-forwarding with a packet-filter tool
One way to get past this restriction is to have the web server listen on an unrestricted port, a port numbered above 1,024, up to the 64K limit, such as 8080. Then configure the packet filter tool on the server machine’s OS to do port-forwarding. The incoming request for port 80 is altered to go to port 8080 instead.
A connection is then established between the web server and the web client.
The client thinks it is talking to the server on port 80.
The server thinks the client asked for port 8080.
With the packet filter tool in the middle altering packets on-the-fly, both server and client is none the wiser about packets being altered.
You may want to configure your firewall to allow HTTP connections from outside the machine only on 80, including blocking any external requests for 8080. In this case, only packets altered from 80 to 8080 will reach your web server. Common practice is to close as many ports as possible on a server.
FYI: For encrypted HTTP (HTTPS), the conventional port is 443 rather than 80.
Not a programming issue
Notice that there is no programming issue here. As the programmer, your client software should attempt to connect on the port number as documented for the server in which you are interested. On the server-side machine, or server-side router, port-forwarding will be configured as needed. Your client programming does not care about, or even know about, any port-forwarding that may or may not be in place. Port-forwarding is a network-admin issue, and should be transparent to the programmer.
See sister sites for networking issues
As a network-admin issue, look to the sister sites such as Server Fault and Network Engineering rather than Stack Overflow.
I created amazon ec2 instance to run Tomcat application, but
Amazon abuse team sent mail with the following log
<<<
AWS Account: ********
Report begin time: 14-12-2017 02:02:28 UTC
Report end time: 14-12-2017 02:03:28 UTC
Protocol: TCP
Remote IP: ...
Remote port(s): 80
Total bytes sent: 294167550
Total packets sent: 291255
Total bytes received: 0
Total packets received: 0
AWS Account: ********
Report begin time: 14-12-2017 02:03:15 UTC
Report end time: 14-12-2017 02:04:15 UTC
Protocol: TCP
Remote IP: ...
Remote port(s): 80
Total bytes sent: 1050081850
Total packets sent: 1039685
Total bytes received: 0
Total packets received: 0
Is it application issue or have I missed some security configuration?
We found one unknown executable application in /tmp as below, after killed this again came up after few seconds. Seems its generating unknown traffic, so we go ahead and powered off servers now.
[root#ip-172-19-24-90 tmp]# file Lixsyn
Lixsyn: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped
[root#ip-172-19-24-90 tmp]#
raw 104832 426240 0.0.0.0:6 0.0.0.0:* 7 19719/Lixsyn
raw 104832 228096 0.0.0.0:6 0.0.0.0:* 7 19719/Lixsyn
root#ip-172-31-40-123 tmp]# ifconfig
eth0 Link encap:Ethernet HWaddr ********
inet addr:******** Bcast:172.31.47.255 Mask:255.255.240.0
inet6 addr: ********/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:9001 Metric:1
RX packets:1136962 errors:0 dropped:0 overruns:0 frame:0
TX packets:2081358186 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:860855089 (820.9 MiB) TX bytes:2130697820190 (1.9 TiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:11338 errors:0 dropped:0 overruns:0 frame:0
TX packets:11338 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:21689998 (20.6 MiB) TX bytes:21689998 (20.6 MiB)
AWS sends abuse reports when ec2 instances trigger unknown traffic to servers outside your account.
This can be due to some unknown applications which got inside your ec2 instances due to publicly open ssh/rdp ports.
What you can do here is
Configure the security group of your ec2 instances to allow ssh access (port 22) with source ip as your own homr/office ip only
Do a netstat command to find what all process ids are accessing the remote ip and port numbers mentioned in thw abuse reports
Once you get the process ids, find all processes associated to it using ps -ef command and remove all the related paths
Change all user credentials and disable ssh login without password.
Answer to your second question on preventing attacks tomcat servers on ec2.
Avoid exposing tomcat manager app on default url/path
Use "name" property in server.xml to avoid exposing the.
container name and version through http headers
Better to put tomcat behind a web layer/proxy like nginx/haproxy to limit impact of bruteforce attacks
Use very strong passwords for tomcat users.
"Lixsyn" Looks like a linux backdoor virus. Has nothing to do with app Linux.BackDoor.Gates
Takashi Katsuki, a researcher at Antivirus firm Symantec has discovered a new cyber attack ongoing in the wild, targeting an open-source Web server application server Apache Tomcat with a cross platform Java based backdoor that can be used to attack other machines.
The malware, dubbed as "Java.Tomdep" differs from other server malware and is not written in the PHP scripting language. It is basically a Java based backdoor act as Java Servlet that gives Apache Tomcat platforms malicious capabilities.
Because Java is a cross platform language, the affected platforms include Linux, Mac OS X, Solaris, and most supported versions of Windows. The malware was detected less than a month ago and so far the number of infected machines appears to be low.
You may think that this type of attack only targets personal
computers, such as desktops and laptops, but unfortunately that isn’t
true. Servers can also be attacked. They are quite valuable targets,
since they are usually high-performance computers and run 24x7.
Java worm seeks out for the system having Apache Tomcat installed-running and then attempts to log-in using the password brute-force attack using combinations of user names and passwords.
After installation, the malware servlet behaves like an IRC Bot and able to receive commands from an attacker. Malware is capable of sending-downloading files from the system, create new processes, update itself, can setup SOCKS proxy, UDP flooding i.e. Can perform massive DDoS Attack.
They have mentioned that the command-and-control servers have been traced to Taiwan and Luxembourg. In order to avoid this threat, ensure that your server and AV products are fully patched and updated.
Please Add your suggestions....
For those who are new to AWS that didn't have a team to read all the details, here is the reminder : all data transfer out from your EC2 to the internet will cost you money after the first free 1 GB.
Data Transfer OUT From Amazon EC2 To Internet
First 1 GB / month $0.00 per GB
Up to 10 TB / month $0.09 per GB
Next 40 TB / month $0.085 per GB
Since EC2s are not mean to be used as web hosting service, it is timely that AWS start sending abuse email to the admin when there is massive data download OUT from EC2 to internet.
You should check whether this is the intended traffics usage of your Tomcat webapps.
If you don't anticipate the traffics e.g. there is nobody connect to it from outside the internet, check the website for possible compromised, e.g. check your Security rules, establish a connection to only trust particular IP range than to everyone in the internet.
If you anticipate the traffics, e.g. there is multiple user connect to your apps and generate lots of traffics, relook your bandwidth needs and start consider CDN(content delivery network) to relieve the required load. Because EC2 internet outgoing traffics is not cheap, since it is not intends for content intensive download.
Bare in mind that, if you don't move this traffics to a CDN, a DDoS will cause AWS to send you a massive traffic bills.
(update)
As point out by above #Abhijit Jagtap , your server might have been compromised. perhaps at the moment you open up the server to the Internet. A botnet can easily scan through possible web services version and perform the attack. It is highly probably your Web services(Tomcat, jre/jdk, web server etc ) version contain some vulnerabilities.
You should recreate the instance, perform all hardening measurement. Please don't bother to "clean up" , it is just wasting time. If you want to make some forensic later, you can create a snapshot for the compromised EC2 instance.
I have made 3 different types of extremely simple servers on a remote port:
Java TCP Server
Java HTTP Server
Node.js Server
I tested each separately, connecting them to the same port (call this port 9005). They only used the code linked above, modifying ports where necessary. When I connect to my remote server using my laptop (terminal and/or browser), 1 and 2 work, yet 3 does not.
Since 1 and 2 work, I thought there would not be any firewall issues, but could there still be some? Since - for instance - 1 and 2 are Java but Node.js is Javascript.
I made application with java using socket. My computer is the server and my phone(android ) is the client. Only what i trying to do is to forward String from phone to client PC.
Everything works fine when i configure my router and open the port i using. i don't want every time when costumer will install my application will need to open port in the router.
I thought about using remote server that will run my server code. but i didn't find server that can do that . i don't want to make my pc a server for all costumers.
How does all the chats companies do it without open port?
You must look into UPnP. This is what /most/ if not /all/ torrent clients use to allow foreign connections, without forwarding ports. How chat clients do it is a different scenario. They use hacks such as firewall hole-punching using UDP (with an external server) http://www.h-online.com/security/features/How-Skype-Co-get-round-firewalls-747197.html see this link for details on UDP hole punching.
Also see this article http://www.codeproject.com/Articles/13285/Using-UPnP-for-Programmatic-Port-Forwardings-and-N for usage of UPnP. But this is in C++, but I think you will understand.
EDIT: http://4thline.org/projects/cling/ I found this. I think it can help you.
You had to open port probably because of your routers firewall :). If you already opened let us say port 9090 then every client app (android phone) will be able to connect to it :). Of course if somebody wants to install server on their own pc they would problably forward some ports and disable some firewalls. If you want server with no special requriements lookup VPS'es. :)
I'm developing a game that can be played with computer or versus other players. The GUI is Swing but irrelevant for the matter. My question is : how do I connect with other players in a network?
I am familiar with terms like client / server, sockets etc, and i can write a basic client/server program, but it can only be run from ONE computer. I don't know how to connect to this network from a computer, say, half way across the country.
You are probably setting behind a router which hides your local IP address from the rest of the world (look for NAT for more info on this). Basically, the world only sees your YOUR_ROUTER_IP, your router takes care of carrying all IP packets from the outside world to you and vice versa. You will need to change your router settings so that your computer/server gets the router ip address. This way you can access your server application from anywhere in the world by using simple socket operations.
I hope this helps.
I like to use Kryonet for network connections, it works very well and has really good documentation.
You indicated you know how to use client and server sockets, so I'll just throw out there that you ought to try connecting with "real" ip address instead of localhost (127.0.0.1). Take two machines on your local network, get the IP address of the "server" machine and use that address to connect from the client.
This will work all the way around the world, except for the fact that you are likely behind some Network Address Translation (NAT) firewalls and will likely need to "open" or "forward" the ports you need. If you need more information on NAT, google and serverfault will be pretty helpful.
If your client and server is located on the same machine, then you can use loopback address(ie 127.0.0.1), in LAN you can do with private ip addresses
Private ip address for LAN
CLASS A - 10.x.x.x
CLASS B - 172.16.0.0 - 172.31.255.255
CLASS C - 192.168.0.0 - 192.168.255.255
you can use this for LAN environment
For connecting someone over the internet, you will need Public ip addresses.
Address apart from the private ip in every range are public address.
Now if you have a server which is having a static ip then it wont be a problem for the client to access it anywhere from the world over internet.
But if its over a LAN , and accessing the internet from a gateway, then there will be a NAT, then you will need to set the inbound and outbound traffic rules at the gateway, for letting the client access the server.