Rpcport Ethereum
Publish: 2021-05-19 14:08:01
1. (1) Download the wallet software, install it, and close the wallet software after synchronizing data
(2) click system "start", "run", enter% appdata% in it, and then click OK (WIN XP and win7 systems both operate in this way), or press "win" key and "R" key at the same time to open the running interface
(3) after confirming the second step, open a file manager and display the interface as shown in the figure below. Find the folder named after the currency, litecoin. The data corresponding to the wallet software are all in this folder. Double click to open this folder
(4) configure the. Conf file
at the beginning, enter Notepad to confirm and open Notepad software, Input the following contents in it: ( the following code directly)
rpcuser = Test
rpcpassword = Test
rpcport = 11095
daemon = 1
server = 1
Gen = 0
testnet = 0
Listen = 0
maxconnections = 100
rpcallowip = 10.255.16. *
rpcuser, rpcpassword and rpcport can be modified or not, Rpcallowip needs to be modified according to your own situation. If your miner and wallet software are on the same machine, delete the line rpcallowip
after the file is modified, save it to the previous litecain directory with the file name of litecain.conf, or save it to the desktop, and then it
take the mining software cgminer as an example, modify the IP address of the pools part in the cgminer.conf file
URL part to the IP address of the machine where your wallet is located. Port 11095 is the port configured in litecain.conf just now. User and pass are the same, just keep consistent with the above configuration file< In addition, it is suggested to modify the values of the other two parameters as follows:
& quot; queue" : & quot; 0",< br />" scan-time" : & quot; 1",
after setting, run cgminer to start mining....
(2) click system "start", "run", enter% appdata% in it, and then click OK (WIN XP and win7 systems both operate in this way), or press "win" key and "R" key at the same time to open the running interface
(3) after confirming the second step, open a file manager and display the interface as shown in the figure below. Find the folder named after the currency, litecoin. The data corresponding to the wallet software are all in this folder. Double click to open this folder
(4) configure the. Conf file
at the beginning, enter Notepad to confirm and open Notepad software, Input the following contents in it: ( the following code directly)
rpcuser = Test
rpcpassword = Test
rpcport = 11095
daemon = 1
server = 1
Gen = 0
testnet = 0
Listen = 0
maxconnections = 100
rpcallowip = 10.255.16. *
rpcuser, rpcpassword and rpcport can be modified or not, Rpcallowip needs to be modified according to your own situation. If your miner and wallet software are on the same machine, delete the line rpcallowip
after the file is modified, save it to the previous litecain directory with the file name of litecain.conf, or save it to the desktop, and then it
take the mining software cgminer as an example, modify the IP address of the pools part in the cgminer.conf file
URL part to the IP address of the machine where your wallet is located. Port 11095 is the port configured in litecain.conf just now. User and pass are the same, just keep consistent with the above configuration file< In addition, it is suggested to modify the values of the other two parameters as follows:
& quot; queue" : & quot; 0",< br />" scan-time" : & quot; 1",
after setting, run cgminer to start mining....
2. Brief introction: Registration No.: * * location: Henan Province registered capital: 100000 yuan legal representative: Li Jiali enterprise type: limited liability company (invested or controlled by natural person) registration status: existing registration authority: Jinshui branch of Zhengzhou Administration for Instry and Commerce registered address: No. 1404, 14th floor, building 1, south of East Yellow River Road, Dongsan street, Jinshui District, Zhengzhou
legal representative: Li Jiali
Time of establishment: February 12, 2011
registered capital: RMB 100000
Business Registration No.: 410105000162780
enterprise type: limited liability company (invested or controlled by natural person)
Company Address: No. 1404, 14th floor, building 1, south of East yellow River Road, Dongsan street, Jinshui District, Zhengzhou City
legal representative: Li Jiali
Time of establishment: February 12, 2011
registered capital: RMB 100000
Business Registration No.: 410105000162780
enterprise type: limited liability company (invested or controlled by natural person)
Company Address: No. 1404, 14th floor, building 1, south of East yellow River Road, Dongsan street, Jinshui District, Zhengzhou City
3. Ports are divided into three categories
1) well known ports: from 0 to 1023, they are closely bound to some services. Usually, the communication between these ports clearly indicates the protocol of a certain service. For example, port 80 actually always communicates with H + + P
2) registered ports: from 1024 to 49151. They are loosely bound to some services. That is to say, there are many services bound to these ports, which are also used for many other purposes. For example, many systems deal with dynamic ports from around 1024
3) dynamic and / or private ports: from 49152 to 65535. In theory, these ports should not be assigned to services. In fact, machines usually allocate dynamic ports from 1024. But there are exceptions: sun's RPC port starts at 32768
this section describes the general TCP / UDP port scanning information in firewall records
remember: there is no ICMP port. If you are interested in interpreting ICMP data, please refer to the rest of this article
0 is usually used to analyze * operating system. This side * works because "0" is an invalid port in some systems, and when you try to connect it with a normal closed port, it will proce different results. A typical scan: use IP address of 0.0.0.0, set ack bit and broadcast on Ethernet layer
1 tcpmux this shows that someone is looking for the sgiirix machine. IRIX is the main provider to implement tcpmux. By default, tcpmux is turned on in this system. Iris machine contains several default password free accounts, such as LP, guest, uucp, nuucp, demos, tutor, diag, ezsetup, outofbox,
and 4dgifts. Many administrators forget to remove these accounts after installation. So hackers search the Internet for tcpmux and use these accounts
7echo you can see many messages sent to x.x.x.0 and x.x.x.255 when people search for Fraggle amplifiers. A common DoS attack is echo loop. Attackers forge UDP packets sent from one machine to another, and the two machines respond to these packets in their fastest way Another thing is the TCP connection established by doubleclick on the word port. There is a proct called "resonant global dispatch", which connects to this port of DNS to determine the nearest route. Harvest / squid cache will send udpecho from port 3130: "if the source of cache is_ When the Ping on option is turned on, it will respond with a hit reply to the UDP echo port of the original host. " This will proce a lot of such packets
11 sysstat is a UNIX service that lists all the running processes on the machine and what started them. This provides intruders with a lot of information that threatens the security of the machine, such as programs that expose known vulnerabilities or accounts. This is similar to the result of the "PS" command in UNIX systems. Again, ICMP has no port. ICMP port 11 is usually icmptype = 1119 chargen, which is a service that only sends characters. The UDP version will respond to packets containing junk characters after receiving UDP packets. When a TCP connection is
connected, a data stream containing garbage characters will be sent until the connection is closed. Using IP spoofing, hacker can launch DoS attack and forge UDP between two chargen servers. Because the server attempts to respond to unlimited round-trip data communication between two servers, one chargen and echo will lead to server overload. Similarly, Fraggle DoS attacks broadcast a packet with forged victim IP to the port of the target address, and the victim is overloaded to respond to the data
21 FTP most common attackers are used to find the party * that opens the FTP server of "anonymous". These servers have read-write directories. Hackers or takers use these servers as nodes to deliver warez (private program) and pr0n (deliberately misspelled words to avoid being classified by search engines)
22 sshpcanywhere may establish a connection between TCP and this port to find SSH. There are many weaknesses in this service. If configured in a specific mode, many versions using the rsaref library have many vulnerabilities It is recommended to run SSH on other ports. It should also be noted that the SSH toolkit comes with a program called ake SSH known hosts. It scans SSH hosts for the entire domain. You are sometimes accidentally scanned by people who use the program. UDP (instead of TCP) is connected to port 5632 at the other end, which means there is a scan to search PcAnyWhere. 5632 (hex's 0x1600) is followed by 0x0016 (hex's 22)
23 telnet intruders are searching for remote UNIX login services. In most cases, the intruder scans this port to find the operating system of the machine. In addition, using other technologies, the intruder will find the password
25 SMTP attackers (spammers) look for SMTP servers to deliver their spams. The intruder's account is always closed, they need to dial up to connect to the high bandwidth e-mail server, and pass simple information to different addresses. SMTP servers (especially sendmail) are one of the most common users to enter the system, because they must be completely exposed to the Internet, and the routing of mail is complex (exposure + complexity = weakness)
53 dnshacker or cracker may be trying to carry out zone transfer (TCP), cheat DNS (UDP) or hide other communication. Therefore, firewalls often filter or record ports 53. Note that you often see port 53 as the UDP source port. Unstable firewalls usually allow this communication and assume that it is a reply to DNS queries. Hacker often uses this method to penetrate firewall
BOOTP / DHCP on 67 and 68 bootps and dhcpudp: through the firewall of DSL and cable modem, we often see a large amount of data sent to the broadcast address 255.255.255.255. These machines are requesting an address assignment from the DHCP server. Hackers often enter them, assign an address, and use themselves as local routers to launch a large number of "man in middle" attacks. The client broadcasts the configuration request to port 68 (bootps), and the server broadcasts the response request to port 67 (bootpc). This response uses broadcast because the client does not yet know the IP address that can be sent. 69 TFTP (UDP) many servers provide this service together with BOOTP, which makes it easy to download boot code from the system. However, they are often misconfigured to provide any files from the system, such as password files. They can also be used to write files to the system
79 finger hackers are used to obtain user information, query * operating systems, detect known buffer overflow errors, and respond to finger scans from their own machines to other machines
98 linuxconf provides simple management of linuxbox. The integrated H + + P server provides services based on web interface at port 98. It has found many security problems. Some versions of setuidroot trust local area network, establish Internet accessible files under / tmp, and Lang environment variable has buffer overflow. In addition, because it contains integrated servers, many typical H + + P vulnerabilities can exist (buffer overflow, directory traversal, etc.) 109 Pop2 is not as famous as POP3, but many servers provide two services at the same time (backward compatibility). The vulnerability of POP3 on the same server also exists in Pop2
110 POP3 is used for the client to access the mail service of the server. POP3 services have many recognized weaknesses. There are at least 20 vulnerabilities to user name and password exchange buffer overflow (which means that hackers can enter the system before they actually log in). There are other buffer overflow errors after successful login< br />
111 sunrpc portmap rpcbind Sun RPCPortMapper/RPCBIND Accessing PortMapper is the first step in scanning the system to see which RPC services are allowed. Common RPC services include: pc.mountd, NFS, rpc.statd, rpc.csmd, rpc.ttybd, AMD, etc. The intruder found a test vulnerability that allowed the RPC service to switch to a specific port providing the service. Remember to record the
daemon, IDS, or sniffer in the line. You can find out what program the intruder is using to access in order to find out what happened
113 ident auth. This is a protocol running on many machines to identify users of TCP connections. A lot of machine information can be obtained by using the standard service (which will be used by hacker). But it can be used as a recorder for many services, especially FTP, pop, IMAP, SMTP and IRC. Usually, if many customers access these services through the firewall, you will see many connection requests from this port. Remember, if you block this port, the client will feel a slow connection to the e-mail server on the other side of the firewall. Many firewalls support sending back t in the blocking process of TCP connection, which means stopping this slow connection
119 NNTP news newsgroup transport protocol, carrying Usenet communication. When you link to something like: news:p.security.firewalls/. This port is usually used when the address of the. The connection attempt of this port is usually people looking for Usenet server. Most ISPs restrict access to their newsgroup servers to only their customers. Opening the Newsgroup server will allow you to post / read anyone's posts, access restricted newsgroup servers, post anonymously or send spam
135 OC serv MS RPC end point mapper Microsoft runs DCE RPC end point mapper on this port to serve its DCOM. This is very similar to the function of UNIX port 111. Services that use DCOM and / or RPC use the end-point mapper on the machine to register their locations. When remote
end customers connect to the machine, they query the end-point mapper to find the location of the service. Similarly, the purpose of hacker scanning the port of the machine is to find such information as: is exchange server running on this machine? What is the version? This port can be used not only for querying services (such as using epmp), but also for direct attacks. There are some DoS attacks directed at this port
137 NetBIOS name service nbtstat (UDP) this is the most common information for firewall administrators. Please read the NetBIOS section 139 NetBIOS file and print sharing
the connection entered through this port attempts to obtain the NetBIOS / SMB service. This protocol is used for windows "file and printer sharing" and Samba. Sharing your hard disk on the Internet is probably the most common problem. A large number of these ports started in 1999, and then graally decreased. There was a rebound in 2000. Some VBS (IE5 Visual Basic scripting) begin to themselves to this port, trying to breed on this port
143 IMAP has the same security problem as POP3 above. Many IMAP servers have a buffer overflow vulnerability, which can be accessed ring login. Remember: a Linux worm (admw0rm) propagates through this port, so many scans of this port come from unsuspecting infected users. These vulnerabilities became popular when radhat allowed IMAP by default in their Linux distribution. This is the first worm to spread widely after the Morris worm. This port is also used for imap2, but it is not popular. Some reports have found that some attacks on ports 0 to 143 originate from scripts
161 SNMP (UDP) intruders
1) well known ports: from 0 to 1023, they are closely bound to some services. Usually, the communication between these ports clearly indicates the protocol of a certain service. For example, port 80 actually always communicates with H + + P
2) registered ports: from 1024 to 49151. They are loosely bound to some services. That is to say, there are many services bound to these ports, which are also used for many other purposes. For example, many systems deal with dynamic ports from around 1024
3) dynamic and / or private ports: from 49152 to 65535. In theory, these ports should not be assigned to services. In fact, machines usually allocate dynamic ports from 1024. But there are exceptions: sun's RPC port starts at 32768
this section describes the general TCP / UDP port scanning information in firewall records
remember: there is no ICMP port. If you are interested in interpreting ICMP data, please refer to the rest of this article
0 is usually used to analyze * operating system. This side * works because "0" is an invalid port in some systems, and when you try to connect it with a normal closed port, it will proce different results. A typical scan: use IP address of 0.0.0.0, set ack bit and broadcast on Ethernet layer
1 tcpmux this shows that someone is looking for the sgiirix machine. IRIX is the main provider to implement tcpmux. By default, tcpmux is turned on in this system. Iris machine contains several default password free accounts, such as LP, guest, uucp, nuucp, demos, tutor, diag, ezsetup, outofbox,
and 4dgifts. Many administrators forget to remove these accounts after installation. So hackers search the Internet for tcpmux and use these accounts
7echo you can see many messages sent to x.x.x.0 and x.x.x.255 when people search for Fraggle amplifiers. A common DoS attack is echo loop. Attackers forge UDP packets sent from one machine to another, and the two machines respond to these packets in their fastest way Another thing is the TCP connection established by doubleclick on the word port. There is a proct called "resonant global dispatch", which connects to this port of DNS to determine the nearest route. Harvest / squid cache will send udpecho from port 3130: "if the source of cache is_ When the Ping on option is turned on, it will respond with a hit reply to the UDP echo port of the original host. " This will proce a lot of such packets
11 sysstat is a UNIX service that lists all the running processes on the machine and what started them. This provides intruders with a lot of information that threatens the security of the machine, such as programs that expose known vulnerabilities or accounts. This is similar to the result of the "PS" command in UNIX systems. Again, ICMP has no port. ICMP port 11 is usually icmptype = 1119 chargen, which is a service that only sends characters. The UDP version will respond to packets containing junk characters after receiving UDP packets. When a TCP connection is
connected, a data stream containing garbage characters will be sent until the connection is closed. Using IP spoofing, hacker can launch DoS attack and forge UDP between two chargen servers. Because the server attempts to respond to unlimited round-trip data communication between two servers, one chargen and echo will lead to server overload. Similarly, Fraggle DoS attacks broadcast a packet with forged victim IP to the port of the target address, and the victim is overloaded to respond to the data
21 FTP most common attackers are used to find the party * that opens the FTP server of "anonymous". These servers have read-write directories. Hackers or takers use these servers as nodes to deliver warez (private program) and pr0n (deliberately misspelled words to avoid being classified by search engines)
22 sshpcanywhere may establish a connection between TCP and this port to find SSH. There are many weaknesses in this service. If configured in a specific mode, many versions using the rsaref library have many vulnerabilities It is recommended to run SSH on other ports. It should also be noted that the SSH toolkit comes with a program called ake SSH known hosts. It scans SSH hosts for the entire domain. You are sometimes accidentally scanned by people who use the program. UDP (instead of TCP) is connected to port 5632 at the other end, which means there is a scan to search PcAnyWhere. 5632 (hex's 0x1600) is followed by 0x0016 (hex's 22)
23 telnet intruders are searching for remote UNIX login services. In most cases, the intruder scans this port to find the operating system of the machine. In addition, using other technologies, the intruder will find the password
25 SMTP attackers (spammers) look for SMTP servers to deliver their spams. The intruder's account is always closed, they need to dial up to connect to the high bandwidth e-mail server, and pass simple information to different addresses. SMTP servers (especially sendmail) are one of the most common users to enter the system, because they must be completely exposed to the Internet, and the routing of mail is complex (exposure + complexity = weakness)
53 dnshacker or cracker may be trying to carry out zone transfer (TCP), cheat DNS (UDP) or hide other communication. Therefore, firewalls often filter or record ports 53. Note that you often see port 53 as the UDP source port. Unstable firewalls usually allow this communication and assume that it is a reply to DNS queries. Hacker often uses this method to penetrate firewall
BOOTP / DHCP on 67 and 68 bootps and dhcpudp: through the firewall of DSL and cable modem, we often see a large amount of data sent to the broadcast address 255.255.255.255. These machines are requesting an address assignment from the DHCP server. Hackers often enter them, assign an address, and use themselves as local routers to launch a large number of "man in middle" attacks. The client broadcasts the configuration request to port 68 (bootps), and the server broadcasts the response request to port 67 (bootpc). This response uses broadcast because the client does not yet know the IP address that can be sent. 69 TFTP (UDP) many servers provide this service together with BOOTP, which makes it easy to download boot code from the system. However, they are often misconfigured to provide any files from the system, such as password files. They can also be used to write files to the system
79 finger hackers are used to obtain user information, query * operating systems, detect known buffer overflow errors, and respond to finger scans from their own machines to other machines
98 linuxconf provides simple management of linuxbox. The integrated H + + P server provides services based on web interface at port 98. It has found many security problems. Some versions of setuidroot trust local area network, establish Internet accessible files under / tmp, and Lang environment variable has buffer overflow. In addition, because it contains integrated servers, many typical H + + P vulnerabilities can exist (buffer overflow, directory traversal, etc.) 109 Pop2 is not as famous as POP3, but many servers provide two services at the same time (backward compatibility). The vulnerability of POP3 on the same server also exists in Pop2
110 POP3 is used for the client to access the mail service of the server. POP3 services have many recognized weaknesses. There are at least 20 vulnerabilities to user name and password exchange buffer overflow (which means that hackers can enter the system before they actually log in). There are other buffer overflow errors after successful login< br />
111 sunrpc portmap rpcbind Sun RPCPortMapper/RPCBIND Accessing PortMapper is the first step in scanning the system to see which RPC services are allowed. Common RPC services include: pc.mountd, NFS, rpc.statd, rpc.csmd, rpc.ttybd, AMD, etc. The intruder found a test vulnerability that allowed the RPC service to switch to a specific port providing the service. Remember to record the
daemon, IDS, or sniffer in the line. You can find out what program the intruder is using to access in order to find out what happened
113 ident auth. This is a protocol running on many machines to identify users of TCP connections. A lot of machine information can be obtained by using the standard service (which will be used by hacker). But it can be used as a recorder for many services, especially FTP, pop, IMAP, SMTP and IRC. Usually, if many customers access these services through the firewall, you will see many connection requests from this port. Remember, if you block this port, the client will feel a slow connection to the e-mail server on the other side of the firewall. Many firewalls support sending back t in the blocking process of TCP connection, which means stopping this slow connection
119 NNTP news newsgroup transport protocol, carrying Usenet communication. When you link to something like: news:p.security.firewalls/. This port is usually used when the address of the. The connection attempt of this port is usually people looking for Usenet server. Most ISPs restrict access to their newsgroup servers to only their customers. Opening the Newsgroup server will allow you to post / read anyone's posts, access restricted newsgroup servers, post anonymously or send spam
135 OC serv MS RPC end point mapper Microsoft runs DCE RPC end point mapper on this port to serve its DCOM. This is very similar to the function of UNIX port 111. Services that use DCOM and / or RPC use the end-point mapper on the machine to register their locations. When remote
end customers connect to the machine, they query the end-point mapper to find the location of the service. Similarly, the purpose of hacker scanning the port of the machine is to find such information as: is exchange server running on this machine? What is the version? This port can be used not only for querying services (such as using epmp), but also for direct attacks. There are some DoS attacks directed at this port
137 NetBIOS name service nbtstat (UDP) this is the most common information for firewall administrators. Please read the NetBIOS section 139 NetBIOS file and print sharing
the connection entered through this port attempts to obtain the NetBIOS / SMB service. This protocol is used for windows "file and printer sharing" and Samba. Sharing your hard disk on the Internet is probably the most common problem. A large number of these ports started in 1999, and then graally decreased. There was a rebound in 2000. Some VBS (IE5 Visual Basic scripting) begin to themselves to this port, trying to breed on this port
143 IMAP has the same security problem as POP3 above. Many IMAP servers have a buffer overflow vulnerability, which can be accessed ring login. Remember: a Linux worm (admw0rm) propagates through this port, so many scans of this port come from unsuspecting infected users. These vulnerabilities became popular when radhat allowed IMAP by default in their Linux distribution. This is the first worm to spread widely after the Morris worm. This port is also used for imap2, but it is not popular. Some reports have found that some attacks on ports 0 to 143 originate from scripts
161 SNMP (UDP) intruders
Hot content