0
I have windows 10 x64 os. I have Kaspersky Internet Security 2016 installed. Recently, I noticed that connections leading to localhost or 127.0.0.1 or ::1 is being rejected. I have tried exiting kaspersky, disabling firewall. In addition, I downloaded SocketTest3 (java) and Hercules for testing tcp sockets. I tried binding to 127.0.0.1:6666 successfully. However, whenever I try to connect tcp clients to the socket, it always returns permission denied: connect on java, and similar errors on other testing programs.
I have ruled out localhost bindings to ipv4 and ipv6. Also, running tcp testing applications with admin rights didn't change anything. Please help.
nirvana8510
Posted 2017-11-07T03:34:43.407
Reputation: 1
Are you getting an RST back on your SYN? Or completing the handshake and failing after? – MaQleod – 2017-11-07T04:19:07.707
no idea. since i'm using windows, i can't monitor loopback interface using wireshark. Any connections toward 127.0.0.1 or localhost are either actively refused or permission denied. – nirvana8510 – 2017-11-07T06:11:37.897
You can download rawcap.exe or use Microsoft Message Analyzer. Rawcap is very easy to use and referenced from the Wireshark help I believe. – HelpingHand – 2017-11-07T22:16:40.813
The reason I ask is that tells you exactly where you need to look next. If you're seeing an RST immediately following a SYN, that is TCP refusing the connection, which means the port isn't bound properly or something else is blocking it (compare dump from server to dump from client, if server doesn't see SYN, then something is blocking in-between). If you're seeing a 3-way handshake and then the connection gets broken down after, that means TCP did its part and the service is killing it. – MaQleod – 2017-11-09T02:42:55.107