Login or Register to Ask a Question and Join Our Community


SCO

OSR 5.0.7 need to block a specific IP

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems SCO OSR 5.0.7 need to block a specific IP
# 1  
Old 10-09-2013
OSR 5.0.7 need to block a specific IP
There are huge number of messages in syslog suggesting one of the client's IP is trying to telnet/ssh/pop/imap into the OSR5.0.7 system, it happens every minute or so, see a snippet below
Code:
Oct  9 13:11:20 myhost popper[17507]: (null) at 192.168.1.123 (192.168.1.123): -ERR POP EOF or I/O Error: 25 (Inappropriate I/O control operation); 0 (Unknown error)
Oct  9 13:11:23 myhost imapd[17517]: Unknown error, while reading line user=??? host=192.168.1.123
Oct  9 13:11.123 myhost telnetd[17521]: ttloop:  peer died: Unknown error 
Oct  9 13:11:34 myhost sshd[17525]: Did not receive identification string from 192.168.1.123
Oct  9 13:11:50 myhost popper[17540]: (v3.0.2-scoR5) Unable to get canonical name of client 192.168.1.123: Authoritive answer: Host not found (1)
Oct  9 13:11:50 myhost popper[17540]: EOF from  at 192.168.1.123 (192.168.1.123): [0] 25 (Inappropriate I/O control operation); 0 (Unknown error)
Oct  9 13:11:50 myhost popper[17540]: (null) at 192.168.1.123 (192.168.1.123): -ERR POP EOF or I/O Error: 25 (Inappropriate I/O control operation); 0 (Unknown error)
Oct  9 13:11:53 myhost imapd[17542]: Unknown error, while reading line user=??? host=192.168.1.123
Oct  9 13:11:58 myhost telnetd[17554]: ttloop:  peer died: Unknown error 
Oct  9 13:12:04 myhost sshd[17557]: Did not receive identification string from 192.168.1.123

I tried
Code:
route add -host 192.168.1.123 reject

but reject option is not understood by OSR route

How do I block that address?

Just in case I show what the system runs:
Code:
tcp        0      0  *.netbios-             *.*                    LISTEN
tcp        0      0  *.ipp                  *.*                    LISTEN
tcp        0      0  *.8457                 *.*                    LISTEN
tcp        0      0  *.sco-inet             *.*                    LISTEN
tcp        0      0  *.http                 *.*                    LISTEN
tcp        0      0  *.687                  *.*                    LISTEN
tcp        0      0  *.listen               *.*                    LISTEN
tcp        0      0  *.1024                 *.*                    LISTEN
tcp        0      0  *.submissi             *.*                    LISTEN
tcp        0      0  *.smtp                 *.*                    LISTEN
tcp        0      0  *.ssh                  *.*                    LISTEN
tcp        0      0  *.smux                 *.*                    LISTEN
tcp        0      0  *.swat                 *.*                    LISTEN
tcp        0      0  *.imap                 *.*                    LISTEN
tcp        0      0  *.pop3                 *.*                    LISTEN
tcp        0      0  *.time                 *.*                    LISTEN
tcp        0      0  *.daytime              *.*                    LISTEN
tcp        0      0  *.chargen              *.*                    LISTEN
tcp        0      0  *.discard              *.*                    LISTEN
tcp        0      0  *.echo                 *.*                    LISTEN
tcp        0      0  *.tcpmux               *.*                    LISTEN
tcp        0      0  *.finger               *.*                    LISTEN
tcp        0      0  *.exec                 *.*                    LISTEN
tcp        0      0  *.login                *.*                    LISTEN
tcp        0      0  *.shell                *.*                    LISTEN
tcp        0      0  *.telnet               *.*                    LISTEN
tcp        0      0  *.ftp                  *.*                    LISTEN
tcp        0      0  *.sunrpc               *.*                    LISTEN

# 2  
Old 10-09-2013
Why not sort out the problem where it is being created i.e. on 192.168.1.123?
# 3  
Old 10-09-2013
Yes, I already contacted client, but their response time is bad, next week or so
# 4  
Old 10-09-2013
Try 'ipf'. "man ADMN ipf"
This User Gave Thanks to jgt For This Post:
migurus
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Solaris

Block port for all except for one specific ip in Solaris11.4

Hi, I need to block ssh port 22 from all the servers except one server ip. Until solaris11.3 and below, I used to do like below(under /etc/ipf/ipf.conf),and it's working fine pass in quick from $server_ip to any port=22 block in quick from any to any port=22 But I tried almost same in... (1 Reply)
Discussion started by: Sumanthsv
1 Replies

2. Shell Programming and Scripting

Find specific pattern and change some of block values using awk

Hi, Could you please help me finding a way to replace a specific value in a text block when matching a key pattern ? I got the keys and the values from a command similar to: echo -e "key01 Nvalue01-1 Nvalue01-2 Nvalue01-3\nkey02 Nvalue02-1 Nvalue02-2 Nvalue02-3 \nkey03 Nvalue03-1... (2 Replies)
Discussion started by: alex2005
2 Replies

3. UNIX for Dummies Questions & Answers

Add a block of code at the end of a specific block

I need to search for a block with the starting pattern say "tabId": "table_1", and ending pattern say "]" and then add a few lines before "]" "block1":"block_111" "tabId": "table_1", "title":"My title" ..... .... }] how do I achieve it using awk and sed. Thanks, Lakshmi (3 Replies)
Discussion started by: Lakshmikumari
3 Replies

4. SCO

Recommendation for hardware to run SCO OSR 5.0.7 natively

Looking for a modern server to run SCO OSR 5.0.7 without VM (native), h/w must have manufacturers warranty. Requirements would be to accommodate light loads of up to 15 users, app does not take more than 30 - 40 MB of RAM and data stored takes up to 15 - 20 GB, no internet connections... (3 Replies)
Discussion started by: migurus
3 Replies

5. Shell Programming and Scripting

Assigning a specific format to a specific column in a text file using awk and printf

Hi, I have the following text file: 8 T1mapping_flip02 ok 128 108 30 1 665000-000008-000001.dcm 9 T1mapping_flip05 ok 128 108 30 1 665000-000009-000001.dcm 10 T1mapping_flip10 ok 128 108 30 1 665000-000010-000001.dcm 11 T1mapping_flip15 ok 128 108 30... (2 Replies)
Discussion started by: goodbenito
2 Replies

6. SCO

mounting USB floppy drive /Flash drive in OSR 6.0

Can anybody help me out to mount USB flash /floppy drive in sco openserver 6.0 . (5 Replies)
Discussion started by: sureshdrajan
5 Replies

7. Shell Programming and Scripting

Extracting specific block

Hi Everyone , have a great day i have a file which has almost 20,000 blocks each starting with this particular line " rTCCreditControlRecord " , how can i bring out the 7172 block out of that file Thanks in Anticipation (7 Replies)
Discussion started by: Dastard
7 Replies

8. UNIX for Dummies Questions & Answers

How to Block/Ban Traffic From Specific Referrer

I've got a problem site that I need to block all referrers, but if possible, I'd really like to ban all ip's at the same time so that they can't figure out a way around it. Any ideas? (4 Replies)
Discussion started by: osoamor
4 Replies

9. IP Networking

block telnet to specific port

Hello All I am running redhat linux 7.2 and would like to know how i can block telnetting to a specified port . say for example i would like to block telnet acesses to port 80. regards Xiamin (5 Replies)
Discussion started by: xiamin
5 Replies
Login or Register to Ask a Question