11-19-2008
Have you isolated what programs were being accessed by those addresses? Depending on what exactly your script is doing, it may not be a practical idea. Large companies often have gateways which will make it seem as if one person (one IP) is accessing hundreds of instances of a page. So imagine say 200 people at Cisco viewing your site. While you see it as one address, the fact is, there are many people viewing the site.
What is the overall purpose of your script. Considering I can spoof addresses, if your firewall is misconfigured, your provider isn't doing BCP filtering, as an attack vector, I can make your server ignore everything via 0.0.0.0 spoofing.
7 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Hi,
I am seeing very high kernel usage and very high load averages on my system (Although we are not loading much data to our database). Here is the output of top...does anyone know what i should be looking at?
Thanks,
Lorraine
last pid: 13144; load averages: 22.32, 19.81, 16.78 ... (4 Replies)
Discussion started by: lorrainenineill
4 Replies
2. Solaris
What are the steps to find out the reasons it crash in the solaris machine (3 Replies)
Discussion started by: sandeepkv
3 Replies
3. Shell Programming and Scripting
I set up a new cron job. I have set cron jobs many times in the past and never faced issues. For some reasons my new cron job is not working.This is how my cron job looks like. plz help me out guys.
3,8,13,18,23,28,33,38,43,48,53,58 * * * * /siebel/sblp900/home/FSMTaskChk/script... (14 Replies)
Discussion started by: ragha81
14 Replies
4. Ubuntu
Hi.
I've used the Wubi install of Ubuntu and Kubuntu on my Windows XP machine for close to half a year now. My brother has let me know of a program where he works by which they're getting rid of (with support negated) several Lenovo laptops, on which, he also informs me, the K 'flavor' of Ubuntu... (1 Reply)
Discussion started by: SilversleevesX
1 Replies
5. Red Hat
i have a Intel Quad Core Xeon X3440 (4 x 2.53GHz, 8MB Cache, Hyper Threaded) with 16gig and 1tb harddrive with a 1gb port and my apache is causing my cpu to go up to 100% on all four cores heres my http.config
<IfModule prefork.c>
StartServers 10
MinSpareServers 10
MaxSpareServers 15... (4 Replies)
Discussion started by: awww
4 Replies
6. Solaris
Dear Solaris Experts,
We are upgrading from sun4u to T4 systems and one proposal is to use LDOMs and also zones within LDOMs.
Someone advised using only zones and not LDOMs because the new machines have fewer chips and if a chip or a core fails then it doesn't impact the zones, but impacts... (3 Replies)
Discussion started by: User121
3 Replies
7. Shell Programming and Scripting
netstat | awk '/server/ {for(i=1;i<2;i++) {getline;print}'
Output:
ESTABLISHED
ESTABLISHED
ESTABLISHED
ESTABLISHED
ESTABLISHED
TIME_WAIT
TIME_WAIT
From the above command I'm getting all the states. I want to count the states and write to a file, like
"Count of ESTABLISHED... (6 Replies)
Discussion started by: Roozo
6 Replies
LEARN ABOUT DEBIAN
network.conf
NETSCRIPT-2.2.conf(5) File Formats Manual NETSCRIPT-2.2.conf(5)
NAME
/etc/netscript/network.conf - interface, firewalling, and QoS configuration file.
/etc/netscript/if.conf - interface setup shell script file
/etc/netscript/qos.conf - QoS setup shell script file
/etc/netscript/ipfilter.conf - IP chains filtering shell script file
/etc/netscript/srvfilter.conf - server IP filter shell script file
DESCRIPTION
This manpage is a place holder until something better is written when the netscript itself has stopped changing rapidly.
Please see the README file in the /etc/netscript directory, and READ the configuration files if you need to change them. Apart from net-
work.conf, all of them contain sh (1) shell script functions which are there so that various things can be altered or hooked in at the
right place. Network.conf contains the full network setup details, including special interface setup for the likes of ciped/pppd/wanconfig,
and is fully commented with examples given.
UPGRADE PATH FROM KERNEL 2.2.X
The firewall/IP filtering stuff in ipfilter.conf is the part that changed radically with the move to iptables and a far better way of set-
ting up the IP filtering rules, however the QoS and interface startup/shutdown in if.conf have changed but are backwards compatible with
the old 2.2.x ipchains version of netscript for the interface address configuration settings. You will have to set up the filtering again
to use iptables by directly using the iptables commands.
Also, the kernel 2.2.x version scripts are set up so that iptables is only run on a 2.4.x kernel, otherwise IP forwarding is disabled if
beforehand you set IPFWDING_KERNEL to FILTER_ON in network.conf.
This means that when you upgrade a box to a 2.4.x router kernel, you should then be able to reboot it and log into remotely and upgrade
netscript to the version that will support 2.4.x. In this situation, if you have set old IPFWDING_KERNEL setting to FILTER_ON beforehand
in network.conf, all IP forwarding through the box will also be disabled. This means that you can safely remotely upgrade a firewall.
SEE ALSO
netscript(8), ipchains(8), iproute(8), brcfg(8).
AUTHOR
This manual page was written by Matthew Grant <grantma@anathoth.gen.nz>, for the Debian GNU/Linux system (but may be used by others).
BUGS
The author is lazy. He needs to write btter man pages...
November 23, 2000 NETSCRIPT-2.2.conf(5)