04-24-2009
Very nice for your answers fpmurphy.
Thanks for sysctl.
I spend all my day on this. Finally you are right.
The problem came from a couple of firewall. A switch occurs the night before between them. And they are different in their config. The admin say it's impossible. But in fact it is.
Sorry for my poor english
Best regards
9 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Hi
Should anyone be able to help, one of my colleagues was doing a truss this morning and I am not sure if it has offset the system crash, but we have had these type of errors coming up????
# ls
ls: Cannot read /usr/lib/ld.so.1
Killed
# ps -ef
ps: Cannot read /usr/lib/ld.so.1
Killed
#... (1 Reply)
Discussion started by: NAV4869
1 Replies
2. Solaris
Hi,
I have a Sun 3500 server on which i installed solaris 8 and have also installed veritas 4.0 on it. i dont know why from the time i have built this server whenever i try to boot it, the server doesnot come back smooth.... i have got to connect a laptop to the serial port of the server and... (3 Replies)
Discussion started by: ishila
3 Replies
3. UNIX for Dummies Questions & Answers
how do i mointor how many sockets are opened from a particular foriegn address? (2 Replies)
Discussion started by: kirpond
2 Replies
4. Solaris
Is there a way to see what sockets are in use? The developers here are getting some defunct processes and they would like to get a socket list.
This is on a Solaris 8 machine.
Thanks! (1 Reply)
Discussion started by: kjbaumann
1 Replies
5. Solaris
Hellocan someone tell me if there are any special tricks at hand t set up Solaris 10 on a Enterprise 3500? I`ve tried with different cd`s, burnt on different speeds, and also with bought one`s. All give the same result after boot cdrom, it starts but freezes right after the license message.And... (16 Replies)
Discussion started by: vatch23
16 Replies
6. Solaris
Hi,
I have two Sun Fire V490 with Solaris 10 5/08, FC switch and two Sun StorageTek 3500 FC arrays. Each array is connected to switch and to one server at a time. In the last week I installed Solaris 10 5/08 on both servers and set up Sun Cluster, version 3.2. At wednesday all was fine - all... (7 Replies)
Discussion started by: Sapfeer
7 Replies
7. Programming
Hi,i now moved into a different section where i need to use sockets.
i am completely nill in sockets.
can some body please provide me what are the requirements for a socket.
to use sockets in c.
thanks (1 Reply)
Discussion started by: MrUser
1 Replies
8. Programming
if i have a server which wants to connect to exactly 5 clients, does that mean i need 5 socket file descriptors and use
listen(socket_fd,1);
for each one
or just do
listen(socket_fd,5)
also whats the second parameter number mean? what happens if i put 0 there?
also if i am connected... (28 Replies)
Discussion started by: omega666
28 Replies
9. Solaris
Booting problem on Sun 3500
Hi,
I have a Sun 3500 server on which i installed solaris 5.2 installed . i dont know why from the time i have built this server whenever i try to boot it, the server doesnot come back smooth.i got a message Sync file system than restart
some times showing ok... (2 Replies)
Discussion started by: najeer
2 Replies
LEARN ABOUT DEBIAN
blackhole
BLACKHOLE(4) BSD Kernel Interfaces Manual BLACKHOLE(4)
NAME
blackhole -- a sysctl(8) MIB for manipulating behaviour in respect of refused TCP or UDP connection attempts
SYNOPSIS
sysctl net.inet.tcp.blackhole[=[0 | 1 | 2]]
sysctl net.inet.udp.blackhole[=[0 | 1]]
DESCRIPTION
The blackhole sysctl(8) MIB is used to control system behaviour when connection requests are received on TCP or UDP ports where there is no
socket listening.
Normal behaviour, when a TCP SYN segment is received on a port where there is no socket accepting connections, is for the system to return a
RST segment, and drop the connection. The connecting system will see this as a ``Connection refused''. By setting the TCP blackhole MIB to
a numeric value of one, the incoming SYN segment is merely dropped, and no RST is sent, making the system appear as a blackhole. By setting
the MIB value to two, any segment arriving on a closed port is dropped without returning a RST. This provides some degree of protection
against stealth port scans.
In the UDP instance, enabling blackhole behaviour turns off the sending of an ICMP port unreachable message in response to a UDP datagram
which arrives on a port where there is no socket listening. It must be noted that this behaviour will prevent remote systems from running
traceroute(8) to a system.
The blackhole behaviour is useful to slow down anyone who is port scanning a system, attempting to detect vulnerable services on a system.
It could potentially also slow down someone who is attempting a denial of service attack.
WARNING
The TCP and UDP blackhole features should not be regarded as a replacement for firewall solutions. Better security would consist of the
blackhole sysctl(8) MIB used in conjuction with one of the available firewall packages.
This mechanism is not a substitute for securing a system. It should be used together with other security mechanisms.
SEE ALSO
ip(4), tcp(4), udp(4), ipf(8), ipfw(8), pfctl(8), sysctl(8)
HISTORY
The TCP and UDP blackhole MIBs first appeared in FreeBSD 4.0.
AUTHORS
Geoffrey M. Rehmet
BSD
January 1, 2007 BSD