08-11-2009
The best practice is to use high end ports to run Tomcat. The reason behind this:
The easy access of >1024 ports are only possible with root accounts which will further create security concerns.
Thanks,
Deepak
10 More Discussions You Might Find Interesting
1. Cybersecurity
I need to set up an application to run in a script which will be running as a web server but is a database. I need to allow users to use the web server but the app must be run as root in order for the ports to be accessible. This is not a very secure environment would like to know how this could... (2 Replies)
Discussion started by: rpollard
2 Replies
2. UNIX for Advanced & Expert Users
Hi friends,
I am having ibm pseries615c3 server. previously i set privileged access password for the firmware. Now i forgot that password. Help me to reset or remove the firmware password from the server. Otherwise anyone plz help me how to change the default boot device in pseries servers. I... (8 Replies)
Discussion started by: muthulingaraja
8 Replies
3. HP-UX
Hi
I have been asked to find out how to
1) create users
2) reset passwords
3) kill processes that may require root privileges
without having root password, sudo rights or rights to passwd command
Any ideas?
Thanks in advance (1 Reply)
Discussion started by: emealogistics
1 Replies
4. Solaris
Dear
i have installed Solaris 10 on SUN V240
after installation i can not access system through root user
if i access system through any other user it conects but root is not connecting through LAN
if i connect through SC and then access root though cosole -f command it also works
kindly... (6 Replies)
Discussion started by: rizwan225
6 Replies
5. Shell Programming and Scripting
Hi,
I need to access a user's command history. However, the dilemma is that he is logged in and so his current history is not yet flushed to .bash_history file which gets flushed when he logs out. Is there a way I can still access his most recent history?
thank you,
S (4 Replies)
Discussion started by: sardare
4 Replies
6. UNIX for Dummies Questions & Answers
hi
i am new to unix and i have abig task. i have to \run particular commands having root privileges from a non root user. i know sudo is one of the way but i need sum other approach kindly help
Thanks (5 Replies)
Discussion started by: suryashikha
5 Replies
7. Linux
How to create a user account on a Linux desktop machine with restrictions on connecting to the LAN, WAN, PCMCIA ports, Firewire, CDROM and generally any user controllable output options?
I have the task to set up a machine for users working with sensitive data that should not be leaving the... (1 Reply)
Discussion started by: netfreighter
1 Replies
8. Shell Programming and Scripting
Currently in my system Red Hat is installed. And Many user connect to my machine via SSH Techia Terminal.
I want to give some users a root level access.
Can anyone please help me how to make it possible. I too searched on the Google but didn't find the correct way
Regards
ADI (4 Replies)
Discussion started by: adisky123
4 Replies
9. AIX
Hi,
I am trying to implement a service on AIX based on ONCRPC protocal and I want to use a RPC library called oncrpc4j because it is a non-blocked i/o library. I found it works fine on my work machine (WIndows 7) but failed on my AIX work station. The author of oncrpc4j told me that check that... (1 Reply)
Discussion started by: derekhsu
1 Replies
10. Solaris
Hello,
It is Solaris-10. There is a file as /opt/vpp/dom1.2/pdd/today_23. It is always generated by root, so owned by root only.
This file has to be deleted as part of application restart always and that is done by app_user and SA is always involved to do rm on that file.
Is it possible to give... (9 Replies)
Discussion started by: solaris_1977
9 Replies
LEARN ABOUT CENTOS
sepolicy-network
sepolicy-network(8) sepolicy-network(8)
NAME
sepolicy-network - Examine the SELinux Policy and generate a network report
SYNOPSIS
sepolicy network [-h] (-l | -a application [application ...] | -p PORT [PORT ...] | -t TYPE [TYPE ...] | -d DOMAIN [DOMAIN ...])
DESCRIPTION
Use sepolicy network to examine SELinux Policy and generate network reports.
OPTIONS
-a, --application
Generate a report listing the ports to which the specified init application is allowed to connect and or bind.
-d, --domain
Generate a report listing the ports to which the specified domain is allowed to connect and or bind.
-l, --list
List all Network Port Types defined in SELinux Policy
-h, --help
Display help message
-t, --type
Generate a report listing the port numbers associate with the specified SELinux port type.
-p, --port
Generate a report listing the SELinux port types associate with the specified port number.
EXAMPLES
sepolicy network -p 22
22: tcp ssh_port_t 22
22: udp reserved_port_t 1-511
22: tcp reserved_port_t 1-511
sepolicy network -a /usr/sbin/sshd
sshd_t: tcp name_connect
111 (portmap_port_t)
53 (dns_port_t)
88, 750, 4444 (kerberos_port_t)
9080 (ocsp_port_t)
9180, 9701, 9443-9447 (pki_ca_port_t)
32768-61000 (ephemeral_port_t)
all ports < 1024 (reserved_port_type)
all ports with out defined types (port_t)
sshd_t: tcp name_bind
22 (ssh_port_t)
5900-5983, 5985-5999 (vnc_port_t)
6000-6020 (xserver_port_t)
32768-61000 (ephemeral_port_t)
all ports > 500 and < 1024 (rpc_port_type)
all ports with out defined types (port_t)
sshd_t: udp name_bind
32768-61000 (ephemeral_port_t)
all ports > 500 and < 1024 (rpc_port_type)
all ports with out defined types (port_t)
AUTHOR
This man page was written by Daniel Walsh <dwalsh@redhat.com>
SEE ALSO
sepolicy(8), selinux(8), semanage(8)
20121005 sepolicy-network(8)