Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Prototype security software blocks DDoS attacks
Special Forums News, Links, Events and Announcements Complex Event Processing RSS News Prototype security software blocks DDoS attacks Post 302368733 by Linux Bot on Thursday 5th of November 2009 12:45:05 PM
Old 11-05-2009
Prototype security software blocks DDoS attacks
by Tim Greene, Network World Security researchers show lightweight, host-based access-control scheme that dumps attack packets without overwhelming memory, CPU.Researchers have come up with host-based security software that blocks distributed denial-of-service attacks without swamping the memory and CPU of the host machines.The filtering, called identity-based privacy-protected access control (IPCAF), can also prevent [...]

More...
 

5 More Discussions You Might Find Interesting

1. Windows & DOS: Issues & Discussions

Stanford security experts unveil defenses against ‘phishing’ attacks

It's an online con that is growing fast and stealing tens of millions of dollars. An e-mail seemingly from a financial institution instructs you to log on to a legitimate-looking Web site. Such “phishing” attacks exploit a universal weakness in online security: passwords. To read the rest of... (0 Replies)
Discussion started by: ZOverLord
0 Replies

2. Cybersecurity

Directory of Security Links (Software Tools)

Hello, If you are interested in security, check out this new directory of unix and linux related software tools. Security - Links If you have any of your favorite tools, feel free to add them to the directory. (0 Replies)
Discussion started by: Neo
0 Replies

3. UNIX for Dummies Questions & Answers

Convert 512-blocks to 4k blocks

I'm Unix. I'm looking at "df" on Unix now and below is an example. It's lists the filesystems out in 512-blocks, I need this in 4k blocks. Is there a way to do this in Unix or do I manually convert and how? So for container 1 there is 7,340,032 in size in 512-blocks. What would the 4k block be... (2 Replies)
Discussion started by: rockycj
2 Replies

4. Shell Programming and Scripting

how to split this file into blocks and then send these blocks as input to the tool called Yices?

Hello, I have a file like this: FILE.TXT: (define argc :: int) (assert ( > argc 1)) (assert ( = argc 1)) <check> # (define c :: float) (assert ( > c 0)) (assert ( = c 0)) <check> # now, i want to separate each block('#' is the delimeter), make them separate files, and then send them as... (5 Replies)
Discussion started by: paramad
5 Replies

5. Shell Programming and Scripting

Row blocks to column blocks

Hello, Searched for a while and found some "line-to-column" script. My case is similar but with multiple fields each row: S02 Length Per S02 7043 3.864 S02 54477 29.89 S02 104841 57.52 S03 Length Per S03 1150 0.835 S03 1321 0.96 S03 ... (9 Replies)
Discussion started by: yifangt
9 Replies

LEARN ABOUT HPUX

inetd.sec

inetd.sec(4)						     Kernel Interfaces Manual						      inetd.sec(4)

NAME

       inetd.sec - optional security file for inetd

DESCRIPTION

       When  accepts  a  connection from a remote system, it checks the address of the host requesting the service against the list of hosts to be
       allowed or denied access to the specific service (see inetd(1M)).

       The file allows the system administrator to control which hosts (or networks in general) are allowed to use the system remotely.  This file
       constitutes  an	extra  layer  of security in addition to the normal checks done by the services.  It precedes the security of the servers;
       that is, a server is not started by the Internet daemon unless the host requesting the service is a valid host according to

       If file does not exist, security is limited to that implemented by the servers.	and the directory should be writable only by their owners.
       Changes to apply to any subsequent connections.

       Lines in beginning with the pound sign are comments.  Comments are not allowed at the end of a line of data.

       The  lines  in  the  file  contain a service name, permission field, and the Internet addresses or official names of the hosts and networks
       allowed to use that service in the local host.  The fields in each line are as follows:

       service name { hostaddrs | hostnames | netaddrs | netnames }

       Note: service name is the name (not alias) of a valid service in file The service name for RPC-based services (NFS) is the name (not alias)
       of a valid service in file A service name in corresponds to a unique RPC program number.

       determines  whether  the  list  of remote hosts in the next field is allowed or denied access to the specified service.	Multiple lines for
       each service are not unsupported.  If there are multiple lines for a particular service, all but the last line are ignored.

       Addresses (hostaddrs and netaddrs) and names (hostnames and netnames) are separated by white space.  Any mix  of  addresses  and  names	is
       allowed.  To continue a line, terminate it with backslash,

       Host names and network names are the official names of the hosts or networks as returned by or respectively.  Wildcard characters and range
       characters are allowed.	The and the can be present in any of the fields of the address.  An address field is a string of characters  sepa-
       rated by a dot

       Hostname  resolution  failure  in  may  cause to delay the processing of connection requests.  To avoid such delays, configure host/network
       addresses instead of host/network names in the file.

EXAMPLES

       Use a wildcard character to permit a whole network to communicate with the local host without having to list all the hosts in that network.
       For example, to allow all hosts with network addresses starting with a as well as the single host with address to use rlogin:

       On a system running NFS, deny host access to sprayd, an RPC-based server:

       A range is a field containing a character.  To deny hosts in network 10 (arpa) with subnets 3 through 5 access to

       The following entry denies access to host any hosts on the network named and the host with internet address

       If a remote service is not listed in the security file, or if it is listed but it is not followed by or all remote hosts can attempt to use
       it.  Security is then provided by the service itself.  The following lines, if present in allow or deny access to the service indicated:

	      Allow all hosts to use

	      Deny all access to the service; i.e.,

	      Allow access to the service by any host:

	      or
   IPv6 Functionality
       For an IPv6 service, an IPv6 address can be specified in the host address field of The host address field can contain IPv6 addresses,  IPv4
       addresses, or both.  This specification includes the IPv4 mapped IPv6 addresses also.

       Host names for IPv6 services are the official names of the hosts returned by

       The wildcard characters and range characters are not supported for IPv6 addresses. The equivalent for the wildcard character is provided in
       the form of followed by a forward-slash and See the IPv6 Examples section for more details.

   IPv6 Examples
       To allow an IPv6 host with address and an IPv4 host with address in order to use the service, an entry in the file should be as follows:

       The following entry denies access to all hosts with a prefix

AUTHOR

       was developed by HP.

       NFS was developed by Sun Microsystems, Inc.

FILES

SEE ALSO

       inetd(1M), gethostent(3N), getaddrinfo(3N), getnetent(3N), hosts(4), inetd.conf(4), networks(4), protocols(4), rpc(4), services(4).

																      inetd.sec(4)
All times are GMT -4. The time now is 08:02 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy