Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: How do I restrict TFTP access to certain hosts/IP addresses?
Operating Systems AIX How do I restrict TFTP access to certain hosts/IP addresses? Post 302510067 by need2bageek on Friday 1st of April 2011 12:30:54 PM
Old 04-01-2011
Sweet. I downloaded the redbook and sounds like TCP Wrappers is exactly what I'm looking for. Seems like this will come in handy for many of the other vulnerabilities that were found, too. Thanks, pludi!
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Apache restrict access with certificates

Hello! Does anyone know if it's possible to restrict access to apache webserver with certificates? What I want is that if a user has a certificate in his browser then he get's access, if not show error or another page. I would be very happy if someone knew! /D (2 Replies)
Discussion started by: Esaia
2 Replies

2. Red Hat

restrict access of a user to two directories only

Hi all, I am using RHEL 5.0 I need a user say test to have full access to two directories, say /tmp1 & /tmp2 only other than his home directory. I do not want to change his login shell which is ksh or bash by default. Moreover, he should not even have read access of other directories. ... (10 Replies)
Discussion started by: vikas027
10 Replies

3. UNIX for Advanced & Expert Users

Restrict access to specific users.

Hi All! I would like to know if there is any specific way by which I can restrict access to apecific users (ip addresses). OS : Red hat linux Thanks! nua7 (6 Replies)
Discussion started by: nua7
6 Replies

4. UNIX for Advanced & Expert Users

Restrict Access to the folder

Hi I have requirement to create 3 new users on my server but to restrict their access to a set of particular folders. /export/home/kapil/shared, /export/home/kapil/shared/Folder1 /export/home/kapil/shared/Folder2 These folders should be accessible to all the 3 users and to me too.... (1 Reply)
Discussion started by: kapilk
1 Replies

5. Solaris

Restrict access to solaris10 [SOLVED]

Hello, I have a solaris10 sparc running on a server and it is a Sun DS (LDAP) server as well as LDAP client. I have changed ssh server port to something other than 22 but is there any way to configure that only users abc, def, ghi from LDAP can login via ssh? SSH software on solaris10 is... (0 Replies)
Discussion started by: upengan78
0 Replies

6. Linux

Restrict NFS access to root

Hi Everybody, If there is a general NFS share in the LAN and for example this share has three files - a, b, c is there any way to restrict file access to the root user of one particular host(falcon) in the same LAN environment while the normal users from the same host(falcon) should be able... (4 Replies)
Discussion started by: sudhirav
4 Replies

7. UNIX for Dummies Questions & Answers

Restrict user access.

Hi All, How can we restrict a particular user access to a particular shell in solaris 10. Thanks in Advance. (5 Replies)
Discussion started by: rama krishna
5 Replies

8. Red Hat

Restrict user access

Hi there I have an application user on my system that wants accesses to these file systems as such: rwx: /SAPO /SAPS12 /R3_888 /R3_888B /R3_888F /R3_888R r: /usr/sap these are the existing FS permissions:ownerships: # ls -ld /SAPO (9 Replies)
Discussion started by: hedkandi
9 Replies

9. Ubuntu

Restrict SUDO Access

Linux ubuntu 3.0.0-12-generic #20-Ubuntu SMP Fri Oct 7 14:56:25 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux Hi Folks, Please help me. I am bit struck here. Here is the OS info. Linux ubuntu 3.0.0-12-generic #20-Ubuntu SMP Fri Oct 7 14:56:25 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux I have a... (17 Replies)
Discussion started by: explorer007
17 Replies

10. UNIX for Dummies Questions & Answers

Restrict access

I'm trying to use squid to restrict elinks' access to certain websites(only http traffic). I have tried some configs in squid.conf but no luck. Hope someone has a bit of time to explain me how can you make these config's :) ---------- Post updated at 05:40 PM ---------- Previous update was at... (1 Reply)
Discussion started by: Birnbacher
1 Replies

LEARN ABOUT PHP

ipsecesp

ipsecesp(7P)							     Protocols							      ipsecesp(7P)

NAME

       ipsecesp, ESP - IPsec Encapsulating Security Payload

SYNOPSIS

       drv/ipsecesp

DESCRIPTION

       The  ipsecesp  module  provides	confidentiality, integrity, authentication, and partial sequence integrity (replay protection) to IP data-
       grams. The encapsulating security payload (ESP) encapsulates its data, enabling it to protect data that follows in the  datagram.  For  TCP
       packets,  ESP  encapsulates  the  TCP header and its data only.	If the packet is an IP in IP datagram, ESP protects the inner IP datagram.
       Per-socket policy allows "self-encapsulation" so ESP can encapsulate IP options when necessary. See ipsec(7P).

       Unlike the authentication header (AH), ESP allows multiple varieties of datagram protection. (Using a single datagram protection  form  can
       expose vulnerabilities.) For example, only ESP can be used to provide confidentiality. But protecting confidentiality alone exposes vulner-
       abilities in both replay attacks and cut-and-paste attacks. Similarly, if ESP protects only integrity and does not  fully  protect  against
       eavesdropping, it may provide weaker protection than AH. See ipsecah(7P).

   ESP Device
       ESP is implemented as a module that is auto-pushed on top of IP. Use the /dev/ipsecesp entry to tune ESP with ndd(1M).

   Algorithms
       ESPuses	encryption and authentication algorithms. Authentication algorithms include HMAC-MD5 and HMAC-SHA-1. Encryption algorithms include
       DES, Triple-DES, Blowfish and AES. Each authentication and encryption algorithm contain key size and key format properties. You can  obtain
       a  list of authentication and encryption algorithms and their properties by using the ipsecalgs(1M) command. You can also use the functions
       described in the getipsecalgbyname(3NSL) man page to retrieve the properties of algorithms. Because of export laws in  the  United  States,
       not all encryption algorithms are available outside of the United States.

   Security Considerations
       ESP without authentication exposes vulnerabilities to cut-and-paste cryptographic attacks as well as eavesdropping attacks. Like AH, ESP is
       vulnerable to eavesdropping when used without confidentiality.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWcsr (32-bit)		   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Evolving			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       ipsecalgs(1M), ipsecconf(1M), ndd(1M), attributes(5), getipsecalgbyname(3NSL), ip(7P), ipsec(7P), ipsecah(7P)

       Kent, S. and Atkinson, R.RFC 2406, IP Encapsulating Security Payload (ESP), The Internet Society, 1998.

SunOS 5.10							    18 May 2003 						      ipsecesp(7P)
All times are GMT -4. The time now is 11:26 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy