I know this is an old discussion - but your problem is, imho, self-inflicted.
Code:
michael@x071:[/home/michael]nfso -h nfs_use_reserved_ports
Purpose:
Specifies using nonreserved IP port number.
Values:
Default: 0
Range: 0 - 1
Type: Dynamic
Unit: On/Off
Tuning:
Value of 0 will use nonreserved IP port number when the NFS client communicates with the NFS server.
In the early 1980's there was this idea that port numbers less than 1024 could be "trusted" because only the super-user (aka root) could access them. This trust has been misplaced since the late 1980's as too many processes can access this so-called trusted ports. Why trust NFS (on port 2049)? It is well above 1024. Why it that number above 2049 trust-worthy and not other numbers.
In short, "trusted ports" exist in that it is still specified that a kernel privilege is needed to "open" aka request a connection from/to any other port.
If someone, even from your local security, says they MUST be 1023 and smaller - of course you can comply - BUT they are causing another security concept to become breached - availability. Not enough ports means no connectivity.
In short, port numbers - there is no added trust because a specific port number is being used. There might be a technical reason (e.g., firewall rules) to stay in a particular range - but the port number itself neither adds nor subtracts from the application security.
Hi Guys,
i am trying to open a port in AIX.
but i am not able to get the command for this. AIX is not having the iptables file present.
So please any body can tell me how to open a port in AIX...
Thanks
sanju (2 Replies)
Hi,
I am working with sun Solaris 5.9 and in my application,I have to communicate with Serial port(i.e /dev/term/a).
So I need source code to by which I can do the following things--
1)check the port is available or not.If it dosn't find the port,it should throw the error message(i.e. port not... (0 Replies)
In general for intalling a package like we do
./configure, make , make install
But if we want to integrate the package with a huge source base
what are the things to be taken care
could some one have a light on purpose of ./configure , make and make install
along with above question.
I... (1 Reply)
Hi,
I was looking on Google for AIX-VIO/LPAR with ISCSI solution and found following really nice tutorial about how to setup ISCSI with free NAS.
1) Build Your Own Open Source NAS Device Using FreeNAS | Train Signal Training - Free Computer Training Videos
2) Build Your Own Open Source... (4 Replies)
Hello all. I have never had any issues like this when compiling applications from source. When I try to compile samba-3.5.0pre2, configure runs with no issues, but when the time comes to make, this happens:
make: make 1254-025 There must be an existing description file or specify a target.
... (4 Replies)
Hello Gurus,
I was trying to find who's using my port and got below answer from a IBM website. But the problem with the below answer is I need a root to run the rmsock, is there any other alternative to find out who is using my port with out a root access??
1. netstat -Aan | grep <port... (1 Reply)
Hi all,
I need to change the source port number of an outgoing TCP packet. First I have to bind the socket to a particular port(suppose 9001) but when I send the TCP packet I want to change the source port number lets say to 9002 still letting the socket to be bound to the same old port (9001).... (0 Replies)
Hello all,
I need your help with any command to release a port on AIX.
Thanks for all. (5 Replies)
Discussion started by: Mcipamo
5 Replies
LEARN ABOUT CENTOS
radtest
RADTEST(1) FreeRADIUS Daemon RADTEST(1)NAME
radtest - send packets to a RADIUS server, show reply
SYNOPSIS
radtest [-d raddb_directory] [-t pap/chap/mschap] [-x ] [-4 ] [-6 ] user password radius-server nas-port-number secret [ppphint] [nasname]
DESCRIPTION
radtest is a frontend to radclient(1). It generates a list of attribute/value pairs based on the command line arguments, and feeds these
into radclient. It's a fast and convenient way to test a radius server.
OPTIONS -d raddb_directory
The directory that contains the RADIUS dictionary files. Defaults to /etc/raddb.
-t pap/chap/mschap/eap-md5
Choose the authentiction method to use. e.g. "-t pap", "-t chap", "-t mschap", or "-t eap-md5",. Defaults to "pap". Using EAP-MD5
requires that the "radeapclient" program is installed.
-x Enables debugging output for the RADIUS client.
-4 Use NAS-IP-Address for the NAS address (default)
-6 Use NAS-IPv6-Address for the NAS address (default)
user Username to send.
password
Password of the user.
radius-server
Hostname or IP address of the radius server. Optionally, you may specify a port by appending :port
nas-port-number
The value of the NAS-Port attribute. Is an integer between 0 and 2^31, and it really doesn't matter what you put here. 10 will do
fine.
secret The shared secret for this client.
ppphint
If you put an integer > 0 here, radtest (or actually radclient) will add the attribute Framed-Protocol = PPP to the request packet.
nasname
If present, this will be resolved to an IP address and added to the request packet as the NAS-IP-Address attribute. If you don't
specify it, the local hostname of the system will be used.
SEE ALSO radiusd(8), radclient(1).
AUTHOR
Miquel van Smoorenburg, miquels@cistron.nl.
5 April 2010 RADTEST(1)
08-15-2018
