Hi,
So that potential responders will have an idea of what they're dealing with let me say that while I am a UNIX newbie I have been in IT for over 10 years.
We have several SUN boxes running ver 5 of the OS that have been sitting dormant for some time as they were part of a now defunct... (3 Replies)
Hi,
I will like to allow access to the mysql port (3306) to certain IP address. All other IP's should be automatically blocked. What is the best way to do this? (8 Replies)
I am trying to block ALL traffic except when from ports 9100,22,23 to destination network 192.0.0.0 (my WAN): 2 networks 192.0.3.0 with static route to 192.0.0.0
Shouldn't this work?:
iptables -A INPUT -p tcp -d 192.0.0.0/24 --dport 22 -j ACCEPT
iptables -A INPUT -p tcp -d 192.0.0.0/24... (3 Replies)
i want to kill a tcp connection by killing its pid
with netstat -an i got the tcp ip connection on port 5914
but when i type ps -a or ps-e there is not such process running on port 5914
is it possible that because i do not log on with proper user account i can not see that process running? (30 Replies)
Hi All,
I successfully configured a DEBIAN Lenny bridged firewall
using ebtables.
The bridged interface is br0.
The ethernet interface are eth0 & eth1 respectively.
All the traffic are transparently passing my firewall but i need to find & block temporarily the bandwidth abusers.
Can... (1 Reply)
hi guys
I doing some collocation for a customer, customer requested to use other port for ssh not the default one. OK no problem
and customer will be using rsync to sync backups among other things
I know we have to open port let's say port 5999 for ssh since we are using that one now but I... (1 Reply)
Hi Experts,
I am receiving below error while trying to connect port 8080.
Could not open connection to the host, on port 8080 : connection refused.
iptables configuration
/etc/sysconfig/iptables
# Firewall configuration written by system-config-firewall
# Manual customization of... (1 Reply)
If I would like to know what connection , data , traffic in a network port ( eth0 ) , what can I do ?
ps. because I always found the network is very slow , so I would like what the network port is doing .
Thanks
Login ID ust3 is currently in read-only mode for multiple infractions. Creating... (0 Replies)
Hi Friends,
How to do port forwarding in AIX? We would like to re route traffic from port A to port B on AIX LPAR.
for example: my application is using 8080 port on LPAR and would like to use the 8081 instead of 8080. By default application was configured with 8080. But instead of changing... (2 Replies)
Discussion started by: System Admin 77
2 Replies
LEARN ABOUT DEBIAN
blackhole
BLACKHOLE(4) BSD Kernel Interfaces Manual BLACKHOLE(4)NAME
blackhole -- a sysctl(8) MIB for manipulating behaviour in respect of refused TCP or UDP connection attempts
SYNOPSIS
sysctl net.inet.tcp.blackhole[=[0 | 1 | 2]]
sysctl net.inet.udp.blackhole[=[0 | 1]]
DESCRIPTION
The blackhole sysctl(8) MIB is used to control system behaviour when connection requests are received on TCP or UDP ports where there is no
socket listening.
Normal behaviour, when a TCP SYN segment is received on a port where there is no socket accepting connections, is for the system to return a
RST segment, and drop the connection. The connecting system will see this as a ``Connection refused''. By setting the TCP blackhole MIB to
a numeric value of one, the incoming SYN segment is merely dropped, and no RST is sent, making the system appear as a blackhole. By setting
the MIB value to two, any segment arriving on a closed port is dropped without returning a RST. This provides some degree of protection
against stealth port scans.
In the UDP instance, enabling blackhole behaviour turns off the sending of an ICMP port unreachable message in response to a UDP datagram
which arrives on a port where there is no socket listening. It must be noted that this behaviour will prevent remote systems from running
traceroute(8) to a system.
The blackhole behaviour is useful to slow down anyone who is port scanning a system, attempting to detect vulnerable services on a system.
It could potentially also slow down someone who is attempting a denial of service attack.
WARNING
The TCP and UDP blackhole features should not be regarded as a replacement for firewall solutions. Better security would consist of the
blackhole sysctl(8) MIB used in conjuction with one of the available firewall packages.
This mechanism is not a substitute for securing a system. It should be used together with other security mechanisms.
SEE ALSO ip(4), tcp(4), udp(4), ipf(8), ipfw(8), pfctl(8), sysctl(8)HISTORY
The TCP and UDP blackhole MIBs first appeared in FreeBSD 4.0.
AUTHORS
Geoffrey M. Rehmet
BSD January 1, 2007 BSD