|
|
Sponsored Content
Special Forums
IP Networking
TCP Ports
Post 3347 by blacksheep on Friday 29th of June 2001 10:26:13 AM
06-29-2001
TCP Ports
We are being setup with a client over their VPN to support them remotely. We are unable to access their VPN through our server, they said to look and make sure that the TCP ports are enabled for their security setup (ports are in the 4000 range).
How do you look for this and how do you enable a range if it is not already enabled?
How do you look for this and how do you enable a range if it is not already enabled?
|
|
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hello all,
Can someone instruct me on how to change the listening port for ftp ( or any tcp service) from 21 to another port number? Thanks in advance..
-AJ (3 Replies)
Discussion started by: jacobsa
3 Replies
2. UNIX for Dummies Questions & Answers
Just starting to work with unix, wondering if there is any good on-line documentation explaining TCP/UDP ports, how to use them, etc...
Thanks.... (1 Reply)
Discussion started by: eugene_mayo
1 Replies
3. IP Networking
Just wondering if anyone knows of any good on-line documentation on TCP/UDP Ports. Basically i want to know how to check if they are in use, learn how to close them, etc...
Thanks... (5 Replies)
Discussion started by: eugene_mayo
5 Replies
4. UNIX for Advanced & Expert Users
What is the maximum number of TCP ports that can be consumed at any one time? How can I determine what the number is or increase it?
I was under the impression that with our system (UnixWare 7.1.1) 1024 was the maximum under our current Kernel tuning parms, but I think that is really just... (4 Replies)
Discussion started by: dlkox
4 Replies
5. Windows & DOS: Issues & Discussions
In using a music file sharing program (WinMx), I am told that I
cannot make a primary connection (fastest downloads) because I do not
have a TCP and UDP port. I am running Windows Me.What do I do? Thanks. (6 Replies)
Discussion started by: dookster5
6 Replies
6. UNIX for Advanced & Expert Users
hi,
I'm currently running with an issue whereby we are experiencing very poor access speeds to our Informix database. Connections or requests to the DB are taking in excess of 2/3/4 minutes during peek periods during the day. This has only just started to happen but so far we have been unable to... (0 Replies)
Discussion started by: fastyan
0 Replies
7. UNIX for Dummies Questions & Answers
I'm not sure if this is the right place for this post, but I'd be grateful if somebody could please help me. I'm trying to open ports 999, 1982 and 1983 but am not having much luck. I used
iptables -A INPUT -i eth0 -p tcp --sport 999 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -i... (2 Replies)
Discussion started by: thehaapyappy
2 Replies
8. IP Networking
Please can somebody help me. I'm trying to open ports 999, 1982 and 1983 but am not having much luck. I used
iptables -A INPUT -i eth0 -p tcp --sport 999 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --sport 1982 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables... (5 Replies)
Discussion started by: thehaapyappy
5 Replies
9. Solaris
Hello,
One of our developers is asking for a command/script in Solaris similar to "netstat -anp" in Linux. He gave this output as an example:
root@xxx:~# netstat -anp | grep LISTEN
tcp 0 0 0.0.0.0:7937 0.0.0.0:* LISTEN 16082/nsrexecd
tcp 0 ... (7 Replies)
Discussion started by: vimes
7 Replies
10. Shell Programming and Scripting
My requirement is
I need to write a program in shell scripting to check 2 TCP unused unique port numbers in SOLARIS and I have to lock the same ports so that it will not be used in any other new process and the same port numbers should be used and locked in the LINUX machine to communicate... (2 Replies)
Discussion started by: sreeramr30
2 Replies
LEARN ABOUT FREEBSD
mac_portacl
MAC_PORTACL(4) BSD Kernel Interfaces Manual MAC_PORTACL(4) NAME
mac_portacl -- network port access control policy SYNOPSIS
To compile the port access control policy into your kernel, place the following lines in your kernel configuration file: options MAC options MAC_PORTACL Alternately, to load the port access control policy module at boot time, place the following line in your kernel configuration file: options MAC and in loader.conf(5): mac_portacl_load="YES" DESCRIPTION
The mac_portacl policy allows administrators to administratively limit binding to local UDP and TCP ports via the sysctl(8) interface. In order to enable the mac_portacl policy, MAC policy must be enforced on sockets (see mac(4)), and the port(s) protected by mac_portacl must not be included in the range specified by the net.inet.ip.portrange.reservedlow and net.inet.ip.portrange.reservedhigh sysctl(8) MIBs. The mac_portacl policy only affects ports explicitly bound by a user process (either for a listen/outgoing TCP socket, or a send/receive UDP socket). This policy will not limit ports bound implicitly for outgoing connections where the process has not explicitly selected a port: these are automatically selected by the IP stack. When mac_portacl is enabled, it will control binding access to ports up to the port number set in the security.mac.portacl.port_high sysctl(8) variable. By default, all attempts to bind to mac_portacl controlled ports will fail if not explicitly allowed by the port access control list, though binding by the superuser will be allowed, if the sysctl(8) variable security.mac.portacl.suser_exempt is set to a non- zero value. Runtime Configuration The following sysctl(8) MIBs are available for fine-tuning the enforcement of this MAC policy. All sysctl(8) variables, except security.mac.portacl.rules, can also be set as loader(8) tunables in loader.conf(5). security.mac.portacl.enabled Enforce the mac_portacl policy. (Default: 1). security.mac.portacl.port_high The highest port number mac_portacl will enforce rules for. (Default: 1023). security.mac.portacl.rules The port access control list is specified in the following format: idtype:id:protocol:port[,idtype:id:protocol:port,...] idtype Describes the type of subject match to be performed. Either uid for user ID matching, or gid for group ID matching. id The user or group ID (depending on idtype) allowed to bind to the specified port. NOTE: User and group names are not valid; only the actual ID numbers may be used. protocol Describes which protocol this entry applies to. Either tcp or udp are supported. port Describes which port this entry applies to. NOTE: MAC security policies may not override other security system policies by allowing accesses that they may deny, such as net.inet.ip.portrange.reservedlow / net.inet.ip.portrange.reservedhigh. If the specified port falls within the range specified, the mac_portacl entry will not function (i.e., even the specified user/group may not be able to bind to the specified port). security.mac.portacl.suser_exempt Allow superuser (i.e., root) to bind to all mac_portacl protected ports, even if the port access control list does not explicitly allow this. (Default: 1). security.mac.portacl.autoport_exempt Allow applications to use automatic binding to port 0. Applications use port 0 as a request for automatic port allocation when bind- ing an IP address to a socket. This tunable will exempt port 0 allocation from rule checking. (Default: 1). SEE ALSO
mac(3), ip(4), mac_biba(4), mac_bsdextended(4), mac_ifoff(4), mac_mls(4), mac_none(4), mac_partition(4), mac_seeotheruids(4), mac_test(4), mac(9) HISTORY
MAC first appeared in FreeBSD 5.0 and mac_portacl first appeared in FreeBSD 5.1. AUTHORS
This software was contributed to the FreeBSD Project by NAI Labs, the Security Research Division of Network Associates Inc. under DARPA/SPAWAR contract N66001-01-C-8035 (``CBOSS''), as part of the DARPA CHATS research program. BSD
December 9, 2004 BSD