04-16-2003
The quickest, easiest, cheapest and most powerful solution to this was to install TCP Wrappers 7.2. This allowed you to stop access to one domain (IP) without limiting access to the other, when both were running from the same machine. It is also has a very useful logging facility.
TCP Wrappers and other priceless security tools can be found at CIAC (Computer Incident Advisory Capability) US Department of Energy:
TCP Wrapper
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hello,
I have 3 domains virtually hosted "name based" the first one "domain1.com" has its ServerName entered as domain1.com. this domain will load in a browser by www.domain1.com or simply domain1.com. the next two domains "domain2.com" and "domain3.com" ServerNames are listed as domain2.com and... (2 Replies)
Discussion started by: ericg
2 Replies
2. UNIX for Dummies Questions & Answers
ok i am setting up dns or going to do it with solaris 9 once u setup the domain what file can u look @ to see if it setup or not (4 Replies)
Discussion started by: rmuhammad
4 Replies
3. UNIX for Dummies Questions & Answers
I need help creating multiple domains with one single DNS server.ex: domain1.com and domain2.com on a sigle machine 1.2.3.4
Thx (1 Reply)
Discussion started by: lekan
1 Replies
4. UNIX for Advanced & Expert Users
I have a system that is connected to a private network with its own DNS (call it "privnet."), and is also connected to the Internet on a separate interface.
Is it possible to convince this server to query the private nameserver for the private network's domain (e.g. "host foo.privnet."), and the... (2 Replies)
Discussion started by: vertigo23
2 Replies
5. Solaris
Hi,
I've got to write "something" about how to build a dynamic domain on an M5000. simple question: anyone done anything like that? not really finding much by googling either.
please share...:o (3 Replies)
Discussion started by: frustin
3 Replies
6. UNIX for Dummies Questions & Answers
Hi,
I have a report containing severals organization's email address. The address contain several sub domains, and i need to pull those out.
mail domain ( example.com)
..................
The report column contain mail address in this format :
john1@sub1.example.com... (2 Replies)
Discussion started by: john_prince
2 Replies
7. Web Development
Hi,
I've been asked to 'troubleshoot' a webserver where two different TLDs are being served. Or to be more accurate, 'domain.com' and 'domain.fr'.
So we have
/var/www/domain.com
/var/www/domain.fr
And then for some reason, the httpd.conf file points to two different configuration files.... (1 Reply)
Discussion started by: davidm123SED
1 Replies
8. Linux
I am on a VPS that is pretty much unmanaged so it means im on my own. I did my best to configure it so i can host my own site for other people to see it online but seems like i have network problems because in the last days many of my users report they cant enter my site from my domain and... (7 Replies)
Discussion started by: supercain
7 Replies
9. IP Networking
Hey everyone. I work in a data center, and I'm working on getting my CCNA. Now when I read articles on the idea of VLAN's it makes sense. Especially if you have multiple switches daisy chained in multiple locations. My two main questions though are that most of these examples use PC's as examples... (2 Replies)
Discussion started by: Lost in Cyberia
2 Replies
10. Programming
among the below socket programming api's, please let me know which are blocking and non-blocking.
socket
accept
bind
listen
write
read
close (2 Replies)
Discussion started by: VSSajjan
2 Replies
LEARN ABOUT NETBSD
rump_sp
RUMP_SP(7) BSD Miscellaneous Information Manual RUMP_SP(7)
NAME
rump_sp -- rump remote system call support
DESCRIPTION
The rump_sp facility allows clients to attach to a rump kernel server over a socket and perform system calls. While making a local rump sys-
tem call is faster than calling the host kernel, a remote system call over a socket is slower. This facility is therefore meant mostly for
operations which are not performance critical, such as configuration of a rump kernel server.
Clients
The NetBSD base system comes with multiple preinstalled clients which can be used to configure a rump kernel and request diagnostic informa-
tion. These clients run as hybrids partially in the host system and partially against the rump kernel. For example, network-related clients
will typically avoid making any file system related system calls against the rump kernel, since it is not guaranteed that a rump network
server has file system support. Another example is DNS: since a rump server very rarely has a DNS service configured, host networking is
used to do DNS lookups.
Some examples of clients include rump.ifconfig which configures interfaces, rump.sysctl which is used to access the sysctl(7) namespace and
rump.traceroute which is used to display a network trace starting from the rump kernel.
Also, almost any unmodified dynamically linked application (for example telnet(1) or ls(1)) can be used as a rump kernel client with the help
of system call hijacking. See rumphijack(3) for more information.
Connecting to the server
A remote rump server is specified using an URL. Currently two types of URLs are supported: TCP and local domain sockets. The TCP URL is of
the format tcp://ip.address:port/ and the local domain URL is unix://path. The latter can accept relative or absolute paths. Note that
absolute paths require three leading slashes.
To preserve the standard usage of the rump clients' counterparts the environment variable RUMP_SERVER is used to specify the server URL. To
keep track of which rump kernel the current shell is using, modifying the shell prompt is recommended -- this is analoguous to the visual
clue you have when you login from one machine to another.
Client credentials and access control
The current scheme gives all connecting clients root credentials. It is recommended to take precautions which prevent unauthorized access.
For a unix domain socket it is enough to prevent access to the socket using file system permissions. For TCP/IP sockets the only available
means is to prevent network access to the socket with the use of firewalls. More fine-grained access control based on cryptographic creden-
tials may be implemented at a future date.
EXAMPLES
Get a list of file systems supported by a rump kernel server (in case that particular server does not support file systems, an error will be
returned):
$ env RUMP_SERVER=unix://sock rump.sysctl vfs.generic.fstypes
SEE ALSO
rump_server(1), rump(3), rumpclient(3), rumphijack(3)
HISTORY
rump_sp first appeared in NetBSD 6.0.
BSD
February 7, 2011 BSD