|
|
Sponsored Content
Top Forums
UNIX for Advanced & Expert Users
TCP ports - TIME_WAIT
Post 35929 by yeheyaansari on Wednesday 14th of May 2003 09:53:07 AM
05-14-2003
|
|
10 More Discussions You Might Find Interesting
1. IP Networking
We are being setup with a client over their VPN to support them remotely. We are unable to access their VPN through our server, they said to look and make sure that the TCP ports are enabled for their security setup (ports are in the 4000 range).
How do you look for this and how do you enable a... (3 Replies)
Discussion started by: blacksheep
3 Replies
2. UNIX for Dummies Questions & Answers
Hello all,
Can someone instruct me on how to change the listening port for ftp ( or any tcp service) from 21 to another port number? Thanks in advance..
-AJ (3 Replies)
Discussion started by: jacobsa
3 Replies
3. UNIX for Dummies Questions & Answers
Just starting to work with unix, wondering if there is any good on-line documentation explaining TCP/UDP ports, how to use them, etc...
Thanks.... (1 Reply)
Discussion started by: eugene_mayo
1 Replies
4. IP Networking
Just wondering if anyone knows of any good on-line documentation on TCP/UDP Ports. Basically i want to know how to check if they are in use, learn how to close them, etc...
Thanks... (5 Replies)
Discussion started by: eugene_mayo
5 Replies
5. Windows & DOS: Issues & Discussions
In using a music file sharing program (WinMx), I am told that I
cannot make a primary connection (fastest downloads) because I do not
have a TCP and UDP port. I am running Windows Me.What do I do? Thanks. (6 Replies)
Discussion started by: dookster5
6 Replies
6. UNIX for Advanced & Expert Users
hi,
I'm currently running with an issue whereby we are experiencing very poor access speeds to our Informix database. Connections or requests to the DB are taking in excess of 2/3/4 minutes during peek periods during the day. This has only just started to happen but so far we have been unable to... (0 Replies)
Discussion started by: fastyan
0 Replies
7. UNIX for Dummies Questions & Answers
I'm not sure if this is the right place for this post, but I'd be grateful if somebody could please help me. I'm trying to open ports 999, 1982 and 1983 but am not having much luck. I used
iptables -A INPUT -i eth0 -p tcp --sport 999 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -i... (2 Replies)
Discussion started by: thehaapyappy
2 Replies
8. IP Networking
Please can somebody help me. I'm trying to open ports 999, 1982 and 1983 but am not having much luck. I used
iptables -A INPUT -i eth0 -p tcp --sport 999 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --sport 1982 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables... (5 Replies)
Discussion started by: thehaapyappy
5 Replies
9. Solaris
Hello,
One of our developers is asking for a command/script in Solaris similar to "netstat -anp" in Linux. He gave this output as an example:
root@xxx:~# netstat -anp | grep LISTEN
tcp 0 0 0.0.0.0:7937 0.0.0.0:* LISTEN 16082/nsrexecd
tcp 0 ... (7 Replies)
Discussion started by: vimes
7 Replies
10. Red Hat
Hi,
I want to kill TCP connections which have status as TIME_WAIT & no PID
(as per the output of the "netstat - p" command).
Is there any command/utility available to kill connections to a specific port or IP address.
The problem is that these connections don't have process ID (see... (4 Replies)
Discussion started by: Davinder31may
4 Replies
LEARN ABOUT DEBIAN
blackhole
BLACKHOLE(4) BSD Kernel Interfaces Manual BLACKHOLE(4) NAME
blackhole -- a sysctl(8) MIB for manipulating behaviour in respect of refused TCP or UDP connection attempts SYNOPSIS
sysctl net.inet.tcp.blackhole[=[0 | 1 | 2]] sysctl net.inet.udp.blackhole[=[0 | 1]] DESCRIPTION
The blackhole sysctl(8) MIB is used to control system behaviour when connection requests are received on TCP or UDP ports where there is no socket listening. Normal behaviour, when a TCP SYN segment is received on a port where there is no socket accepting connections, is for the system to return a RST segment, and drop the connection. The connecting system will see this as a ``Connection refused''. By setting the TCP blackhole MIB to a numeric value of one, the incoming SYN segment is merely dropped, and no RST is sent, making the system appear as a blackhole. By setting the MIB value to two, any segment arriving on a closed port is dropped without returning a RST. This provides some degree of protection against stealth port scans. In the UDP instance, enabling blackhole behaviour turns off the sending of an ICMP port unreachable message in response to a UDP datagram which arrives on a port where there is no socket listening. It must be noted that this behaviour will prevent remote systems from running traceroute(8) to a system. The blackhole behaviour is useful to slow down anyone who is port scanning a system, attempting to detect vulnerable services on a system. It could potentially also slow down someone who is attempting a denial of service attack. WARNING
The TCP and UDP blackhole features should not be regarded as a replacement for firewall solutions. Better security would consist of the blackhole sysctl(8) MIB used in conjuction with one of the available firewall packages. This mechanism is not a substitute for securing a system. It should be used together with other security mechanisms. SEE ALSO
ip(4), tcp(4), udp(4), ipf(8), ipfw(8), pfctl(8), sysctl(8) HISTORY
The TCP and UDP blackhole MIBs first appeared in FreeBSD 4.0. AUTHORS
Geoffrey M. Rehmet BSD
January 1, 2007 BSD