02-22-2005
Encrypt traffic between Solaris 8 hosts
I have two Solaris 8 hosts that send data to one another throughout the day. It is a legacy system and the programs used are rdist, rcp and ftp. I have been asked to ensure that the data transferred is encrypted beween the two hosts.
My first thought was to replace these commands with ssh. However there are approximately 50 scripts and assorted programs that will need changing. Next I thought of the old Sun Skip program that will encrypt all traffic between the two hosts not matter what protocol is used. The problem with using Skip is that it is not supported on Solaris 9 or 10 so I do not have a long term solution.
Has anyone set up encryption between two Solaris hosts that encryts traffic no matter what the protocol?
Regards,
blp001
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
hey guys, i am on a box named pluto and i need to be able to log into another box named genesis. i need to be able to ssh into genesis as root and not get asked for the password. what file do i need to edit on genesis to make this happen? i searched for the .rhosts file it doesn't seem to exist.... (1 Reply)
Discussion started by: Terrible
1 Replies
2. Solaris
I forgot how to configure multiple host servers on the my CDE windows in Solaris.
I'll appreciate any help
Thanks,
Remi (2 Replies)
Discussion started by: Remi
2 Replies
3. UNIX for Dummies Questions & Answers
Hello,
Iam looking for a solution to keep track on my traffic usuage, monthly usuage.
Anybody could recommend anything?
/empty (2 Replies)
Discussion started by: empty
2 Replies
4. Red Hat
Ok Time warner cable / voip modem feeding Cisco PIX 501 Wan port from PIX 501 LAN port to WAN port on Linksys wrt54GL wireless router.
so
-->Modem-->PIX 501-->WRT54GL-->Linux Server, wireless desktop, wireless laptop (2), Wireless MAC Pro, Wireless Apple TV, Wireless printer.
my... (0 Replies)
Discussion started by: tedeansiii
0 Replies
5. Solaris
I'm trying to use the Solaris 10 "encrypt" command in a script. I want to encrypt a file called "database", but not using a keyfile, instead using a keyphrase. Running this from the cli requests the user to input "Enter key:" which is fair enough but I want to run this from a script. I've tried... (1 Reply)
Discussion started by: fixit9660
1 Replies
6. Solaris
Hi,
I am trying to find a Solaris 10 alternative to the HPUX inetd.sec functionality.
I want to grant access to one service for one IP address only.
# grep fme2eall /etc/services
fme2eall 35000/tcp
# svcs -a | grep fme2eall
online Mar_09 ... (2 Replies)
Discussion started by: ejdv
2 Replies
7. Solaris
I added some entries in the /etc/hosts.allow on a Solaris 10 system.
Do I need to bounce inetd?
I have read some accounts where any changes made to the /etc/hosts.allow will be taken in automatically.
And other accounts where you need to run:
svcadm refresh inetd
My... (1 Reply)
Discussion started by: snoman1
1 Replies
8. Solaris
Hello All,
I am trying find a command that would show me the stats of outgoing traffic on UPD ports on a Solaris 10 box. I would appreciate if anybody could help me out on this.
Thank you much!!!
Best Regards
Sudharma. (7 Replies)
Discussion started by: sudharma
7 Replies
9. Solaris
Hi All
We have T4-4 Server with 2 HBA configured for SAN connectivity. We want to monitor Data traffice going through these HBA. On other AIX system we have that capability with nmon. Following screen shows nmon HBA monitoring can we achieve same in Solaris 10.
... (1 Reply)
Discussion started by: uxravi
1 Replies
10. Proxy Server
Hi there,
I have a VPS and am working on a little side project for myself and friend which is a DNS proxy. Everything was great till recently. My VPS IP has been detected by some botnet or something, and I believe SMURF attacks are occuring. The VPS provider keeps shutting down my VPS... (3 Replies)
Discussion started by: phi0x
3 Replies
LEARN ABOUT DEBIAN
arpspoof
ARPSPOOF(8) System Manager's Manual ARPSPOOF(8)
NAME
arpspoof - intercept packets on a switched LAN
SYNOPSIS
arpspoof [-i interface] [-c own|host|both] [-t target] [-r] host
DESCRIPTION
arpspoof redirects packets from a target host (or all hosts) on the LAN intended for another host on the LAN by forging ARP replies. This
is an extremely effective way of sniffing traffic on a switch.
Kernel IP forwarding (or a userland program which accomplishes the same, e.g. fragrouter(8)) must be turned on ahead of time.
OPTIONS
-i interface
Specify the interface to use.
-c own|host|both
Specify which hardware address t use when restoring the arp configuration; while cleaning up, packets can be send with the own
address as well as with the address of the host. Sending packets with a fake hw address can disrupt connectivity with certain
switch/ap/bridge configurations, however it works more reliably than using the own address, which is the default way arpspoof cleans
up afterwards.
-t target
Specify a particular host to ARP poison (if not specified, all hosts on the LAN). Repeat to specify multiple hosts.
-r Poison both hosts (host and target) to capture traffic in both directions. (only valid in conjuntion with -t)
host Specify the host you wish to intercept packets for (usually the local gateway).
SEE ALSO
dsniff(8), fragrouter(8)
AUTHOR
Dug Song <dugsong@monkey.org>
ARPSPOOF(8)