Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Security issue with TCP SYN packets on Linux
Operating Systems Linux Security issue with TCP SYN packets on Linux Post 67307 by bert.n on Tuesday 22nd of March 2005 11:38:10 AM
Old 03-22-2005
Linux 2.6
Hi thmnetwork,

will upgrade hopefully by end of this year, but the issue is that a security audit has been done and need to 'fill out' all the possible holes..

I guess I'll use the ipchains firewall for that.


thanks for your reply.

Bert.n
 

9 More Discussions You Might Find Interesting

1. Red Hat

How to check the outbound packets in Linux

I have a linux redhat box , our security department in my company informed me that my server's IP sends So many traffic in my network , This box I am using it as FTP server to store the other servers logs . My question briefly is how to check my outbound packets which are going from my PC to the... (1 Reply)
Discussion started by: DarkSoul
1 Replies

2. IP Networking

Could a tcp issue be causing a null pointer exception?

The client's app gets a 'suspend error' which they say is due to a null pointer exception. Application people say nothing's wrong with the app. Network people say the network's fine. I'm supposed to see what's wrong with the system to be causing this error. I checked the NIC card settings, which... (1 Reply)
Discussion started by: pmichner
1 Replies

3. UNIX for Dummies Questions & Answers

Linux box drops the incoming packets

Hi all, I am new to Linux kernel. we have a c file that counts the no. of sends and received packets in each interface, and indicate the user about the error/drop ration of incoming and outgoing packets. in our Linux box , the incoming packets are dropped at random interval. we have our... (1 Reply)
Discussion started by: kannandv
1 Replies

4. Linux

Linux dhcp client boot process with packets traffic

Hi Everybody, I would like to know the entire network packets exchange, sequence between a linux dhcp client workstation & dhcp server as client comes up starting from OS booting stage as network service starts to the time client gets dhcp IP address. This would be in a typical LAN ... (2 Replies)
Discussion started by: sudhirav
2 Replies

5. Solaris

TCP SYN timer

Can anybody please tell me how I can figure out on a solaris server how long it would take a TCP SYN request to timeout before it gets a SYN_ACK back? Thanks, (3 Replies)
Discussion started by: Pouchie1
3 Replies

6. IP Networking

how to hack linux driver to delay incoming packets

hello, can anyone suggest how to delay the incoming packets ?? or how the packets are prossed inside the kernal and a way to make the packets wait a while?? it wud be vry helpful regards sameer (7 Replies)
Discussion started by: sameer kulkarni
7 Replies

7. IP Networking

Packets sent from Linux TCP socket

Hello, Our software is using a TCP socket (AF_INET, SOCK_STREAM) to communicate with an Ethernet device. When we send a message, the message object writes itself in full onto the socket's stream buffer before the software invokes send() from socket.h. I'm still researching, but have 2... (1 Reply)
Discussion started by: bix_20002000
1 Replies

8. IP Networking

TCP Same Ack Sequencing for Two Packets

I was analyzing a TCP snoop. And found following scenario From Server to Client ---> SEQ 2993 ACK 1744 WIN 8192 LEN 13 From Server to Client ---> SEQ 3006 ACK 1744 WIN 8192 LEN 13 From Client to server --> SEQ 1744 ACK 3019 WIN 3304 I just want to know Why Packet 1 and 2... (3 Replies)
Discussion started by: mr_deb
3 Replies

9. IP Networking

TCP MSS Issue

Gretings! I have developed simple utility using Berkly sockets interface: So, what do I? $ ifconfig lo mtu 1500 $ make //run netcat $ ./target 127.0.0.1 5555 1460 1000000 #mss: 1460, loop sleep: 1s On other virtual terminal: $ netcat -l 127.0.0.1 -p 5555 On third virtual terminal: #... (1 Reply)
Discussion started by: denis4inet
1 Replies

LEARN ABOUT REDHAT

network.conf

NETSCRIPT-2.2.conf(5)						File Formats Manual					     NETSCRIPT-2.2.conf(5)

NAME

       /etc/netscript/network.conf - interface, firewalling, and QoS configuration file.

       /etc/netscript/if.conf - interface setup shell script file

       /etc/netscript/qos.conf - QoS setup shell script file

       /etc/netscript/ipfilter.conf - IP chains filtering shell script file

       /etc/netscript/srvfilter.conf - server IP filter shell script file

DESCRIPTION

       This manpage is a place holder until something better is written when the netscript itself has stopped changing rapidly.

       Please  see  the README file in the /etc/netscript directory, and READ the configuration files if you need to change them.  Apart from net-
       work.conf, all of them contain sh (1) shell script functions which are there so that various things can be altered  or  hooked  in  at  the
       right place. Network.conf contains the full network setup details, including special interface setup for the likes of ciped/pppd/wanconfig,
       and is fully commented with examples given.

UPGRADE PATH FROM KERNEL 2.2.X
       The firewall/IP filtering stuff in ipfilter.conf is the part that changed radically with the move to iptables and a far better way of  set-
       ting  up  the  IP filtering rules, however the QoS and interface startup/shutdown in if.conf have changed but are backwards compatible with
       the old 2.2.x ipchains version of netscript for the interface address configuration settings.  You will have to set up the filtering  again
       to use iptables by directly using the iptables commands.

       Also,  the  kernel  2.2.x version scripts are set up so that iptables is only run on a 2.4.x kernel, otherwise IP forwarding is disabled if
       beforehand you set IPFWDING_KERNEL to FILTER_ON in network.conf.

       This means that when you upgrade a box to a 2.4.x router kernel, you should then be able to reboot it and log  into  remotely  and  upgrade
       netscript  to  the version that will support 2.4.x.  In this situation, if you have set old IPFWDING_KERNEL setting to FILTER_ON beforehand
       in network.conf, all IP forwarding through the box will also be disabled.  This means that you can safely remotely upgrade a firewall.

SEE ALSO

       netscript(8), ipchains(8), iproute(8), brcfg(8).

AUTHOR

       This manual page was written by Matthew Grant <grantma@anathoth.gen.nz>, for the Debian GNU/Linux system (but may be used by others).

BUGS

       The author is lazy.  He needs to write btter man pages...

								 November 23, 2000					     NETSCRIPT-2.2.conf(5)
All times are GMT -4. The time now is 10:04 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy