10 More Discussions You Might Find Interesting
1. UNIX for Beginners Questions & Answers
hi,
i would like to create a bash script that check which port in my Linux server are closed (not in use) from a specific range, port range (3000-3010).
the print output need to be only 1 port, and it will be nice if the output will be saved as a variable or in same file.
my code is:
... (2 Replies)
Discussion started by: yossi
2 Replies
2. Solaris
please find the below o/p for your reference
bash-3.00# fcinfo hba-port
HBA Port WWN: 21000024ff295a34
OS Device Name: /dev/cfg/c2
Manufacturer: QLogic Corp.
Model: 375-3356-02
Firmware Version: 05.03.02
FCode/BIOS Version: BIOS: 2.02; fcode: 2.01;... (3 Replies)
Discussion started by: sb200
3 Replies
3. Red Hat
In my Linux system ephemeral port range is showing different ranges as follows
$ cat /proc/sys/net/ipv4/ip_local_port_range
32768 61000
cat /etc/sysctl.conf | grep net.ipv4.ip_local_port_range
net.ipv4.ip_local_port_range = 9000 65500
Which will be the effective ephemeral port... (5 Replies)
Discussion started by: steephen
5 Replies
4. Programming
Hello, I am writing a program which runs with root privileges, and it creates a child with lowered privileges and has to redirect it's stdout and stderr to a file and then run bash.
The problem is, whenever I read this file, I want to see all of the current output, even when the program is still... (10 Replies)
Discussion started by: madd-games
10 Replies
5. UNIX for Dummies Questions & Answers
I want to limit all *outbound* traffic on eth0 (or all *.*) on port 25 to a specific (allowed) range...
I.E.
192.168.1.5 (local ip) tries to connect to 1.2.3.4:25 (outside real world ip)
It can proceed because 1.2.3.0/24 is the allowed range
Now, 192.168.1.5 (local ip) tries to connect to... (1 Reply)
Discussion started by: holyearth
1 Replies
6. AIX
Hi Guys,
Please could you tell me if it is possible to have a single rule/filter to allow a certain port range instead of a separate rule for each port?
I'm sure it must be possible but I am unable to find the syntax.
Thanks
Chris (4 Replies)
Discussion started by: chrisstevens
4 Replies
7. AIX
May I know what is the TCP/UCP port range for any default AIX NFS? Based on rpcinfo -p, I got the following output:
program vers proto port service
100000 4 udp 111 portmapper
100000 3 udp 111 portmapper
100000 2 udp 111 portmapper
100000 4 ... (4 Replies)
Discussion started by: famasutika
4 Replies
8. UNIX for Advanced & Expert Users
my apps use port 40001; however, for example, firstly, I ftp to other server, it made a high port locally, remote is port 21, unfortunately, it hit my port 40001 and my apps is unable to startup. This chance is very very little, but I hit it. Can resevse my port 40001? otherwise command don't use it (5 Replies)
Discussion started by: goodbid
5 Replies
9. Solaris
Is there a way in solaris 9 to prevent a user to login via ssh, telnet, rlogin, and only be able to su as that user, for example
have DBA joe blow login as jblow, and then su to oracle
BUT
not vice versa
have DBA joe blow login as oralce (6 Replies)
Discussion started by: csaunders
6 Replies
10. UNIX for Advanced & Expert Users
This is for 3 os's, AIX, Solaris, and AIX, didnt want to post three seperate times on the same subject, anyways, I want to force the user MQM to su, i.e. not be able to rlogin/telnet to the box as user MQM, only login as there ID(chris for example) and su to MQM, does anyone know how to do this,... (4 Replies)
Discussion started by: csaunders
4 Replies
RFC6056(7) BSD Miscellaneous Information Manual RFC6056(7)
NAME
rfc6056 -- port randomization algorithms
DESCRIPTION
The rfc6056 algorithms are used in order to randomize the port allocation of outgoing UDP packets, in order to provide protection from a
series of ``blind'' attacks based on the attacker's ability to guess the sequence of ephemeral ports associated with outgoing packets. For
more information consult RFC 6056.
The individual algorithms are described below:
The RFC 6056 algorithms
The following algorithms are available:
bsd This is the default NetBSD port selection algorithm, which starts from anonportmax and proceeds decreasingly through the avail-
able ephemeral ports.
random_start Select ports randomly from the available ephemeral ports. In case a collision with a local port is detected, the algorithm
proceeds decreasingly through the sequence of ephemeral ports until a free port is found. Note that the random port selection
algorithms are not guaranteed to find a free port.
random_pick Select ports randomly from the available ephemeral ports. In case a collision with a local port is detected the algorithm
tries selecting a new port randomly until a free port is found.
hash Select ports using a md5(3) hash of the local address, the foreign address, and the foreign port. Note that in the case of a
bind(2) call some of this information might be unavailable and the port selection is delayed until the time of a connect(2)
call, performed either explicitly or up calling sendto(2).
doublehash Select ports using a md5(3) hash of the local address, foreign address, and foreign port coupled with a md5(3) hash of the same
components obtained using a separate table that is associated with a subset of all outgoing connections. The same considera-
tions regarding late connection as in the case of hash apply.
randinc Use random increments in order to select the next port.
SYSCTL CONTROLS
The following sysctl controls are available for selecting the default port randomization algorithm:
sysctl name Type Changeable
net.inet.udp.rfc6056.available string no
net.inet.udp.rfc6056.selected string yes
net.inet6.udp6.rfc6056.available string no
net.inet6.udp6.rfc6056.selected string yes
SOCKET OPTIONS
The socket option UDP_RFC6056ALGO at the IPPROTO_UDP level can be used with a string argument specifying the algorithm's name in order to
select the port randomization algorithm for a specific socket. For more info see setsockopt(2).
SEE ALSO
setsockopt(2), sysctl(3), sysctl(7)
HISTORY
The rfc6056 algorithms first appeared in NetBSD 6.0.
BSD
August 25, 2011 BSD