10 More Discussions You Might Find Interesting
1. What is on Your Mind?
where I'm working does not have any AIX box/servers for testing eventhough we're not heavily invested on UNIX. It is just sometimes there are a few client's servers that need AIX related stuff to be done.
last time I checked, I could find old AIX tower on ebay but there's no more.
p/s: on job... (4 Replies)
Discussion started by: malayo
4 Replies
2. AIX
Every now and then I google: SecuringAIX (I write a blog by that name, so I am curious where it stands - and to my dismay I did not make the top5 today from my current location.
However, this unix.com/aix thread did make the top5- and, imho, it is lacking in clarity and ease. So, I thought I... (3 Replies)
Discussion started by: MichaelFelt
3 Replies
3. AIX
Guys, i want to securing AIX after install by scratch. Is anybody can inform about the standard port which used by AIX? (4 Replies)
Discussion started by: michlix
4 Replies
4. AIX
Hi
When I run cfgmgr -v in my aix box I get the below error :
cfgmgr: 0514-621 WARNING: The following device packages are required for
device support but are not currently installed.
devices.loopback
My oslevel is 6100-06-02-1044
Please assist.
Please use and tags when... (3 Replies)
Discussion started by: samsungsamsung
3 Replies
5. AIX
Quick backgound. We just moved the Datacenter. I attempted to boot one of our older AIX machines backup and it stops at a 518 Error code. Which is fine I need to run fsck on the volumes. The issue is I can't find the original media with the appropriate Date that was originally installed(previous... (1 Reply)
Discussion started by: jcompguru
1 Replies
6. AIX
Hi All ,
I would like to ftp whole folder ( which contains various sub folder and files ) from CD to AIX box.
Could you please guide me how I can do this?
Thanks in Advance
Chandan (2 Replies)
Discussion started by: chandancsc
2 Replies
7. UNIX for Dummies Questions & Answers
Hi,
I need a clarification.
Is there any difference between AIX box and Sun Solaris box?
The bzip command with -c option works in AIX box and the same does not work in Sun Solaris box.
Can anyone please explain if there is an implementation difference in both these boxes for the shell... (1 Reply)
Discussion started by: nisha4680
1 Replies
8. AIX
i want to move my AIX os ver 4.2.1 to a new version IBM system. how can i acheive this. (1 Reply)
Discussion started by: gmonix
1 Replies
9. UNIX for Dummies Questions & Answers
Newbie in the Unix world here....trying to load Solaris 2.8 AGAIN, and trying to secure the box this time. Any suggestions anyone? Any tips? Appreciate your help, gurus!
TIA,
trigeek8888 (2 Replies)
Discussion started by: trigeek8888
2 Replies
10. Cybersecurity
someone has access to my server...
I've got a solaris 7 box with remote access only.
many of the services don't have passwords
and someone recently messed with the shadow file
-the root: line was changed:
. password field was changed to NP
. the number after that was changed too
The... (8 Replies)
Discussion started by: sphiengollie
8 Replies
BLACKHOLE(4) BSD Kernel Interfaces Manual BLACKHOLE(4)
NAME
blackhole -- a sysctl(8) MIB for manipulating behaviour in respect of refused TCP or UDP connection attempts
SYNOPSIS
sysctl net.inet.tcp.blackhole[=[0 | 1 | 2]]
sysctl net.inet.udp.blackhole[=[0 | 1]]
DESCRIPTION
The blackhole sysctl(8) MIB is used to control system behaviour when connection requests are received on TCP or UDP ports where there is no
socket listening.
Normal behaviour, when a TCP SYN segment is received on a port where there is no socket accepting connections, is for the system to return a
RST segment, and drop the connection. The connecting system will see this as a ``Connection refused''. By setting the TCP blackhole MIB to
a numeric value of one, the incoming SYN segment is merely dropped, and no RST is sent, making the system appear as a blackhole. By setting
the MIB value to two, any segment arriving on a closed port is dropped without returning a RST. This provides some degree of protection
against stealth port scans.
In the UDP instance, enabling blackhole behaviour turns off the sending of an ICMP port unreachable message in response to a UDP datagram
which arrives on a port where there is no socket listening. It must be noted that this behaviour will prevent remote systems from running
traceroute(8) to a system.
The blackhole behaviour is useful to slow down anyone who is port scanning a system, attempting to detect vulnerable services on a system.
It could potentially also slow down someone who is attempting a denial of service attack.
WARNING
The TCP and UDP blackhole features should not be regarded as a replacement for firewall solutions. Better security would consist of the
blackhole sysctl(8) MIB used in conjuction with one of the available firewall packages.
This mechanism is not a substitute for securing a system. It should be used together with other security mechanisms.
SEE ALSO
ip(4), tcp(4), udp(4), ipf(8), ipfw(8), pfctl(8), sysctl(8)
HISTORY
The TCP and UDP blackhole MIBs first appeared in FreeBSD 4.0.
AUTHORS
Geoffrey M. Rehmet
BSD
January 1, 2007 BSD
