10 More Discussions You Might Find Interesting
1. Solaris
I have a server with 6 Ethernet ports. 4 are the the motherboard based 1 GBE ports and 2 are 10 GBE ports on NICs.
I have set these all up with static IP addresses and use the standard /etc/nsswitch.files. My IP addresses are
net0 192.168.1.82
net1 192.168.2.82
and so on till
net5... (4 Replies)
Discussion started by: ashlaw
4 Replies
2. Shell Programming and Scripting
Team,
Presently i am running a script from my local box(i.e jumpbox) to all the remote machines.Basically fetching basic queries like pwd,mkdir,touch etc and i am able to successfully fetch it from my local machine.But when i want to check certain database related queries like the dbstat... (20 Replies)
Discussion started by: whizkidash
20 Replies
3. Red Hat
I want to SSH to 192.168.1.15 Server from my machine, my ip was 192.168.1.99
Source Destination was UP, with IP 192.168.1.15.
This is LAN Network there are 30 Machine's Connected to the network and working fine, I'm Playing around the local machine's because I need to apply the same rules in... (2 Replies)
Discussion started by: babinlonston
2 Replies
4. Linux
Hi,
Could you please help me with the below issue..
I'm running RHEL6 OS on both server (192.168.0.10) and client machines (192.168.0.1).
I'm trying to connect to server from the client machine using ftp service.
I have installed vsftpd daemon on both the machines.
I'm getting... (4 Replies)
Discussion started by: raosr020
4 Replies
5. UNIX for Advanced & Expert Users
Hi Am using unix Ksh
Am getting the problem while transferring zero size files through the script .
When i transfer zero size files from local machine to remote machine manually i can able to do it .
My question its beause of zero size files am not able to transfer through script ? or its... (2 Replies)
Discussion started by: Venkatesh1
2 Replies
6. Shell Programming and Scripting
Hi All..
Am new to Unix!!
Am creating a shell script in which a scenario is like i have transfer the output file from unix machine (Server) to local directory (Windows xp).
And also i have to transfer the input file from the local directory to Unix machine (Server)
Any help from you... (1 Reply)
Discussion started by: vidhyaS
1 Replies
7. Shell Programming and Scripting
I need a shell script to copy files frm a linux machine to a windows machine using SCP. The files keeps changing day-to-day. I have to copy the latest file to the windows machine frm the linux machine.
for example :In Linux, On July 20, the file name will be 20.txt and it should be copied to... (3 Replies)
Discussion started by: nithin6034
3 Replies
8. Red Hat
Hi All,
URGENT - Please help me form a scipt for this:
I need the LATEST file from a dir on REMOTE machine to be SCP'd to a dir on local machine. (and I need to execute this from local server)
I know that the below cmd is used to find the LATEST file from a dir. But this command is not... (3 Replies)
Discussion started by: me_ub
3 Replies
9. UNIX for Dummies Questions & Answers
There are two servers where my machine is connected. Is there any type of link formed between my machine and server machine? (1 Reply)
Discussion started by: palash2k
1 Replies
10. SCO
Hi All,
I want to disable some ports like tcp 111, udp 111 on my SCO Unix machine. Can someone please let mw know how i can do it? Also would i able to enable these ports in future if needed?
Here is the output of uname -a command to see machine type;
NODENAME>uname -a
UnixWare NODENAME... (1 Reply)
Discussion started by: am_yadav
1 Replies
PORTSENTRY(8) System Manager's Manual PORTSENTRY(8)
NAME
portsentry - detect portscan activity
SYNOPSIS
portsentry [ -tcp | -stcp | -atcp ]
portsentry [ -udp | -sudp | -audp ]
DESCRIPTION
This manual page documents briefly the portsentry command. This manual page was written for the Debian GNU/Linux distribution because the
original program does not have a manual page.
portsentry is a program that tries to detect portscans on network interfaces with the ability to detect stealth scans. On alarm portsentry
can block the scanning machine via hosts.deny (see hosts_access(5), firewall rule (see ipfwadm(8), ipchains(8) and iptables(8)) or dropped
route (see route(8)).
OPTIONS
For details on the various modes see /usr/share/doc/portsentry/README.install
-tcp tcp portscan detection on ports specified under TCP_PORTS in the config file /etc/portsentry/portsentry.conf.
-stcp As above but additionally detect stealth scans.
-atcp Advanced tcp or inverse mode. Portsentry binds to all unused ports below ADVANCED_PORTS_TCP given in the config file /etc/portsen-
try/portsentry.conf.
-udp udp portscan detection on ports specified under UDP_PORTS in the config file /etc/portsentry/portsentry.conf.
-sudp As above but additionally detect "stealth" scans.
-audp Advanced udp or inverse mode. Portsentry binds to all unused ports below ADVANCED_PORTS_UDP given in the config file /etc/portsen-
try/portsentry.conf.
CONFIGURATION FILES
portsentry keeps all its configuration files in /etc/portsentry. portsentry.conf is portsentry's main configuration file. See portsen-
try.conf(5) for details.
The file portsentry.ignore contains a list of all hosts that are ignored, if they connect to a tripwired port. It should contain at least
the localhost(127.0.0.1), 0.0.0.0 and the IP addresses of all local interfaces. You can ignore whole subnets by using a notation <IP
Address>/<Netmask Bits>. It is *not* recommend putting in every machine IP on your network. It may be important for you to see who is con-
necting to you, even if it is a "friendly" machine. This can help you detect internal host compromises faster.
If you use the /etc/init.d/portsentry script to start the daemon, portsentry.ignore is rebuild on each start of the daemon using portsen-
try.ignore.static and all the IP addresses found on the machine via ifconfig.
/etc/default/portsentry specifies in which protocol modes portsentry should be startet from /etc/init.d/portsentry There are currently two
options:
TCP_MODE=
either tcp, stcp or atcp (see OPTIONS above).
UDP_MODE=
either udp, sudp or audp (see OPTIONS above).
The options above correspond to portsentry's commandline arguments. For example TCP_MODE="atcp" has the same effect as to start portsentry
using portsentry -atcp. Only one mode per protocol can be started at a time (i.e. one tcp and one udp mode).
FILES
/etc/portsentry/portsentry.conf main configuration file
/etc/portsentry/portsentry.ignore
IP addresses to ignore
/etc/portsentry/portsentry.ignore.static
static IP addresses to ignore
/etc/default/portsentry
startup options
/etc/init.d/portsentry
script responsible for starting and stopping the daemon
/var/lib/portsentry/portsentry.blocked.*
blocked hosts(cleared upon reload)
/var/lib/portsentry/portsentry.history
history file
SEE ALSO
portsentry.conf(5), hosts_access(5), hosts_options(5), route(8), ipfwadm(8), ipchains(8), iptables(8), ifconfig(8)
/usr/share/doc/portsentry/README.install
AUTHOR
portsentry was written by Craig H. Howland <crowland@users.sf.net>.
This manual page was stitched together by Guido Guenther <agx@debian.org>, for the Debian GNU/Linux system (but may be used by others).
Some parts are just a cut and paste from the original documentation.
PORTSENTRY(8)
