- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- how to block ftp from HPUX to linux server ??
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-23-2008 11:35 PM
тАО12-23-2008 11:35 PM
i wuld lik to block ftp from an hpux server 11i v2 ..to a linux server....
Details of hpux server....:
===========================
RX4640
11i v2
8 gb RAM..
root #/ >cat /var/adm/inetd.sec
# @(#)B11.23_LRinetd.sec $Revision: 1.10.214.1 $ $Date: 96/10/08 13:20:06 $
#
#
# The lines in the file contain a service name, permission field and
# the Internet addresses or names of the hosts and/or networks
# allowed to use that service in the local machine.
# The form for each entry in this file is:
#
#
#
# For example:
#
# login allow 10.3-5 192.34.56.5 ahost anetwork
#
# The above entry allows the following hosts to attempt to access your system
# using rlogin:
# hosts in subnets 3 through 5 in network 10,
# the host with Internet Address of 192.34.56.5,
# the host by the name of "ahost",
# all the hosts in the network "anetwork"
#
# mountd deny 192.23.4.3
#
# The mountd entry denies host 192.23.4.3 access to the NFS rpc.mountd
# server.
#
# Hosts and network names must be official names, not aliases.
# See the inetd.sec(4) manual page for more information.
ftp deny 10.1.4.202
Details of linux server :
========================
[root@intmailserver vsftpd]# uname -a
Linux intmailserver 2.6.9-1.667smp #1 SMP Tue Nov 2 14:59:52 EST 2004 i686 i686 i386 GNU/Linux
[root@intmailserver vsftpd]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere
DROP all -- 10.1.4.211 anywhere
DROP all -- anywhere 10.1.4.211
Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain RH-Firewall-1-INPUT (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp any
ACCEPT ipv6-crypt-- anywhere anywhere
ACCEPT ipv6-auth-- anywhere anywhere
ACCEPT udp -- anywhere 224.0.0.251 udp dpt:5353
ACCEPT udp -- anywhere anywhere udp dpt:ipp
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:http
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:https
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ftp
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:telnet
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:smtp
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:5901
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:5902
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:5903
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-24-2008 12:19 AM
тАО12-24-2008 12:19 AM
Re: how to block ftp from HPUX to linux server ??
You want to stop ftp from hp side or linux side.
if you want to stop from you hp side then stop the ftpd demon
edit the file /etc/inetd.conf
put # on ftp line
save the file
restart the net
inet -c
Suraj
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-24-2008 12:21 AM
тАО12-24-2008 12:21 AM
Re: how to block ftp from HPUX to linux server ??
i need to block ftp from hpux server 10.1.4.a
to linux server 10.1.4.b ONLY.
n not the whole ftp daemon...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-24-2008 12:58 AM
тАО12-24-2008 12:58 AM
Re: how to block ftp from HPUX to linux server ??
1) Go to you r linux machine and filter FTP traffic from your HP-UX machine there, but I am not familiar enough with Linux to tell you how to do that.
2) On your HP-UX box, since you have HP-UX 11.23, you could activate IPFilter and block outgoing FTP traffic to the IP-address of the Linux box.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-24-2008 01:14 AM
тАО12-24-2008 01:14 AM
Re: how to block ftp from HPUX to linux server ??
Any other option then IP FILTER...
bcozz for that i need to take a reboot of that server ..which is not possible right now...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-24-2008 01:25 AM
тАО12-24-2008 01:25 AM
Re: how to block ftp from HPUX to linux server ??
- Install TCP Wrappers. Follow these steps :
a) Install TCP Wrappers
- ftp TCP-WRAPPERS_11.11.depot to /tmp
- cd /tmp
- swinstall -s /tmp/TCP-WRAPPERS_11.11.depot TCP-WRAPPERS
b) Action after install TCP Wrappers
- Create a simple /etc/hosts.allow file :
(required to get list of ip address which allowed to access the server)
echo 'ALL:
chown root:sys /etc/hosts.allow
chmod go-w,a-xs /etc/hosts.allow
Note : Example for first command , echo 'ALL: 10.0.3.61 '\ > /etc/hosts.allow
These IP Address are for the pc which can have access to server
- Create /etc/hosts.deny :
echo 'ALL: ALL'> /etc/hosts.deny
chown root:sys /etc/hosts.deny
chmod go-w,a-xs /etc/hosts.deny
Modify inetd.conf
> open file /etc/inetd.conf using Reflextion X
> remark with ├в #├в for column which have telnet and ftp
> add these lines at the file
telnet stream tcp nowait root /usr/lbin/tcpd /usr/lbin/telnetd telnetd
ftp stream tcp nowait root /usr/lbin/tcpd /usr/lbin/ftpd ├в l
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-24-2008 05:42 AM
тАО12-24-2008 05:42 AM
Re: how to block ftp from HPUX to linux server ??
i have installed tcp wrapper...
but after that what is the syntax for the hosts.allow and hosts.deny
morever bcoz tcp wrapper is gettin installed in /usr/local/bin/tcpd ..
so what entry shuld i make in /etc/inetd.conf ????
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-25-2008 03:27 PM
тАО12-25-2008 03:27 PM
Re: how to block ftp from HPUX to linux server ??
Hi chindi,
For hosts.allow, you should put "ALL:ALL;" and for the hosts.deny, you should put "ALL:ip_linux_server;"
For the inetd.conf, find and remark the line of ftp and replace with this line,
ftp stream tcp nowait root /usr/lbin/tcpd /usr/lbin/ftpd ├в l
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-25-2008 07:56 PM
тАО12-25-2008 07:56 PM
Re: how to block ftp from HPUX to linux server ??
No need to make changes in /etc/inetd.conf this refer's to allow&deny of Services like ftp,telnet,ssh,rlogin .. etc.
so looks to me Ok, /var/adm/inetd.sec will accomplish your purpose.
Thx,
Johnson
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-26-2008 01:32 AM
тАО12-26-2008 01:32 AM
Re: how to block ftp from HPUX to linux server ??
Johnson,
I want to block ftp from my hpux server to linux server..
wen i make an try in /var/adm/inetd.sec
ftp deny 10.1.4.b ( linux ip )
m not able to ftp from linux to ftp...whereas i want no ftp from hpux to linux server..