HPE Community
Operating System - HP-UX
1834475 Members
3473 Online
110067 Solutions
New Discussion

Emergency Help

 
SOLVED
Go to solution
Nobody's Hero
Valued Contributor

‎11-16-2004 02:24 AM

‎11-16-2004 02:24 AM

Emergency Help

We are getting hammered with outbound request to the internet, maybe a worm or virus, spyware. I dont know. So we are putting a cisco pix in place. Question. Is there a content filter for Unix that I can run as a Unix firewall and replace our windoze firewall? Is there a free product I can download now to get our business running. Right now our business is diving due to a flux of traffic that interrupts internet access.

Also, anyone heard of a new virus that is picking on port 445?
UNIX IS GOOD
0 Kudos
Reply
5 REPLIES 5
RAC_1
Honored Contributor

‎11-16-2004 02:29 AM

‎11-16-2004 02:29 AM

Re: Emergency Help

Port 445 is the port apache uses for ssh (In most cases and by default) If you do not need apache (process -http), you can just shut it down. Also you can check which process is using port 445.

lsof -p tcp:445
lsof -p udp:445

lsof - is a tool (list open files. Get it from http://hpux.connect.org.uk)

you can also do
netstat -an|grep 445 and see which process is using port 445 and if not required you can stop process.

For content filter you can use free hp-ux product - ipfilter. Look for it at product.hp.com

Hope this helps.

Anil
There is no substitute to HARDWORK
Reply
Sanjay_6
Honored Contributor

‎11-16-2004 02:31 AM

‎11-16-2004 02:31 AM

Solution

Re: Emergency Help

Hi Robert,

You can look into ipfilter,

http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B9901AA

Hope this helps.

Regds
Reply
Fred Ruffet
Honored Contributor

‎11-16-2004 02:38 AM

‎11-16-2004 02:38 AM

Re: Emergency Help

You can install a linux box to be used as a firewall. It has iptables built-in, wich can be configured as a good protection. You may find GUI to configure it or even other products for Linux FW.

To secure your HP-UX Box, you can try Bastille (download on http://software.hp.com/) which is also available for linux.

Regards,

Fred
--

"Reality is just a point of view." (P. K. D.)
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎11-16-2004 02:40 AM

‎11-16-2004 02:40 AM

Re: Emergency Help

The ipfilter firewall can protect your Unix/HP-UX machine in the following ways:

It can totally block specific ports. It can block certain protcols on ports you need to leave open.

If you identify the port the bad traffic is on, configuration is relatively easy.

I'm attaching my ipf.conf file from a sandbox machine that was getting hammered until i brought up ipfilter. I believe there is already a link to that product in this thread.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Sanjay_6
Honored Contributor

‎11-16-2004 02:45 AM

‎11-16-2004 02:45 AM

Re: Emergency Help

Hi Robert,

check the symantec site for the latest virus threat.

http://securityresponse.symantec.com/avcenter/vinfodb.html

Hope this helps.

regds
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.