- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: Ping,Telent
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-26-2003 06:20 PM
тАО10-26-2003 06:20 PM
Ping,Telent
could any body tell me how i can prevent anybody outside to ping or telnet to my servers?without using SSH.
my servers are HPUX-rp8400
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-26-2003 06:25 PM
тАО10-26-2003 06:25 PM
Re: Ping,Telent
the most secure way is to block this on the firewall.
You can have a look at /var/adm/inetd.sec to block addresses/address ranges, but if somebody can logon to another server on your LAN, he might be able to ping/telnet from that server.
good luck,
Thierry.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-27-2003 03:01 AM
тАО10-27-2003 03:01 AM
Re: Ping,Telent
Hi
You can do it in the inetd security file .
/var/adm/inetd.sec .
After doing the modification do inetd -c to force inetd demon to read the config file.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-27-2003 03:25 AM
тАО10-27-2003 03:25 AM
Re: Ping,Telent
to disable telnet, edit the /etc/inetd.conf file and comment out "#" the line starting with telnet.
telnet stream tcp nowait root /usr/lbin/telnetd telnetd
And then run inetd -c to force inetd to reread its configuration.
You cannot disable ping to your system. Also disabling telnet could be a risky move. So be carefule before you do something like that.
Hope this helps.
Regds
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-27-2003 03:45 AM
тАО10-27-2003 03:45 AM
Re: Ping,Telent
http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B9901AA
The telnet as noted can be done by disabling telnet or the inetd.sec change noted above.
If I'm wrong about the ping part, I'd like to see an inetd.sec example that shows how to disable ping(if this were my question that would be the prerequisite for earning a bunny).
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-27-2003 08:04 AM
тАО10-27-2003 08:04 AM
Re: Ping,Telent
ndd -set /dev/ip ip_respond_to_echo_broadcast 0
This will keep it from responding to broadcasts (a.b.c.255) but it will still want to respond to a direct request.
http://www.cromwell-intl.com/security/security-stack-hardening.html
also recommends:
ndd -set /dev/ip ip_forward_directed_broadcasts 0
ndd -set /dev/ip ip_respond_to_address_mask_broadcast 0
ndd -set /dev/ip ip_respond_to_timestamp_broadcast 0
ndd -set /dev/ip ip_respond_to_address_mask_broadcast 0
ndd -set /dev/ip ip_respond_to_timestamp_broadcast 0
Ron
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-27-2003 11:40 PM
тАО10-27-2003 11:40 PM
Re: Ping,Telent
ndd -set/dev/ip ip_respond_to_echo_broadcast 0
and i use other commands but always i got module ' ndd.......' invalid argument any body has an idea inorder to disable ping.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-28-2003 01:43 AM
тАО10-28-2003 01:43 AM
Re: Ping,Telent
Ron
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-28-2003 03:11 AM
тАО10-28-2003 03:11 AM
Re: Ping,Telent
However, you can set which IP address can or cannot telnet in to the server in /var/adm/inetd.sec file.
After you finish configuring the file, run "inetd -c" to refresh network setting.