Hola,
Do the login scripts for your network modify the policy on the client?
Sorry, but the first thing I am trying to figure out is how the client is being modified.
Shane
Hi,
What OS are you running the firewall on:
(generic answer will do, eg:
*nix, Appliance, Windows)
If you have a command prompt run:
netstat -rn
and include that.
(If you wish to be more secure with your IP addressing, doctor the external addressing to the 10/8 network :)
Otherwise I'm...
Hi Sunil,
Yes, nobody is generally, (by default), the least privileged account.
But only if you aren't using it, and thereby giving it privileges.
Giving nobody file permission privileges and logon privileges completely defeats the initial reason for using it.
Yes you can alter the nobody...
Sunil, why would you require the nobody UID?
If that is just they way you wrote it on Solaris, you might want to change it, as there are serious security flaws in having it runnning that way not just on AIX, but also on any other *nix OS you port to.
Esp. if, as you suggest, you force...
kinda 'me too' commment, sorry.
Would suggest that you keep the rootvg on internal disks, as already suggested above, and if you want alternate SCSI controllers, then buy and install a seperate one for an internal disk.
Shane
Back when I first started using ssh, I really didn't enjoy using the F-Secure client.
It was also the only bit they charged for, and quite a bit as well.
I tried their client again just recently, and just found that I still do not enjoy using it.
Ah well, just me I guess....
Shane
:)
The herald in login.cfg has a character limit on it.
A common use of the herald is to put some 30 \n 's in it, to scroll the console to prevent the next person from seeing what was happening on there last.
:)
As for the default response from login, I am not sure I'm afraid.
Shane
Generate the relevant public/private key pair.
ssh-keygen can do this, and I have placed some links into your earlier request for help on this.
Duplicated here below.
As for getting the RSA pair to work, place the public key into the ~/.ssh/authorized_keys file on your server.
Place the...
ummmmmm
Probably an issue with your telnet client.
(let me guess, windows telnet.exe?)
Currently using putty, which allows for a lot of standard cut&paste Win stuff.
http://www.chiark.greenend.org.uk/~sgtatham/putty/
Shane
OK, you need to use an ssh compatible client.
Standard Telnet clients are unaware of the protocol.
Having decided which win client you will be using, (and there is a wide variety out there, my current client of choice is Putty), you will need to generate the required Public/Private keys using...
One last point with regards to the file
/etc/netsvc.conf
hosts=local,bind4,bind6
We found several boxes starting up would hang on 581 for a while.
Tying down the IP version used for name resolution helped with that.
Have Fun
Please try the following links:
http://support.checkpoint.com/kb/
http://www.phoneboy.com/fw1/
http://www.deathstar.ch/security/fw1/
http://www.enteract.com/~lspitz/pubs.html
If you find a link that you believe to be worthwhile adding to this list, please do so.
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.