From: JOHN HAMBLETON (jhamblet@NMU.EDU)
Date: Thu Dec 11 2003 - 19:49:59 EST
IBM calls it IPSec, and in fact I got the instructions
for installing it from the Support Center in Austin.
The way I understand it, is that you can also employ
encryption with IPSec but IPSec is billed as a firewall.
Windows server products (2000, 2003) have something
by the same name that does the same kind of firewalling.
I don't think IBM nor Microsoft have made their IPSecs
front page news but hey, for my AIX and Microsoft machines,
it does the job real well.
Cheers,
John H
Adams Kevin J wrote:
>Are you sure you mean IPSec and not ipfilter (genfilt, lsfilt)?
>
>You can use ipfilter and not do IPSec to do these things.
>
>IPSec is encryption.
>
>Kevin Adams
>PacifiCare Behavioral Health
>Principal Systems Analyst
>AIX CATE
>
>
>-----Original Message-----
>From: JOHN HAMBLETON [mailto:jhamblet@NMU.EDU]
>Sent: Thursday, December 11, 2003 7:07 AM
>To: aix-l@Princeton.EDU
>Subject: Re: [aix-l] Telnet port 25
>
>
>I used IPSec to accomplish this task. With IPsec you
>can block specific: IP addresses, protocols, ports, and
>either incoming or outgoing. It's a lot like Linux's IPTables.
>I have my port 25 blocked on ingress to all IP's except
>localhost. IPsec is found on the AIX installation media set,
>and you administer it through Smit.
>John H
>jhamblet@nmu.edu
>
>
>Robert Miller wrote:
>
>
>>Not sure if it's possible with vanilla sendmail, it may be... but I
>>wonder if you could do such a thing with TCPWrappers? If you could
>>start sendmail using TCPWrappers, that would allow you to use the
>>hosts.allow and hosts.deny files to say which boxes could talk to your
>>smtp port...
>>
>>Not sure if it's possible... anyone know if this even sounds feasible?
>>
>>--rm
>>
>>-----Original Message-----
>>From: IBM AIX Discussion List [mailto:aix-l@Princeton.EDU]On Behalf Of
>>Miller, Dave (I.S.)
>>Sent: Wednesday, December 10, 2003 10:31 AM
>>To: aix-l@Princeton.EDU
>>Subject: Re: Telnet port 25
>>
>>
>>Thanks for the replies.
>>Maybe I should ask/approach this way...can I limit telnet to respond
>>only to certain IP addresses, or sendmail relays for that matter?
>>thanks
>>
>>-----Original Message-----
>>From: Bill Verzal [mailto:BVerzal@KOMATSUNA.COM]
>>Sent: Wednesday, December 10, 2003 12:22 PM
>>To: aix-l@Princeton.EDU
>>Subject: Re: Telnet port 25
>>
>>
>>smtp runs on port 25. You do not need sendmail running to send mail out
>>of
>>a box. Once you stop sendmail, telnet to port 25 will be closed.
>>
>>BV
>>--------------------------------------------------------
>>
>>"If everything is coming your way, then you are in the wrong lane"
>>
>>Bill Verzal
>>AIX Administrator, Komatsu America
>>(847) 970-3726 - direct
>>(847) 970-4184 - fax
>>
>>
>>
>> "Miller, Dave
>> (I.S.)"
>> <Dave.Miller@BHS.
>>To
>> ORG> aix-l@Princeton.EDU
>> Sent by: IBM AIX
>>cc
>> Discussion List
>> <aix-l@Princeton.
>>Subject
>> EDU> Telnet port 25
>>
>>
>> 12/10/2003 11:10
>> AM
>>
>>
>> Please respond to
>> IBM AIX
>> Discussion List
>> <aix-l@Princeton.
>> EDU>
>>
>>
>>
>>
>>
>>
>>Can someone point me in the write direction as to how I would easily
>>disallow telnet to port 25, but still allow telnet to port 23?
>>
>>
>>I.e. I don't want to be able to telnet to port 25 and send mail, but I
>>still want to run sendmail, and allow telnet... or am I looking at this
>>wrong? Thanks.
>>
>>
>>
>>
>>
>>
>>
>>
>>CONFIDENTIALITY NOTICE: This email communication and any attachments may
>>contain confidential and privileged information for the use of the
>>designated recipients named above. If you are not the intended
>>recipient,
>>you are hereby notified that you have received this communication in
>>error
>>and that any review, disclosure, dissemination, distribution or copying
>>of
>>it or its contents is prohibited. If you have received this
>>communication
>>in error, please reply to the sender immediately or by telephone at
>>(413)
>>794-0000 and destroy all copies of this communication and any
>>attachments.
>>For further information regarding Baystate Health System's privacy
>>policy,
>>please visit our Internet web site at http://www.baystatehealth.com.
>>
>>
>>-----------------------------------------
>>
>>CONFIDENTIALITY NOTICE: This email communication and any attachments may
>>contain confidential and privileged information for the use of the
>>designated recipients named above. If you are not the intended
>>recipient, you are hereby notified that you have received this
>>communication in error and that any review, disclosure, dissemination,
>>distribution or copying of it or its contents is prohibited. If you have
>>received this communication in error, please reply to the sender
>>immediately or by telephone at (413) 794-0000 and destroy all copies of
>>this communication and any attachments. For further information
>>regarding Baystate Health System's privacy policy, please visit our
>>Internet web site at http://www.baystatehealth.com.
>>
>
>This electronic message transmission, including any attachments,
contains
>information from PacifiCare Health Systems Inc. which may be
confidential or
>privileged. The information is intended to be for the use of the
individual or
>entity named above. If you are not the intended recipient, be aware
that any
>disclosure, copying, distribution or use of the contents of this
information
>is prohibited.
>If you have received this electronic transmission in error, please
notify the
>sender immediately by a "reply to sender only" message and destroy all
>electronic and hard copies of the communication, including attachments.
>
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 22:17:24 EDT