Limit rsh ports

From: UAdmnSUN@netscape.net
Date: Thu Feb 06 2003 - 21:48:19 EST

• Next message: Ravi kumar: "patching"
• Previous message: v.rajan@verizon.net: "DVD/CD rom"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi managers,

I have a third part backup software to backup SUN (Sol 7) boxes. The backup server is behind the Firewall and the client (WEB Server) is outside the Firewall. Backup software uses rsh to backup the clients. (Please don't suggest ssh now I will do it in the future). In the Firewall we initially allowed ports 512, 1020 and 1021 (depending on the drops). Then it works six months then few drops appear in the FireWall logs on new ports. This in the middle of the night and the backup fails. Then based on the drops more ports are allowd. FW guys deney any changes to the FW rules. I have captured the port numbers via netstat during the backup. The open ports for backup as follows:
+++++++++++++++++++++++++
Fri Feb 7 02:45:00 EST 2003
server.1021 client.514 33580 0 8760 1024 FIN_WAIT_2
server.1020 client.1023 33580 0 8760 0 ESTABLISHED
+++++++++++++++++++++++++

+++++++++++++++++++++++++
Fri Feb 7 02:50:00 EST 2003
server.1021 client.514 33580 0 8760 0 FIN_WAIT_2
server.1020 client.1023 33580 0 8760 0 ESTABLISHED
+++++++++++++++++++++++++

+++++++++++++++++++++++++
Fri Feb 7 02:55:00 EST 2003
server.1021 client.514 33580 0 8760 0 TIME_WAIT
server.1020 client.514 33580 0 8760 0 TIME_WAIT
server.1019 client.514 33580 0 8760 1024 FIN_WAIT_2
server.1018 client.1021 33580 0 8760 0 ESTABLISHED
+++++++++++++++++++++++++

+++++++++++++++++++++++++
Fri Feb 7 03:00:00 EST 2003
server.1019 client.514 33580 0 8760 0 FIN_WAIT_2
server.1018 client.1021 33580 0 8760 0 ESTABLISHED
+++++++++++++++++++++++++

+++++++++++++++++++++++++
Fri Feb 7 03:05:00 EST 2003
server.1019 client.514 33580 0 8760 0 FIN_WAIT_2
server.1018 client.1021 33580 0 8760 0 ESTABLISHED
+++++++++++++++++++++++++

+++++++++++++++++++++++++
Fri Feb 7 03:10:00 EST 2003
server.1019 client.514 33580 0 8760 1024 FIN_WAIT_2
server.1018 client.1021 33580 0 8760 0 ESTABLISHED
+++++++++++++++++++++++++

+++++++++++++++++++++++++
Fri Feb 7 03:15:00 EST 2003
server.1019 client.514 33580 0 8760 1024 FIN_WAIT_2
server.1018 client.1021 33580 0 8760 0 ESTABLISHED
+++++++++++++++++++++++++

Is there a way I can restrict rsh to open only a limited number/s of ports.

Thanks in advance
UadmnSun

__________________________________________________________________
The NEW Netscape 7.0 browser is now available. Upgrade now! http://channels.netscape.com/ns/browsers/download.jsp

Get your own FREE, personal Netscape Mail account today at http://webmail.netscape.com/
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: Ravi kumar: "patching"
• Previous message: v.rajan@verizon.net: "DVD/CD rom"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:25:47 EDT