[Sunhelp] Shutting down a port on a Sun box

[Tubbs, Derric L]

A firewall is an option but tcp_wrappers will allow pretty fine grained
control over who can access specific daemons/ports.  If you need to allow or
restrict _certain_ people with regard to specific daemons this product is
definitely worth a look.  Besides, it's free.  Every Solaris/UNIX security
pub or site I've looked at recommended them as a first step in the security
process.

Derric Tubbs

> ----------
> From: 	James Roth[SMTP:james at univox.univox.com]
> Reply To: 	sunhelp at ohno.mrbill.net
> Sent: 	Wednesday, June 30, 1999 11:38 AM
> To: 	sunhelp at ohno.mrbill.net
> Subject: 	Re: [Sunhelp] Shutting down a port on a Sun box
> 
> Paul McCrone wrote:
> 
> > 
> > I need to disable a port ( let's say it's port XXXX) on a new
> workstation that
> > I installed earlier this morning.  How do I do this? Please let me know
> (i.e.
> > tell me the commands to execute) and I'll do it.  My network security
> people
> > tell me that this machine needs to have this port deactivated, but they
> won't
> > tell me how to do it.  I can't bring the system on-line until I resolve
> this,
> > so please help!
> 
> 	I am also looking at a similar problem.  But I cannot simply kill
> the
> daemon or edit /etc/inetd.conf.  Linux and the various free BSD OS's
> have command line utilities for firewalling ports based on incoming IP
> address or other parameters (ipfw, ipfwadm, ipchains).  Is there such a
> thing for Solaris?  A free one?  It seems like I have to buy another
> package every time I want to do something useful...
> 
> Thanks,
> James
> 
> _______________________________________________
> SunHELP maillist  -  SunHELP at sunhelp.org
> http://www.sunhelp.org/mailman/listinfo/sunhelp
>