[Info-vax] OpenVMS TCPIP equivalent of hosts.deny?
Michael Moroney
moroney at world.std.spaamtrap.com
Wed Nov 16 22:35:36 EST 2016
Supratim Sanyal <supratim at riseup.invalid> writes:
>Hi,
>I am wondering if it is possible to maintain a "deny" file to use with
>the analyze/audit report generated from a batch job daily
>(http://sanyalnet-openvms-vax.freeddns.org:82/falserver/intrusions.txt)
>to keep these telnet spammers in control. Is there a "hosts.deny"
>equivalent that I can use to save a sorted unique list in for TCPIP to
>drop connections from?
The HP TCP/IP has a real limited "deny" capability, something like 16
entries only.
I wrote code years ago that monitors the audit server mailbox for breakin
events from the internet and null-routes the source address (actually the
/24 of the source). Since I couldn't use the deny capability for more
than 16 attempts, I got around that by doing a TCPIP SET ROUTE to use
a nonexistent address as a gateway. So any further attempt to contact
from the banned host would have the VMS system attempt to respond by
sending to the nonexistent gateway, so the banned host could never set up
the TCP connection. To it it appears as if the system vanished off the
net.
>--
>Supratim Sanyal
>DECNET VMSMAIL: QCOCAL::SANYAL (via HECNET)
>Internet email: http://mcaf.ee/sdlg9f
>SANYALnet QCOCAL OpenVMS 7.3: telnet://sanyalnet-openvms-
>vax.freeddns.org
>SunOS 5.11 / Solaris 11 OpenIndiana: ssh sanyal.duckdns.org
>SanyalCraft Minecraft Server: sanyal.duckdns.org:25565
>
More information about the Info-vax
mailing list