[Info-vax] OpenVMS TCPIP equivalent of hosts.deny?

[Supratim Sanyal]

In article <mailman.1.1479388162.3125.info-vax_rbnsn.com at rbnsn.com>, 
kemain.nospam at gmail.com says...
> 
> > -----Original Message-----
> > From: Info-vax [mailto:info-vax-bounces at rbnsn.com] On Behalf
> > Of Michael Moroney via Info-vax
> > Sent: 16-Nov-16 10:36 PM
> > To: info-vax at rbnsn.com
> > Cc: Michael Moroney <moroney at world.std.spaamtrap.com>
> > Subject: Re: [Info-vax] OpenVMS TCPIP equivalent of
> > hosts.deny?
> > 
> > Supratim Sanyal <supratim at riseup.invalid> writes:
> > 
> > >Hi,
> > 
> > >I am wondering if it is possible to maintain a "deny" file to
> use
> > with
> > >the analyze/audit report generated from a batch job daily
> > >(http://sanyalnet-openvms-
> > vax.freeddns.org:82/falserver/intrusions.txt)
> > >to keep these telnet spammers in control. Is there a
> > "hosts.deny"
> > >equivalent that I can use to save a sorted unique list in for
> TCPIP
> > to
> > >drop connections from?
> > 
> > The HP TCP/IP has a real limited "deny" capability, something
> like
> > 16 entries only.
> > 
> > I wrote code years ago that monitors the audit server mailbox
> for
> > breakin events from the internet and null-routes the source
> > address (actually the
> > /24 of the source).  Since I couldn't use the deny capability
> for
> > more than 16 attempts, I got around that by doing a TCPIP SET
> > ROUTE to use a nonexistent address as a gateway.  So any
> further
> > attempt to contact from the banned host would have the VMS
> > system attempt to respond by sending to the nonexistent
> > gateway, so the banned host could never set up the TCP
> > connection.  To it it appears as if the system vanished off the
> net.
> > 
> > 
> 
> Another nice benefit of the new VSI OpenVMS TCPIP stack that is
> to be based on Multinet: (accept/reject commands)

OK Thanks, MULTINET is then one of the options I will look at.