[Info-vax] OpenVMS TCPIP equivalent of hosts.deny?

[David Froble]

Supratim Sanyal wrote:
> In article <mailman.6.1479434491.3125.info-vax_rbnsn.com at rbnsn.com>, 
> kemain.nospam at gmail.com says...
>>> -----Original Message-----
>>> From: Info-vax [mailto:info-vax-bounces at rbnsn.com] On Behalf
>>> Of Simon Clubley via Info-vax
>>> Sent: 17-Nov-16 8:25 PM
>>> To: info-vax at rbnsn.com
>>> Cc: Simon Clubley <clubley at remove_me.eisner.decus.org-
>>> Earth.UFP>
>>> Subject: Re: [Info-vax] OpenVMS TCPIP equivalent of
>>> hosts.deny?
>>>
>>> On 2016-11-17, Michael Moroney
>>> <moroney at world.std.spaamtrap.com> wrote:
>>>> I wrote code years ago that monitors the audit server mailbox
>>> for
>>>> breakin events from the internet and null-routes the source
>>> address
>>>> (actually the
>>>> /24 of the source).  Since I couldn't use the deny capability
>> for
>>> more
>>>> than 16 attempts, I got around that by doing a TCPIP SET
>> ROUTE
>>> to use
>>>> a nonexistent address as a gateway.  So any further attempt
>> to
>>> contact
>>>> from the banned host would have the VMS system attempt to
>>> respond by
>>>> sending to the nonexistent gateway, so the banned host could
>>> never set
>>>> up the TCP connection.  To it it appears as if the system
>>> vanished off
>>>> the net.
>>>>
>>> The downside to that of course is that connection resources are
>>> tied up in the VMS system until the connection times out.
>>>
>>> In the old days, people sometimes used a similar method (not
>>> sending the final ACK during connection setup) to cause a DoS
>>> against a target machine.
>>>
>>> I wonder if current versions of TCP/IP Services are vulnerable
>> to
>>> that.
>>>
>>> Simon.
>>>
> 
> So you block out entire Brazil if one telnet spammer from Brazil is 
> running a script (like in my case) :O

Well, as an example, if I'm selling lawn mower parts in USA and Canada, why does 
my application system(s) want to hear from Brazil, or South Africa, or ....

Not everyone is global ....