468x60 Ads

Monday, December 19, 2016

To prevent block FTP access by anonymous users Solaris 10

To prevent access by anonymous users, add the entry
"defaultserver private" to /etc/ftpd/ftpaccess:

Adding guestserver to the ftpaccess file:
# echo "guestserver" >> /etc/ftpd/ftpaccess

# cat /etc/ftpd/ftpaccess
# ident "@(#)ftpaccess  1.2     03/05/14 SMI"
#
# FTP server configuration file, see ftpaccess(4).
#
class   anonusers       anonymous       *
class   guestusers      guest   *
class   realusers       real    *
loginfails      3
passwd-check    trivial         warn
private         no
shutdown        /etc/ftpd/shutdown.msg
# email         user@hostname
# guestuser     username
# rhostlookup   no
#To prevent access by anonymous users#
defaultserver private

.
.
.
.
guestserver
.
.

Next restart the FTP service :


Veryfy the status now -> blocked FTP access for anonymous user :

C:\Users\U Computers>ftp 172.16.0.1
Connected to 172.16.0.1.
220-_________________________________
220-
220-    welcome to SLT HQ server!
220-     Authorised access only!
220-
220-**********************************
220-
220-
220 NTU-HQ-EMS FTP server ready.
User (172.16.0.1:(none)): anonymous
530 Guest login not allowed on this machine.
Connection closed by remote host.

How to ensure that anonymous FTP has been disabled on a Solaris 10 system


Monday, July 4, 2016

Configuring a NTP(Network Time Protocol ) client on Solaris 10


Configuring a NTP client

 

Create the ntp.conf file

You can use ntp.client file as template and edit ntp.conf
#cd /etc/inet
# cp ntp.client ntp.conf

 Eg :

 #vi /etc/inet/ntp.client
#
# An example file that could be copied over to /etc/inet/ntp.conf; it
# provides a configuration for a host that passively waits for a server
# to provide NTP packets on the ntp multicast net.
#
server 192.168.10.6 prefer
server 172.16.0.2
driftfile /var/ntp/ntp.drift
multicastclient 224.0.1.1
#

Save and exit from ntp.conf
 

Check the NTP server reachability and response to NTP client:

 
# ntpdate -d 192.168.10.6
30 Jun 12:51:46 ntpdate[9927]: ntpdate 3-5.93e+sun 03/06/05 23:16:45 (1.4)
transmit(192.168.10.6)
receive(192.168.10.6)
transmit(192.168.10.6)
receive(192.168.10.6)
transmit(192.168.10.6)
receive(192.168.10.6)
transmit(192.168.10.6)
receive(192.168.10.6)
transmit(192.168.10.6)
server 192.168.10.6, port 123
stratum 4, precision -18, leap 00, trust 000
refid [127.127.1.0], delay 0.02591, dispersion 0.00000
transmitted 4, in filter 4
reference time:    db1f46e8.a3e1a000  Thu, Jun 30 2016 12:51:12.640
originate timestamp: db1f470a.efb60000  Thu, Jun 30 2016 12:51:46.936
transmit timestamp:  db1f470a.efa4d000  Thu, Jun 30 2016 12:51:46.936
filter delay:  0.02599  0.02591  0.02591  0.02591
                   0.00000  0.00000  0.00000  0.00000
filter offset: 0.000024 0.000012 0.000012 0.000012

                  0.000000 0.000000 0.000000 0.000000
delay 0.02591, dispersion 0.00000
offset 0.000012
30 Jun 12:51:46 ntpdate[9927]: adjust time server 172.16.0.2 offset 0.000012 sec

 

Start the ntpd daemon

# svcadm enable svc:/network/ntp:default

Check the ntp service status:

#svcs ntp
STATE  STIME   FMRI
online 10:23:44 svc:/network/ntp:default

 
driftfile /var/ntp/ntp.drift à The difference between your clock and the time provided by NTP servers can be examined by viwing the drift file:

Eg:
# cat /var/ntp/ntp.drift
-40.65

Once the service is running you can check which server is sync with the client:

if there is * against 192.168.10.6 means NTP sync is working with particular server.

- outlyer

The peer is discarded by the clustering algorithm as an outlyer.

+ candidat

The peer is a survivor and a candidate for the combining algorithm.

# selected

The peer is a survivor, but not among the first six peers sorted by synchronization distance. If the association is ephemeral, it may be demobilized to conserve resources.

* sys.peer

The peer has been declared the system peer and lends its variables to the system variables.

  

NTP default port :123 UDP

 

Thursday, June 26, 2014

Capture snoop Output Into a File in Solaris



Save snoop capture output into file in Solaris


Capture a snoop session into a file:


# snoop -o filename


Eg:


# snoop  -o cap.cap ip 50.200.0.4


Using device igb0 (promiscuous mode)


2


 


In above example we can see 2 packets have been captured and saved it in to cap.cap file.We can abort capture at any time using press Control+c.


 
Inspect the snoop output captures file:


# snoop -i filename
Eg:
 # snoop -i a.cap
  1   0.00000   172.16.0.1 -> 50.200.0.4   UDP D=1728 S=51479 LEN=32
  2   0.01544   50.200.0.4 -> 172.16.0.1   ICMP Destination unreachable (UDP port 1728 unreachable)
  3   2.98764   50.200.0.4 -> NTU-HQ-GLOBAL DHCP/BOOTP DHCPDISCOVER
  4   0.00094 NTU-HQ-GLOBAL -> 50.200.0.4   DHCP/BOOTP DHCPOFFER
Or we can inspect this captured file by open through Wireshark