LISTSERV - HP3000-L Archives

HP3000-L Archives

March 1997, Week 1

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L March 1997, Week 1

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Incoming telnet restrictions?
From:	Cas Caswell <[log in to unmask]>
Reply To:	Cas Caswell <[log in to unmask]>
Date:	Wed, 5 Mar 1997 16:56:53 PST
Content-Type:	text/plain
Parts/Attachments:	text/plain (63 lines)

Subject: Incoming telnet restrictions?
Reply-To: [log in to unmask]

Thomas Roos Wrote:

>I have successfully installed and configured inetd to accept incoming
>telnet sessions on mpe/ix 5.5. Access can be restricted using
>ip-numbers, subnet adresses in inetdsec.net.sys, but is there a way
>to limit the maximum number of telnet-sessions with inetd? I would
  <snip bandwidthectomy >


 James Hofmeister, Goetz Neuman, and Jeff Kell provided good informative
responses already. I'd like to take a moment to do two things. First,
suggest that an afflicted end user have the RC folks enter an SR for this.
Yes, I can do it internally, but it does get better visibility if there
are customer names all over it rather than just labbie fingerprints.

 Second, I wanted to explain why this isn't something we can slip into
the product via CPE. In other words make the change while we're in fixing
something else. It would not be that difficult for us to add logic in the
initialization portion of the driver to check and update a session count
in the KSO we use. The difficulty comes in making it user
friendly/supportable. That is how do we make it so you can tell the driver
how many sessions you want. There is no configuration for the Telnet
Server and no command line interface to make this count easily available
to the driver.

 So to configure max session count we have several possible options:

1: Add a new field to NMMGR. This is a non-trivial amount of work to
                             change the tool and then make the Telnet
                             Server aware of NMCONFIG files.

2: Some other flat file: Fairly easy to do, but puts us into the YAFFS
                         (Yet Another Flat File Syndrome) that Unix users
                         have complained about for configuration.

3: Some CI Var: Probably not too difficult for us to implement. Would it
                be acceptable to system admin types?

4: We document the field in the KSO and let the truely motivated SysAdmins
   run debug to change the count. <grin>

   This one gives me the cold sweats from a support standpoint, but I
   mention it for completeness.


 So if one of y'all would like to step up and have the SR entered, I'll
put our information into it and let it run through the mill. Any feedback
you have on the configuration issue would be greatfully accepted.

Hopefully this is of some help to the list,

Later,

Cas Caswell
CSY Networking
--
=======================================================================
[log in to unmask] (Cas Caswell)   By the way: I said it, not my company.
 =======================================================================

ATOM RSS1 RSS2

RAVEN.UTC.EDU