ITPub博客

首页 > Linux操作系统 > Linux操作系统 > [20190211]简单测试端口是否打开(补充).txt

[20190211]简单测试端口是否打开(补充).txt

原创 Linux操作系统 作者:lfree 时间:2019-02-11 15:10:51 0 删除 编辑

[20190211]简单测试端口是否打开(补充).txt


--//上午使用cat < /dev/tcp/ip_address/port方式测试,感觉有点慢,而且发现1521端口受参数INBOUND_CONNECT_TIMEOUT_LISTENER控制.

--//而这个缺省设置就是60秒,下午测试使用ssh端口看看:


# zdate ;cat < /dev/tcp/192.168.100.78/22;zdate

2019/02/11 14:55:25

SSH-2.0-OpenSSH_4.3

2019/02/11 14:57:25


# zdate ;echo a>  /dev/tcp/192.168.100.78/22;zdate

2019/02/11 15:01:09

2019/02/11 15:01:09


--//ssh端口需要120秒(2分钟).


# grep 120 /etc/ssh/sshd_config

# grep 2 /etc/ssh/sshd_config

#       $OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $

#Port 22

#Protocol 2,1

Protocol 2

# HostKeys for protocol version 2

#LoginGraceTime 2m

# similar for protocol version 2


--//可以发现LoginGraceTime参数应该符合定义.

https://www.stigviewer.com/stig/apple_os_x_10.9_mavericks_workstation/2017-01-05/finding/V-58387


Description

SSH should be configured to log users out after a 15 minute interval of inactivity and to only wait 30 seconds before

timing out login attempts. Terminating an idle session within a short time period reduces the window of opportunity for

unauthorized personnel to take control of a management session enabled on the console or console port that has been left

unattended. In addition, quickly terminating an idle session or an incomplete login attempt will also free up resources

committed by the managed network element. 


http://www.faqs.org/docs/securing/chap15sec122.html


LoginGraceTime 600


The option LoginGraceTime specifies how long in seconds after a connection request the server will wait before

disconnecting if the user has not successfully logged in. 


--//修改为30秒,测试看看:

# grep LoginGraceTime /etc/ssh/sshd_config

LoginGraceTime 30

#LoginGraceTime 2m


# service sshd restart

Stopping sshd:         [  OK  ]

Starting sshd:         [  OK  ]


# zdate ;cat < /dev/tcp/192.168.100.78/22;zdate

2019/02/11 15:09:44

SSH-2.0-OpenSSH_4.3

2019/02/11 15:10:14


--//正好30秒.实际上一般每个打开的服务端口都有类似的参数设置.


来自 “ ITPUB博客 ” ,链接:http://blog.itpub.net/267265/viewspace-2619253/,如需转载,请注明出处,否则将追究法律责任。

请登录后发表评论 登录
全部评论
熟悉oracle相关技术,擅长sql优化,rman备份与恢复,熟悉linux shell编程。

注册时间:2008-01-03

  • 博文量
    2317
  • 访问量
    6045831