UNIX Help Needed ASAP

[freddy333]

How do I disconnect foreign IP tcp connections on a BSD UNIX server?

I know there is a command (tcpdrop or something like that???) that does this, but I cannot remember what it is or how to use it?

Although they do not appear to have actually logged-in or gained access, I am seeing a great deal of unusual activity on a server that generally sees very little activity. A who or w shows I am the only person logged-in, but netstat reveals 2 foreign IPs that should not be there

[docthor]

@nikki6 ...maybe you can help here? The thing I'd do is to restart the interface (if no production server) and check if they'll show up again.

Sent from my wooden drums via Tupperware

[Sogeha]

^^^switch off and on again LOL^^^ First piece of advice from any IT help desk. 

[freddy333]

Thanks, but I am ahead of you. I finally got rid of them by rebooting the server and blocking them via the firewall, but I know there is a much simpler/quicker way to disconnect an IP (via tcpdrop or similar?) in real-time & without having to stop the network or reboot. Anyone?

[imajedi]

Did you try tcpkill

[freddy333]

No, but I will give it a try. How is it used? Can you post a sample command line for a single IP address?

Also, it may be a Linux command as I do not think it is installed on our BSD server.

[imajedi]

$ sudo tcpkill -i wlan0 host 192.168.1.214

-h is help for most commands. Try tcpkill -h to see all the options

https://en.m.wikipedia.org/wiki/Tcpkill

[freddy333]

That looks like what I need, but unfortunately it is not installed. I will have to see if there is a version for BSD.

Thank you.

[cib0rgman]

turn off the interface and turn it on, something like

ifconfig eth0 down
ifconfig eth0 up
 

[freddy333]

Thanks, but that is 1 of the 1st things I tried (unsuccessfully).

[imajedi]

That looks like what I need, but unfortunately it is not installed. I will have to see if there is a version for BSD.
Thank you.

It's it the dnssniff package in Linux. Not sure if that helps for BSD

[RickFlorida]

What is the usefulness or purpose of Unix server?

[imajedi]

What is the usefulness or purpose of Unix server?

Security and reliability are the two main advantages over windows if that's what you're asking

[Nanuq]

And true multi threading with process persistence.

Translation: UNIX is a tool and Windows is a toy.

[Sogeha]

1 hour ago, Nanuq said:

And true multi threading with process persistence.

Translation: UNIX is a tool and Windows is a toy.

I prefer toys that work, so none of mine run Windoze 

Windows is based on MS DOS

MS DOS is based on QDOS which stands for quick and dirty operating system. It was and still is a hacked together bodge job. The kernel is still not stable after 36 years.

Hence operation critical machines tend to,avoid using it.

[RickFlorida]

I remember last year an airport traffic control was crippled because no one could work on the old windows 3.1 or some early version.

So it sounds like the old windows was used by critical operations like air traffic control.

Edited October 10, 2016 by RickFlorida

[Sogeha]

Lots of industrial stuff uses windows NT, especially for event loggers and data servers. I would think keeping aircraft in the air would be a good example of where to use redundancy: two or more different operating systems each using different software, nothing happens unless the outputs on all systems are the same. If not a warning is flashed up and the system is halted, paused or put into a loop in a safe state. 

Personally I just don't trust windows not to freeze, glitch, loose data or go blue screen.