newbie requires info on AIX and firewall

newbie requires info on AIX and firewall

Post by Ken Blinc » Fri, 25 Aug 2000 13:55:40



Hi,

I'm hoping someone's got a minute to give a bit of advice.

I've inhereted an AIX box running IBM's Enetwork Firewall (with no man
pages!).  I've never worked on an AIX box before,. so I'd like to get a
few pointers on some fundamental issues:

O/S version:
a 'uname -a' gives:
AIX 'hostname' 2 4 000343914C00
I'm thinking this means i've got aix version 4 revision 2 - what do the
numbers following mean?

Also, it has IBM eNetwork Firewall  Version 3.2 running.  I cannot seem
to find any information about this version on ibm's site. Does any one
know why there is not reference to eNetwork Firewall on IBM's site?

Lastly,  I'd like to check over the system to see what patches (I think
aix calles them temporary fixes?) are installed.  How can I get my
system up to date?

Any advice would be great.  (if your advice includes RTFM then just let
me know where the M is :)

Thanks

Ken

--
-----------------------------------------------------------

Unix Support Group      Phone: +61 7 322 22221

CITEC,  GPO Box 297     Brisbane, Queensland 4001 Australia

 
 
 

newbie requires info on AIX and firewall

Post by RR » Sat, 26 Aug 2000 04:00:00




> I've inhereted an AIX box running IBM's Enetwork Firewall (with no man
> pages!).  I've never worked on an AIX box before,. so I'd like to get a
> few pointers on some fundamental issues:

Lucky you.  I've inherited several Sun and SGI workstations myself.  
If only I could run AIX on them!

Quote:> O/S version:
> a 'uname -a' gives:
> AIX 'hostname' 2 4 000343914C00
> I'm thinking this means i've got aix version 4 revision 2 - what do the
> numbers following mean?

Well, yes you're running 4.2 but the "oslevel" command will tell you
your full version.  The remaining 12 digits are the machine ID.  The
machine ID can be interpreted into the model of hardware and other
such things but I don't know how to do that off the top of my head.

Quote:> Also, it has IBM eNetwork Firewall  Version 3.2 running.  I cannot seem
> to find any information about this version on ibm's site. Does any one
> know why there is not reference to eNetwork Firewall on IBM's site?

I found this link out there on IBM's site:
http://www.ibm.com/servers/aix/products/ibmsw/e_business/firewall.html

It looked mostly like high level marketing lit, but it may come in
handy for you.  I haven't worked with IBM firewall for about a year,
but I'll tell you that I was very unimpressed by this firewall.  
Checkpoint or PIX from Cisco would be much better options.

Quote:> Lastly,  I'd like to check over the system to see what patches (I think
> aix calles them temporary fixes?) are installed.  How can I get my
> system up to date?

Check out:
http://techsupport.services.ibm.com/rs6k/tools_FixDist.html

AIX is the hands down winner of effective patch distribution in the
Unix world, at least in my mind.  The link above will point you to
info about Fixdist, an excellent tool.  It will scan your system for
you and determine what you need to bring it up to the current level,
then go ftp those PTFs and apply them.

Quote:> Any advice would be great.  (if your advice includes RTFM then just let
> me know where the M is :)

AIX manuals online:
http://www.rs6000.ibm.com/resource/aix_resource/Pubs/index.html

RR

 
 
 

newbie requires info on AIX and firewall

Post by Urban A. Haa » Tue, 29 Aug 2000 04:00:00


A word of warning! I'm not sure you can install AIX fixes onto a machine
running a firewall without overwriting some of the firewall code. You will
want to look at the documentation first and read up on this.

See:
http://www-4.ibm.com/software/security/firewall/library/
It has links to the 3.3 documentation that should be similar to the version
you have installed.

Urban




> > I've inhereted an AIX box running IBM's Enetwork Firewall (with no man
> > pages!).  I've never worked on an AIX box before,. so I'd like to get a
> > few pointers on some fundamental issues:

> Lucky you.  I've inherited several Sun and SGI workstations myself.
> If only I could run AIX on them!

> > O/S version:
> > a 'uname -a' gives:
> > AIX 'hostname' 2 4 000343914C00
> > I'm thinking this means i've got aix version 4 revision 2 - what do the
> > numbers following mean?

> Well, yes you're running 4.2 but the "oslevel" command will tell you
> your full version.  The remaining 12 digits are the machine ID.  The
> machine ID can be interpreted into the model of hardware and other
> such things but I don't know how to do that off the top of my head.

> > Also, it has IBM eNetwork Firewall  Version 3.2 running.  I cannot seem
> > to find any information about this version on ibm's site. Does any one
> > know why there is not reference to eNetwork Firewall on IBM's site?

> I found this link out there on IBM's site:
> http://www.ibm.com/servers/aix/products/ibmsw/e_business/firewall.html

> It looked mostly like high level marketing lit, but it may come in
> handy for you.  I haven't worked with IBM firewall for about a year,
> but I'll tell you that I was very unimpressed by this firewall.
> Checkpoint or PIX from Cisco would be much better options.

> > Lastly,  I'd like to check over the system to see what patches (I think
> > aix calles them temporary fixes?) are installed.  How can I get my
> > system up to date?

> Check out:
> http://techsupport.services.ibm.com/rs6k/tools_FixDist.html

> AIX is the hands down winner of effective patch distribution in the
> Unix world, at least in my mind.  The link above will point you to
> info about Fixdist, an excellent tool.  It will scan your system for
> you and determine what you need to bring it up to the current level,
> then go ftp those PTFs and apply them.

> > Any advice would be great.  (if your advice includes RTFM then just let
> > me know where the M is :)

> AIX manuals online:
> http://www.rs6000.ibm.com/resource/aix_resource/Pubs/index.html

> RR

--
Urban A. Haas
CEO - Urban Technology, Inc.
Minneapolis, MN  USA
Phone: (952) 595-8810    Fax: (952) 595-8710

Web: http://www.urbantechnology.com

This e-mail was composed of 100% recycled bits.

 
 
 

1. IP Firewall Packet logging. Info required.

Recently I had to use Linux IP Firewall...
        The idea was to count the traffic of a number of connections
from a
locxal network to Internet.
        I tried to put a couple of Forward/Incoming/Outgoing accept
rules, and
use the /proc/net/ip_* files to count the traffic.
        The result was, that I saw flaws in the traffic counting.
        A 1.9Mb FTP link was counted to be just 35Kb.

        My question is:
        Am I doing something wrong, or there is something, that I'm
missing.

                Sincerely yours: Sijaiko.

2. Same thread ID as xldb & dbx

3. Info Required (newbie doubt)

4. Kmail question

5. Info required - PPP info & patches for SUN Solaris 2.4

6. New: The HTB utility is not working properly using 2.5.68 kernel

7. Nur zur INFO: Neues Deutsches Board rund um AIX / SECURITY / Firewall m.T.

8. Segmentation fault on install, Slackware 3.1

9. Newbie question : Where to get info on AIX?

10. Matrox Mystique ands X.

11. Sun Internet Site info required

12. Info required on typeset

13. Require info about solaris certification