[20190211]簡單測試埠是否開啟(補充).txt

[20190211]簡單測試埠是否開啟(補充).txt

--//上午使用cat < /dev/tcp/ip_address/port方式測試,感覺有點慢,而且發現1521埠受引數INBOUND_CONNECT_TIMEOUT_LISTENER控制.

--//而這個預設設定就是60秒,下午測試使用ssh埠看看:

# zdate ;cat < /dev/tcp/192.168.100.78/22;zdate

2019/02/11 14:55:25

SSH-2.0-OpenSSH_4.3

2019/02/11 14:57:25

# zdate ;echo a>  /dev/tcp/192.168.100.78/22;zdate

2019/02/11 15:01:09

2019/02/11 15:01:09

--//ssh埠需要120秒(2分鐘).

# grep 120 /etc/ssh/sshd_config

# grep 2 /etc/ssh/sshd_config

#       $OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $

#Port 22

#Protocol 2,1

Protocol 2

# HostKeys for protocol version 2

#LoginGraceTime 2m

# similar for protocol version 2

--//可以發現LoginGraceTime引數應該符合定義.

Description

SSH should be configured to log users out after a 15 minute interval of inactivity and to only wait 30 seconds before

timing out login attempts. Terminating an idle session within a short time period reduces the window of opportunity for

unauthorized personnel to take control of a management session enabled on the console or console port that has been left

unattended. In addition, quickly terminating an idle session or an incomplete login attempt will also free up resources

committed by the managed network element. 

http://www.faqs.org/docs/securing/chap15sec122.html

LoginGraceTime 600

The option LoginGraceTime specifies how long in seconds after a connection request the server will wait before

disconnecting if the user has not successfully logged in. 

--//修改為30秒,測試看看:

# grep LoginGraceTime /etc/ssh/sshd_config

LoginGraceTime 30

#LoginGraceTime 2m

# service sshd restart

Stopping sshd:         [  OK  ]

Starting sshd:         [  OK  ]

# zdate ;cat < /dev/tcp/192.168.100.78/22;zdate

2019/02/11 15:09:44

SSH-2.0-OpenSSH_4.3

2019/02/11 15:10:14

--//正好30秒.實際上一般每個開啟的服務埠都有類似的引數設定.