ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzaie_5.4.0.1/rzaiesetdenial.htm

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
  PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="topic" />
<meta name="DC.Title" content="Set up to secure against a Telnet denial of service attack for HTTP Server" />
<meta name="abstract" content="This topic provides information about how to secure your HTTP Server against a Telnet denial of service attack with the IBM Web Administration for i5/OS interface." />
<meta name="description" content="This topic provides information about how to secure your HTTP Server against a Telnet denial of service attack with the IBM Web Administration for i5/OS interface." />
<meta name="DC.Relation" scheme="URI" content="rzaieparsecurity.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2002,2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2002,2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzaiesetdenial" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Set up to secure against a Telnet denial of service attack for HTTP
Server</title>
</head>
<body id="rzaiesetdenial"><a name="rzaiesetdenial"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Set up to secure against a Telnet denial of service attack for HTTP
Server</h1>
<div><p>This topic provides information about how to secure your HTTP Server
against a Telnet denial of service attack with the <span>IBM<sup>®</sup> Web Administration for i5/OS™ interface</span>.</p>
<div class="important"><span class="importanttitle">Important:</span> Information
for this topic supports the latest PTF levels for HTTP Server for i5/OS .
 It is recommended that you install the latest PTFs to upgrade to the latest
level of the HTTP Server for i5/OS. Some of the topics documented here are
not available prior to this update. See <a href="http://www-03.ibm.com/servers/eserver/iseries/software/http/services/service.html" target="_blank">http://www.ibm.com/servers/eserver/iseries/software/http/services/service.htm</a> <img src="www.gif" alt="Link outside Information Center" /> for more information. </div>
<p>A Telnet attack could result in a denial of service to your HTTP Server.
The configuration to protect against attacks has default settings, but you
may want to change them to suit your individual needs.   </p>
<p>Your HTTP Server can detect a denial of service attack by measuring the
time-out and frequency, or the number of time-outs of certain clients' requests.
If the HTTP Server does not receive a request from the client, then your HTTP
Server determines that a Telnet denial of service attack is in progress. This
occurs after making the initial client connection to your HTTP Server.   </p>
<p>The HTTP Server's default is to perform attack detection and penalization.
However, this default may not be right for your environment. If all access
to your HTTP Server is through a firewall or proxy server or Internet Service
Provider (ISP), then the Telnet denial of service protection is built into
each of these entities. You should turn off the Telnet denial of service protection
for this HTTP Server instance so that the HTTP Server does not falsely detect
a denial of service condition. </p>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzaieparsecurity.htm" title="This topic provides step-by-step tasks for security.">Security tasks</a></div>
</div>
</div><div class="nested1" id="apache"><a name="apache"><!-- --></a><h2 class="topictitle2">Secure against a Telnet denial of service attack for HTTP Server (powered
by Apache)</h2>
<div><ol><li>Click the <span class="uicontrol">Manage</span> tab.</li>
<li>Click the <span class="uicontrol">HTTP Servers</span> subtab.</li>
<li>Select your HTTP Server (powered by Apache) from the <span class="uicontrol">Server</span> list. </li>
<li>Expand <span class="uicontrol">Server Properties</span>.  </li>
<li>Click <span class="uicontrol">System Resources</span>. </li>
<li>Click the <span class="uicontrol">HTTP Connections</span> tab in the form.<div class="note"><span class="notetitle">Note:</span> The
values provided are the current HTTP connections settings used by your Web
server. Continue only if you want to change the default values.</div>
</li>
<li>Enter new values for the provided fields. </li>
<li>Click <span class="uicontrol">Apply</span>. </li>
<li>Click the <span class="uicontrol">Denial of Service</span> tab in the form.<div class="note"><span class="notetitle">Note:</span> The
values provided are the current denial of service settings used by your Web
server. Continue only if you want to change the default values.</div>
</li>
<li>Enter new values for the provided fields. </li>
<li>Click <span class="uicontrol">OK</span>.</li>
</ol>
<p>See <a href="rzaiesetauth.htm#pba">User profiles and required authorities for HTTP Server (powered by Apache)</a> for more information
if you encounter authority problems. </p>
</div>
</div>

</body>
</html>