ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » News/Updates » Updated: New version of BlockIP2

Post new topic  Reply to topic Goto page 1, 2, 3  Next
 Updated: New version of BlockIP2 « View previous topic :: View next topic » 
Author Message
oz1ccg
PostPosted: Sat Jan 10, 2004 10:34 am    Post subject: Updated: New version of BlockIP2 Reply with quote

Yatiri

Joined: 10 Feb 2002
Posts: 628
Location: Denmark

Hi.....

Just launced a new version of BlockIP, which supports blocking og JMS default user and mqm/MUSR_MQADMIN.

The exit is improved so you can use multi patterns and not just one from the first version of the exit.

New features is specified like:
To use multipattern seperate the patterns with a semicolon( like this:
alt chl(MQT2.TCP.MQT1) chltype(SVRCONN) + * OR: any other type
SCYDATA('172.20.109.*;172.221.*;10.31.*') +
scyexit('c:\path..\BlockIP2(BlockExit)') * NT
This will allow communication from any computer in the172.20.109.*, 172.221.* and 10.31.* networks.

You can also use a single position placeholder in the pattern:
alt chl(MQT2.TCP.MQT1) chltype(SVRCONN) + * OR: any other type
SCYDATA('192.168.??.20;10.31.*') +
scyexit('c:\path..\BlockIP2(BlockExit)') * NT
This will allow any IP-addr matching 192.168.10.20, 192.168.11.20.. 192.168.99.20 to pass verification.

http://www.mrmq.dk/BlockIP2.htm

I hope it can help you....

Just my $0.02
_________________
Regards, Jørgen
Home of BlockIP2, the last free MQ Security exit ver. 3.00
Cert. on WMQ, WBIMB, SWIFT.


Last edited by oz1ccg on Wed Aug 09, 2006 8:46 am; edited 1 time in total
Back to top
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
Michael Dag
PostPosted: Sun Jan 11, 2004 5:00 am    Post subject: Reply with quote

Jedi Knight

Joined: 13 Jun 2002
Posts: 2602
Location: The Netherlands (Amsterdam)

Certainly news worthy!
I'll move it to MQSeries News/Updates and leave a pointer in the Links forum.

Michael
Back to top
View user's profile Send private message Visit poster's website MSN Messenger
oz1ccg
PostPosted: Thu Jan 22, 2004 4:34 pm    Post subject: Reply with quote

Yatiri

Joined: 10 Feb 2002
Posts: 628
Location: Denmark


_________________
Regards, Jørgen
Home of BlockIP2, the last free MQ Security exit ver. 3.00
Cert. on WMQ, WBIMB, SWIFT.
Back to top
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
Michael Dag
PostPosted: Mon Feb 23, 2004 5:38 am    Post subject: Reply with quote

Jedi Knight

Joined: 13 Jun 2002
Posts: 2602
Location: The Netherlands (Amsterdam)

New link address http://www.mrmq.dk/BlockIP.htm

New Functionality:
- allow to specify parameters in a file, rather then SCYDATA itself
- allow pattern matching on both IP patterns AND a Userid patterns

Michael
Back to top
View user's profile Send private message Visit poster's website MSN Messenger
oz1ccg
PostPosted: Fri Mar 05, 2004 6:51 am    Post subject: Reply with quote

Yatiri

Joined: 10 Feb 2002
Posts: 628
Location: Denmark

Due to a serious security Hazard, have I updated the BlockIP2 exit, BlockIP will soon have the same updates.

The main problem is it's possible to bypass the exit, if the other end sends a sec_msg (on SVRCONN) only.

By the way BlockIP2 is now able to do more filtering based on SSL names, so it's possible to change MCAUSER or BLOCK certain certificates.

And BlockIP2 still resides here: http://www.mrmq.dk/BlockIP.htm

Just my $0.02
_________________
Regards, Jørgen
Home of BlockIP2, the last free MQ Security exit ver. 3.00
Cert. on WMQ, WBIMB, SWIFT.
Back to top
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
oz1ccg
PostPosted: Sun Jun 06, 2004 3:02 pm    Post subject: Reply with quote

Yatiri

Joined: 10 Feb 2002
Posts: 628
Location: Denmark

I guess it'a about time to say that version 2.12 of BlockIP2 is ready to fly, currrently it's marked as Beta. Just wainting for your feedback, before it can replace the "old" version.

This is the rewritten exit (thanks to Sid), it have gone under some testing round the globe, so I hope it will meet your needs.

Here is the direct link: http://www.mrmq.dk/BlockIP.htm#BlockIP2_version_2.1x

Just my $0.02
_________________
Regards, Jørgen
Home of BlockIP2, the last free MQ Security exit ver. 3.00
Cert. on WMQ, WBIMB, SWIFT.
Back to top
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
oz1ccg
PostPosted: Fri Aug 20, 2004 12:07 pm    Post subject: Reply with quote

Yatiri

Joined: 10 Feb 2002
Posts: 628
Location: Denmark

New version of BlockIP2 version 2.15 is ready for download

Highlights:Completely rewritten thanks to Sid Young, and extented with some functions.

Ported to z/OS by Neil Casey.

This means that we have one source version that should be able to support: z/OS, AIX, Linux Solaris, HP-UX, Windows platforms.

These enhancements have made it easy to add new functions.

Here is the direct link:
http://www.mrmq.dk/BlockIP.htm#BlockIP2_version_2.1x

Just my $0.02
_________________
Regards, Jørgen
Home of BlockIP2, the last free MQ Security exit ver. 3.00
Cert. on WMQ, WBIMB, SWIFT.
Back to top
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
oz1ccg
PostPosted: Sun Apr 24, 2005 12:46 pm    Post subject: Reply with quote

Yatiri

Joined: 10 Feb 2002
Posts: 628
Location: Denmark

New version of BlockIP2 version 2.20 Beta is ready for download

Highlights: This version is ready for WebSphere MQ version 6.0 and got functions to control the number of connections on SVRCONN. This function was requested by many over time, so now it's ready. Give it a try. And it's still free of charge
This version is currently not shipped for z/OS Yet, there are some testing I need to do first.

Here is the direct link:
http://mrmq.dk/index.htm?BlockIP2.htm#Version_2.20_enhancement
_________________
Regards, Jørgen
Home of BlockIP2, the last free MQ Security exit ver. 3.00
Cert. on WMQ, WBIMB, SWIFT.
Back to top
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
oz1ccg
PostPosted: Fri Sep 23, 2005 1:41 pm    Post subject: Reply with quote

Yatiri

Joined: 10 Feb 2002
Posts: 628
Location: Denmark

New version of BlockIP2 version 2.32 Beta is ready for download
(I hope it's without some of the last bugs...)

There is added funtionality to control the number of simultain connctions, and refuse more connections when the limit is reached. And it supports now z/OS too. The implementaion uses shared memory/dataspace on UNIX, Linux and z/OS to gain performace.

Here is the direct link:
http://mrmq.dk/BlockIP2.htm
_________________
Regards, Jørgen
Home of BlockIP2, the last free MQ Security exit ver. 3.00
Cert. on WMQ, WBIMB, SWIFT.
Back to top
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
oz1ccg
PostPosted: Wed Mar 01, 2006 9:33 am    Post subject: Reply with quote

Yatiri

Joined: 10 Feb 2002
Posts: 628
Location: Denmark

New version of BlockIP2 version 2.44 Beta is ready for download
(I hope it's without some of the last bugs...)

I've added shared memory handling for windows too. To gain performance using the channel limitter.

The storage leak in the previous release should also be history now.

Here is the direct link:
http://mrmq.dk/BlockIP2.htm

-- Lock it or Lose it --
_________________
Regards, Jørgen
Home of BlockIP2, the last free MQ Security exit ver. 3.00
Cert. on WMQ, WBIMB, SWIFT.
Back to top
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
LuisFer
PostPosted: Fri Mar 03, 2006 1:17 pm    Post subject: Reply with quote

Partisan

Joined: 17 Aug 2002
Posts: 302

Thanks, thanks, thanks a lot for this work, Jørgen

Today i installed on my z/OS (Test) this Version , working fine.

Thanks nwely.
Back to top
View user's profile Send private message
LuisFer
PostPosted: Sun Mar 05, 2006 12:43 am    Post subject: Reply with quote

Partisan

Joined: 17 Aug 2002
Posts: 302

Review how works the exit on z/OS i see that every Conn (on SVRCONN CHLS) up the Real Storage 2 frames (up the line), and this memory is not freed when DISCON the channel.
Except this one the exit works fine.
Back to top
View user's profile Send private message
osborn lawrence
PostPosted: Mon Apr 17, 2006 11:16 pm    Post subject: Reply with quote

Newbie

Joined: 15 Jul 2004
Posts: 3
Location: Bangalore

Hello,

I am using BlockIP 2.15. Is there a way to specify more than 256 characters in the "Patterns" variable in the configurations file ?

We have a requirement to specify around 50 IP's in "Patterns"

Is this possible in the 2.48 latest version ?

Are there any work arounds ?

Why is this restrication in the first place ?

Thanks in advance for your responses.

Osborn
_________________
Osborn Lawrence
IBM Certified MQSeries Specialist
MQSeries Administrator
Back to top
View user's profile Send private message
oz1ccg
PostPosted: Wed Apr 19, 2006 11:34 am    Post subject: Reply with quote

Yatiri

Joined: 10 Feb 2002
Posts: 628
Location: Denmark

Shure it can be lifted. I have to analyze the consequences about raising it (and some other settings). It's all just a matter about storage consumption.

-- Lock it or Lose it --
_________________
Regards, Jørgen
Home of BlockIP2, the last free MQ Security exit ver. 3.00
Cert. on WMQ, WBIMB, SWIFT.
Back to top
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
oz1ccg
PostPosted: Tue Jun 13, 2006 2:31 pm    Post subject: Reply with quote

Yatiri

Joined: 10 Feb 2002
Posts: 628
Location: Denmark

Hi There, a new kid is in town, together with T&M 2006 in Atlanta: a fresh release of BlockIP2 (2.55)

With some new features like filtering based on hostnames and DNS lookup.
IPv6 readiness in hostnames and filtering.
Enhanced SSL filtering.

Room for more patterns, SSL rows.

-- Lock it or Lose it --
_________________
Regards, Jørgen
Home of BlockIP2, the last free MQ Security exit ver. 3.00
Cert. on WMQ, WBIMB, SWIFT.
Back to top
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
Display posts from previous:   
Post new topic  Reply to topic Goto page 1, 2, 3  Next Page 1 of 3

MQSeries.net Forum Index » News/Updates » Updated: New version of BlockIP2
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
 
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.