TMS zl Module Planning and Implementation Guide 2009-08
Table Of Contents
- Contents
- Glossary of Acronyms and Abbreviations
- 1.0 Purpose
- 2.0 Intended Audience
- 3.0 Objectives
- 4.0 Prerequisites
- 5.0 Skills
- 6.0 The HP ProCurve Threat Management Services zl Module
- 7.0 Common TMS Security Control Points
- 8.0 Deployment Considerations
- 9.0 Installation and Preparation of the TMS zl Module
- 10.0 Configuration of the TMS zl Module
- 11.0 Using multiple HP ProCurve Threat Management Services zl Modules
- Appendix A – Additional References
- Appendix B – Sample Company Information Assets Spreadsheet
- Sample “Information Assets” tab (See Embedded “Company Information Assets” Microsoft Excel 2003 spreadsheet)
- “Server Network Details” tab (See Embedded “Company Information Assets” Microsoft Excel 2003 spreadsheet)
- “TMS Zones” tab (See Embedded “Company Information Assets” Microsoft Excel 2003 spreadsheet)
- “Firewall Rules” tab (See Embedded “Company Information Assets” Microsoft Excel 2003 spreadsheet)
- /Sample “Company Information Assets” Microsoft Excel 2003 spreadsheet
- Appendix C – Information Gathering Tools
- Appendix D - Updating Switch Software
- Appendix E – Emergency Recovery Process
Page 3
netstat
netstat is a utility that is included as part of Unix and Unix-like operating systems (ie. Linux,
etc.). It is used for printing the status of network connections, routing tables, interface statistics,
masquerade connections, and multicast memberships.
The following screenshot shows the utility invoked with both the -a (display all processes) and
-n (numeric-only listing) options being “piped” through the grep utility. Grep is used to print
lines matching a pattern (in this case a colon character followed by a literal asterisk character,
not a wildcard as indicated by the preceding backslash). The command “pipes” the output
through the more utility, which is used to display a single page worth of output and then
interactively prompt the user when they want to display more.
The columns of interest for the purposes of this document are:
Proto (1
st
column) – Indicates whether the network connection is TCP or UDP
protocol.
Local Address (4
th
column) – Shows the IP address on the local system and the port
number of the network connection (the number after the final colon)
o E.g. 0.0.0.0:23 means all local IP addresses on port 23, and :::22 means all local
IP addresses on port 22.
Screen shot of netstat –an | grep “:\*” | more
showing what TCP listeners and UDP ports are open on the system.