Date: Mon, 8 Apr 1996 23:29:08 -0600 (MDT) From: Dave Andersen <angio@shell.aros.net> To: terry@lambert.org (Terry Lambert) Cc: brian@filoli.com, questions@FreeBSD.org Subject: Re: mystery phone call Message-ID: <199604090529.XAA16632@shell.aros.net> In-Reply-To: <199604082337.QAA03456@phaeton.artisoft.com> from Terry Lambert at "Apr 8, 96 04:37:35 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
Lo and behold, Terry Lambert once said:
> A security audit is run nightly (makes for a bad machine for a
> bedroom). It can be disabled by modifying /etc/daily.
>
> The log should be in the root mailbox. Login as root and run
> mail.
>
> I'd be surprised if it made a call. If you have a service provider,
> then when it went to do the name lookup, if you have your network
> configured incorrectly, it could have been sendmail firing the
> phone call off to talk to your nameserver.
Actually, it's not sendmail doing the lookup. My home machine calls in
at 2am to my network as regularly as clockwork. The explanation is a
call in /etc/daily:
echo "network:"
netstat -i
echo ""
netstat -i attempts to do a reverse namelookup on the addresses it
presents to you for inspection.
If you want to stop your machine from dialing in, change the
'netstat -i' call to a 'netstat -ni'. I haven't bothered because I find
it quaint that my computer likes to dialin at 2am, and it makes a neat
clock to tell me that I'm up too late again.
-Dave Andersen
--
angio@aros.net Complete virtual hosting and business-oriented
system administration Internet services. (WWW, FTP, email)
http://www.aros.net/ http://www.aros.net/about/virtual
"There are only two industries that refer to thier customers as 'users'."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199604090529.XAA16632>