From owner-freebsd-questions@FreeBSD.ORG  Sat Feb 24 03:21:13 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 8115E16A402
	for <freebsd-questions@freebsd.org>;
	Sat, 24 Feb 2007 03:21:13 +0000 (UTC)
	(envelope-from stapleton.41@gmail.com)
Received: from nf-out-0910.google.com (nf-out-0910.google.com [64.233.182.187])
	by mx1.freebsd.org (Postfix) with ESMTP id E708413C428
	for <freebsd-questions@freebsd.org>;
	Sat, 24 Feb 2007 03:21:12 +0000 (UTC)
	(envelope-from stapleton.41@gmail.com)
Received: by nf-out-0910.google.com with SMTP id k27so829305nfc
	for <freebsd-questions@freebsd.org>;
	Fri, 23 Feb 2007 19:21:11 -0800 (PST)
DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta;
	h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
	b=mDSoeMcCh7Iqyu/6cmpQU/nrx/z/HOC4McvEid+GO3lMjP+BO+sWu+FCJsvJ1bwWkZ7h2dN+UI2qfZ5jz2Y8MXLDo4Eo7wcDqSml0TwDpcl9K3ZWbMPzbLFFicNfw0+Hy2/4soWGHW3r06FU35t1Ls1EtalVij2rl04/BnUYk+U=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta;
	h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
	b=E9Let7i4yNJgn6R5sjz0nj2GOedX9uM6o2+wRHXP06u1neOXCQIcHz6z/BN6lWnWMA9uTi/Lq+i4rnn7rH7Pr2OTU/u4XUALI0+cDyJdNzsqJFd8HNEzDow1Ose/7/ve7D0BQLBgPJm93c2kaEHzwZBzoRexEQc4K72e4790Qic=
Received: by 10.82.155.10 with SMTP id c10mr992362bue.1172287271658;
	Fri, 23 Feb 2007 19:21:11 -0800 (PST)
Received: by 10.82.191.16 with HTTP; Fri, 23 Feb 2007 19:21:11 -0800 (PST)
Message-ID: <80f4f2b20702231921x603c759g9b143b24edfaa7d5@mail.gmail.com>
Date: Sat, 24 Feb 2007 03:21:11 +0000
From: "Jim Stapleton" <stapleton.41@gmail.com>
To: freebsd-questions@freebsd.org
In-Reply-To: <200702240408.40222.h.schmalzbauer@omnisec.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
References: <80f4f2b20702231107p1cf7f4f3n5896aa7e8ef0ecaf@mail.gmail.com>
	<200702240248.19713.h.schmalzbauer@omnisec.de>
	<80f4f2b20702231901k52fa7585w92f61d81b40b7cf5@mail.gmail.com>
	<200702240408.40222.h.schmalzbauer@omnisec.de>
Subject: Re: problems with jail
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 24 Feb 2007 03:21:13 -0000

I did the ssh after you did the previous mail, but it didn't fix the proble=
m.

I'm not having problems senmail or named, they were simply mentioned
in the man page. I never had named running, and I didn't realize
sendmail was running. The latter was my problem with sendmail. That
problem as I said is fixed. Beyond that I don't even know which
process on my system are daemons at this point, except usbd and devd,
neither of which (to my knowledge) should be listening to any sockets.
Actually there are a couple of kernel processes (pagedaemon, vmdaemon,
and bufdaemon), but I don't know where to find documentation on them,
X, and KDM. I can't find anything on limiting sockets of these to a
specific IP only.

-Jim STapleton

On 2/24/07, Harald Schmalzbauer <h.schmalzbauer@omnisec.de> wrote:
> Am Samstag, 24. Februar 2007 04:01 schrieben Sie:
> > I saw them in there, but that section seemed to be lacking in what I
> > needed to do... I admit I missed the alias until someone reminded me.
> >
> > by lacking I mean:
> >      To configure sshd(8), it is necessary to modify /etc/ssh/sshd_conf=
ig.
> >
> > doesn't tell me what I need to change, and I couldn't find the answer
> > in the docs about sshd. I assume that having the listen port set to
> > 192.168.1.84 should be sufficient, but that doesn't fix the problem
>
> Well, have you sighuped sshd? If you have "ListenAddress 192.168.1.84"
> in /etc/ssh/sshd_config (and sighuped/restarted sshd) it's impossible tha=
t it
> answers connections to 192.168.1.85
>
> > OK, I didn't bother editing sendmail and named's files, I thought the
> > suggested: sendmail_enable=3D"NO"
> > would keep it from starting. I did turn off sendmail, but that didn't
> > fix the problem. named is not running, and hasn't run on this machine.
>
> What problems do you have with named and sendmail?
> If you don't need them don't care about, just keep them disabled.
>
> You have to limit listening sockets of all daemons running on the host sy=
stem.
> That's all.
>
> Best regards,
>
> -Harry
>
> --
> OmniSEC  -  UNIX und Windows Netzwerke - Sicher
> Harald Schmalzbauer
> Flintsbacher Str. 3
> 80686 M=FCnchen
> +49 (0) 89 18947781
> +49 (0) 160 93860101
>