Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 24 Feb 2007 03:43:58 +0000
From:      "Jim Stapleton" <stapleton.41@gmail.com>
To:        "Harald Schmalzbauer" <h.schmalzbauer@omnisec.de>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: problems with jail
Message-ID:  <80f4f2b20702231943j3fea9f4fxb3919898ad4dfc21@mail.gmail.com>
In-Reply-To: <80f4f2b20702231936m9725099v6e638685273630f0@mail.gmail.com>
References:  <80f4f2b20702231107p1cf7f4f3n5896aa7e8ef0ecaf@mail.gmail.com> <200702240408.40222.h.schmalzbauer@omnisec.de> <80f4f2b20702231921x603c759g9b143b24edfaa7d5@mail.gmail.com> <200702240430.09674.h.schmalzbauer@omnisec.de> <80f4f2b20702231936m9725099v6e638685273630f0@mail.gmail.com>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
addendum, I fixed syslogd by adding this to my rc.conf:
syslogd_flags=3D"-b 192.168.1.84"

However, looking through netstat's man page, I couldn't find the name
of the flag (if it exists) that will show the process name. Does that
require a different tool?

Thank you,
-Jim Stapleton



On 2/24/07, Jim Stapleton <stapleton.41@gmail.com> wrote:
> OK, I have a fairly sizeable list, but it looks like most stuff is
> bound to 192.168.1.84 except two things, one is closed, and the other
> is syslog (guess I have to look at it's man page). It also looks like
> there is something else there. I guess I'll be looking at the netstat
> man page to figure out how to get the name of the daemon touch it:
>
>  > netstat -f inet -a; netstat -f inet6 -a
> Active Internet connections (including servers)
> Proto Recv-Q Send-Q  Local Address          Foreign Address        (state=
)
> tcp4       0      0  192.168.1.84.57256     ar-in-f18.google.http  ESTABL=
ISHED
> tcp4       0      0  192.168.1.84.62237     caim-m05b.blue.a.aol   TIME_W=
AIT
> tcp4       0      0  192.168.1.84.58627     oam-d17a.blue.ao.aol   TIME_W=
AIT
> tcp4       0      0  192.168.1.84.64265     205.188.7.124.aol      TIME_W=
AIT
> tcp4       0      0  192.168.1.84.ssh       *.*                    LISTEN
> tcp4       0      0  *.*                    *.*                    CLOSED
> tcp4       0      0  192.168.1.84.61774     ar-in-f19.google.http  ESTABL=
ISHED
> tcp4       0      0  192.168.1.84.53732     ar-in-f83.google.http  ESTABL=
ISHED
> udp4       0      0  *.syslog               *.*
> Active Internet connections (including servers)
> Proto Recv-Q Send-Q  Local Address          Foreign Address        (state=
)
> udp6       0      0  *.syslog               *.*
>
>
>
> On 2/24/07, Harald Schmalzbauer <h.schmalzbauer@omnisec.de> wrote:
> > Am Samstag, 24. Februar 2007 04:21 schrieb Jim Stapleton:
> > > I did the ssh after you did the previous mail, but it didn't fix the
> > > problem.
> > >
> > > I'm not having problems senmail or named, they were simply mentioned
> > > in the man page. I never had named running, and I didn't realize
> > > sendmail was running. The latter was my problem with sendmail. That
> > > problem as I said is fixed. Beyond that I don't even know which
> > > process on my system are daemons at this point, except usbd and devd,
> > > neither of which (to my knowledge) should be listening to any sockets=
.
> > > Actually there are a couple of kernel processes (pagedaemon, vmdaemon=
,
> > > and bufdaemon), but I don't know where to find documentation on them,
> > > X, and KDM. I can't find anything on limiting sockets of these to a
> > > specific IP only.
> >
> > To see what daemons are listening you can use 'netstat -f inet -a'. The=
n you
> > see if you have to limit some other daemons (use -f inet6 for IPv6 if
> > configured).
> >
> > Please post the output of the command above to see why you get ssh conn=
ections
> > to your jail IP answered by the host's ssh daemon.
> >
> > -Harry
> >
> > --
> > OmniSEC  -  UNIX und Windows Netzwerke - Sicher
> > Harald Schmalzbauer
> > Flintsbacher Str. 3
> > 80686 M=FCnchen
> > +49 (0) 89 18947781
> > +49 (0) 160 93860101
> >
>



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?80f4f2b20702231943j3fea9f4fxb3919898ad4dfc21>