problems with jail
Jim Stapleton
stapleton.41 at gmail.com
Sat Feb 24 03:21:13 UTC 2007
I did the ssh after you did the previous mail, but it didn't fix the problem.
I'm not having problems senmail or named, they were simply mentioned
in the man page. I never had named running, and I didn't realize
sendmail was running. The latter was my problem with sendmail. That
problem as I said is fixed. Beyond that I don't even know which
process on my system are daemons at this point, except usbd and devd,
neither of which (to my knowledge) should be listening to any sockets.
Actually there are a couple of kernel processes (pagedaemon, vmdaemon,
and bufdaemon), but I don't know where to find documentation on them,
X, and KDM. I can't find anything on limiting sockets of these to a
specific IP only.
-Jim STapleton
On 2/24/07, Harald Schmalzbauer <h.schmalzbauer at omnisec.de> wrote:
> Am Samstag, 24. Februar 2007 04:01 schrieben Sie:
> > I saw them in there, but that section seemed to be lacking in what I
> > needed to do... I admit I missed the alias until someone reminded me.
> >
> > by lacking I mean:
> > To configure sshd(8), it is necessary to modify /etc/ssh/sshd_config.
> >
> > doesn't tell me what I need to change, and I couldn't find the answer
> > in the docs about sshd. I assume that having the listen port set to
> > 192.168.1.84 should be sufficient, but that doesn't fix the problem
>
> Well, have you sighuped sshd? If you have "ListenAddress 192.168.1.84"
> in /etc/ssh/sshd_config (and sighuped/restarted sshd) it's impossible that it
> answers connections to 192.168.1.85
>
> > OK, I didn't bother editing sendmail and named's files, I thought the
> > suggested: sendmail_enable="NO"
> > would keep it from starting. I did turn off sendmail, but that didn't
> > fix the problem. named is not running, and hasn't run on this machine.
>
> What problems do you have with named and sendmail?
> If you don't need them don't care about, just keep them disabled.
>
> You have to limit listening sockets of all daemons running on the host system.
> That's all.
>
> Best regards,
>
> -Harry
>
> --
> OmniSEC - UNIX und Windows Netzwerke - Sicher
> Harald Schmalzbauer
> Flintsbacher Str. 3
> 80686 München
> +49 (0) 89 18947781
> +49 (0) 160 93860101
>
More information about the freebsd-questions
mailing list