After reading a previous thread about stopping services from listening
on certains ports, I decided to investigate things a little further for
my system.
So, what I can figure out is that it seems that I have only the
following daemons listening: postfix, sshd, cupsd, XF86_SVGA, portmap.
I have
I need ssh to access some cvs servers. As the files are stored locally
below /usr/local/ and ordinary users have no write access there I called
ssh-keygen as root. But now I have my doubts if this was The Right
Thing to do regarding security. I *do* trust the cvs servers in
question and am not
Hi
On Sat, Dec 08, 2001 at 07:40:06PM +1000, [EMAIL PROTECTED] wrote:
[snip]
So, what I can figure out is that it seems that I have only
the following daemons listening: postfix, sshd, cupsd,
XF86_SVGA, portmap.
I have only deliberately decided to run postfix, sshd and
cupsd. Everything
On Sat, Dec 08, 2001 at 01:25:16PM +0200, Michael Wood wrote:
Hi
On Sat, Dec 08, 2001 at 07:40:06PM +1000, [EMAIL PROTECTED] wrote:
[snip]
So, what I can figure out is that it seems that I have only
the following daemons listening: postfix, sshd, cupsd,
XF86_SVGA, portmap.
I have
On Sat, Dec 08, 2001 at 07:39:44PM +1000, [EMAIL PROTECTED] wrote:
The only ones I didn't know about in this list are portmap and
XF86_SVGA. Firstly, I can't seem to find the config file for X where
you set the --nolisten parameter
From man Xserver(1)
-nolisten trans-type
El dom, 09 de dic de 2001, a las 00:06 +1000,
mdevin decía que:
Make sure your /etc/X11/xinit/xserverrc contains something like
this:
#!/bin/sh
exec /usr/bin/X11/X -dpi 100 -nolisten tcp
Hmmm. This file did not exist on my computer. I don't know why. I
just assumed that it
use NIS or NFS just chown the file again to executable.
OPSS, i mean chmod not chown.
--
Alberto Cortés Martín | Ing. de Telecomunicaciones
email: [EMAIL PROTECTED] | Universidad Carlos III
tel: +34 91 450 09 85 | Madrid
mobile: 600 42 77 57 | Spain
url:
At 15:06 08.12.01, you wrote:
I do want sshd to listen on all (0.0.0.0) but I would like to find a way
to make it only accept connection attempts for a certain user from the
internet but still allow several other users to connect from the LAN. I
do know how to make it accept connections for
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
mdevin == mdevin [EMAIL PROTECTED] writes:
[...]
mdevin The only ones I didn't know about in this list are portmap and
mdevin XF86_SVGA. Firstly, I can't seem to find the config file for X
mdevin where you set the --nolisten parameter - but I
On Sat, Dec 08, 2001 at 01:40:06AM -0800, [EMAIL PROTECTED] wrote:
After reading a previous thread about stopping services from listening
on certains ports, I decided to investigate things a little further for
my system.
So, what I can figure out is that it seems that I have only the
On Sat, Dec 08, 2001 at 08:09:50PM +0100, Guido Hennecke wrote:
At 08.12.2001, Michael Wood wrote:
On Sat, Dec 08, 2001 at 07:40:06PM +1000, [EMAIL PROTECTED] wrote:
[...]
So my question is:
Is there some way to make certain daemons, (say postfix)
listen only on some interfaces? For
Robert Epprecht [EMAIL PROTECTED] writes:
I need ssh to access some cvs servers. As the files are stored locally
below /usr/local/ and ordinary users have no write access there I called
ssh-keygen as root. But now I have my doubts if this was The Right
Thing to do regarding security. I
Postfix is configurable as to which interfaces it listens to. So are samba,
courier-imap, apache. The only problem is that each one has its own
completely different kind of configuration file.
The new vserver patch (for 2.4.16) can be used to force processes to use
only one interface.
~mark
On Sat, Dec 08, 2001 at 11:57:51PM +0100, Guido Hennecke wrote:
At 08.12.2001, Phillip Hofmeister wrote:
grr...forgot to reply to list...
It was not necessary because...
From: Phillip Hofmeister [EMAIL PROTECTED]
ORyou could use IPCHAINS or IPTABLES to REJECT (or DENY) the
On Sun, Dec 09, 2001 at 12:06:26AM +1000, [EMAIL PROTECTED] wrote:
I do want sshd to listen on all (0.0.0.0) but I would like to find a way
to make it only accept connection attempts for a certain user from the
internet but still allow several other users to connect from the LAN. I
do know
I need ssh to access some cvs servers. As the files are stored locally
below /usr/local/ and ordinary users have no write access there I called
ssh-keygen as root. But now I have my doubts if this was The Right
Thing to do regarding security. I *do* trust the cvs servers in
question and am not
Hi
On Sat, Dec 08, 2001 at 07:40:06PM +1000, [EMAIL PROTECTED] wrote:
[snip]
So, what I can figure out is that it seems that I have only
the following daemons listening: postfix, sshd, cupsd,
XF86_SVGA, portmap.
I have only deliberately decided to run postfix, sshd and
cupsd. Everything
Hello
Sorry for my last mail, I sent it to a wrong list.
Pardon.
thx
An-Dee
On Sat, Dec 08, 2001 at 01:25:16PM +0200, Michael Wood wrote:
Hi
On Sat, Dec 08, 2001 at 07:40:06PM +1000, [EMAIL PROTECTED] wrote:
[snip]
So, what I can figure out is that it seems that I have only
the following daemons listening: postfix, sshd, cupsd,
XF86_SVGA, portmap.
I have
On Sat, Dec 08, 2001 at 07:39:44PM +1000, [EMAIL PROTECTED] wrote:
The only ones I didn't know about in this list are portmap and
XF86_SVGA. Firstly, I can't seem to find the config file for X where
you set the --nolisten parameter
From man Xserver(1)
-nolisten trans-type
El dom, 09 de dic de 2001, a las 00:06 +1000,
mdevin decía que:
Make sure your /etc/X11/xinit/xserverrc contains something like
this:
#!/bin/sh
exec /usr/bin/X11/X -dpi 100 -nolisten tcp
Hmmm. This file did not exist on my computer. I don't know why. I
just assumed that it
use NIS or NFS just chown the file again to executable.
OPSS, i mean chmod not chown.
--
Alberto Cortés Martín | Ing. de Telecomunicaciones
email: [EMAIL PROTECTED] | Universidad Carlos III
tel: +34 91 450 09 85 | Madrid
mobile: 600 42 77 57 | Spain
url:
Robert Epprecht [EMAIL PROTECTED] writes:
I need ssh to access some cvs servers. As the files are stored locally
below /usr/local/ and ordinary users have no write access there I called
ssh-keygen as root. But now I have my doubts if this was The Right
Thing to do regarding security. I
At 15:06 08.12.01, you wrote:
I do want sshd to listen on all (0.0.0.0) but I would like to find a way
to make it only accept connection attempts for a certain user from the
internet but still allow several other users to connect from the LAN. I
do know how to make it accept connections for
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
mdevin == mdevin [EMAIL PROTECTED] writes:
[...]
mdevin The only ones I didn't know about in this list are portmap and
mdevin XF86_SVGA. Firstly, I can't seem to find the config file for X
mdevin where you set the --nolisten parameter - but I
On Sat, Dec 08, 2001 at 01:40:06AM -0800, [EMAIL PROTECTED] wrote:
After reading a previous thread about stopping services from listening
on certains ports, I decided to investigate things a little further for
my system.
So, what I can figure out is that it seems that I have only the
grr...forgot to reply to list...
- Original Message -
From: Phillip Hofmeister [EMAIL PROTECTED]
To: Guido Hennecke [EMAIL PROTECTED]
Sent: Saturday, December 08, 2001 3:10 PM
Subject: Re: Can a daemon listen only on some interfaces?
ORyou could use IPCHAINS or IPTABLES to REJECT
On Sat, Dec 08, 2001 at 08:09:50PM +0100, Guido Hennecke wrote:
At 08.12.2001, Michael Wood wrote:
On Sat, Dec 08, 2001 at 07:40:06PM +1000, [EMAIL PROTECTED] wrote:
[...]
So my question is:
Is there some way to make certain daemons, (say postfix)
listen only on some interfaces? For
Postfix is configurable as to which interfaces it listens to. So are samba,
courier-imap, apache. The only problem is that each one has its own
completely different kind of configuration file.
The new vserver patch (for 2.4.16) can be used to force processes to use
only one interface.
~mark
On Sat, Dec 08, 2001 at 11:57:51PM +0100, Guido Hennecke wrote:
At 08.12.2001, Phillip Hofmeister wrote:
grr...forgot to reply to list...
It was not necessary because...
From: Phillip Hofmeister [EMAIL PROTECTED]
ORyou could use IPCHAINS or IPTABLES to REJECT (or DENY) the
On Sun, Dec 09, 2001 at 12:06:26AM +1000, [EMAIL PROTECTED] wrote:
I do want sshd to listen on all (0.0.0.0) but I would like to find a way
to make it only accept connection attempts for a certain user from the
internet but still allow several other users to connect from the LAN. I
do know
31 matches
Mail list logo
