addendum, I fixed syslogd by adding this to my rc.conf: syslogd_flags="-b 192.168.1.84"
However, looking through netstat's man page, I couldn't find the name of the flag (if it exists) that will show the process name. Does that require a different tool? Thank you, -Jim Stapleton On 2/24/07, Jim Stapleton <[EMAIL PROTECTED]> wrote:
OK, I have a fairly sizeable list, but it looks like most stuff is bound to 192.168.1.84 except two things, one is closed, and the other is syslog (guess I have to look at it's man page). It also looks like there is something else there. I guess I'll be looking at the netstat man page to figure out how to get the name of the daemon touch it: > netstat -f inet -a; netstat -f inet6 -a Active Internet connections (including servers) Proto Recv-Q Send-Q Local Address Foreign Address (state) tcp4 0 0 192.168.1.84.57256 ar-in-f18.google.http ESTABLISHED tcp4 0 0 192.168.1.84.62237 caim-m05b.blue.a.aol TIME_WAIT tcp4 0 0 192.168.1.84.58627 oam-d17a.blue.ao.aol TIME_WAIT tcp4 0 0 192.168.1.84.64265 205.188.7.124.aol TIME_WAIT tcp4 0 0 192.168.1.84.ssh *.* LISTEN tcp4 0 0 *.* *.* CLOSED tcp4 0 0 192.168.1.84.61774 ar-in-f19.google.http ESTABLISHED tcp4 0 0 192.168.1.84.53732 ar-in-f83.google.http ESTABLISHED udp4 0 0 *.syslog *.* Active Internet connections (including servers) Proto Recv-Q Send-Q Local Address Foreign Address (state) udp6 0 0 *.syslog *.* On 2/24/07, Harald Schmalzbauer <[EMAIL PROTECTED]> wrote: > Am Samstag, 24. Februar 2007 04:21 schrieb Jim Stapleton: > > I did the ssh after you did the previous mail, but it didn't fix the > > problem. > > > > I'm not having problems senmail or named, they were simply mentioned > > in the man page. I never had named running, and I didn't realize > > sendmail was running. The latter was my problem with sendmail. That > > problem as I said is fixed. Beyond that I don't even know which > > process on my system are daemons at this point, except usbd and devd, > > neither of which (to my knowledge) should be listening to any sockets. > > Actually there are a couple of kernel processes (pagedaemon, vmdaemon, > > and bufdaemon), but I don't know where to find documentation on them, > > X, and KDM. I can't find anything on limiting sockets of these to a > > specific IP only. > > To see what daemons are listening you can use 'netstat -f inet -a'. Then you > see if you have to limit some other daemons (use -f inet6 for IPv6 if > configured). > > Please post the output of the command above to see why you get ssh connections > to your jail IP answered by the host's ssh daemon. > > -Harry > > -- > OmniSEC - UNIX und Windows Netzwerke - Sicher > Harald Schmalzbauer > Flintsbacher Str. 3 > 80686 München > +49 (0) 89 18947781 > +49 (0) 160 93860101 >
_______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
