On Sun, Dec 09, 2001 at 12:06:26AM +1000, [EMAIL PROTECTED] wrote:
> I do want sshd to listen on all (0.0.0.0) but I would like to find a way
> to make it only accept connection attempts for a certain user from the
> internet but still allow several other users to connect from the LAN. I
> do know
On Sat, Dec 08, 2001 at 11:57:51PM +0100, Guido Hennecke wrote:
> At 08.12.2001, Phillip Hofmeister wrote:
> > grr...forgot to reply to list...
>
> It was not necessary because...
>
> > From: Phillip Hofmeister <[EMAIL PROTECTED]>
> > > ORyou could use IPCHAINS or IPTABLES to REJECT (or DENY)
On Sun, Dec 09, 2001 at 12:06:26AM +1000, [EMAIL PROTECTED] wrote:
> I do want sshd to listen on all (0.0.0.0) but I would like to find a way
> to make it only accept connection attempts for a certain user from the
> internet but still allow several other users to connect from the LAN. I
> do kno
On Sat, Dec 08, 2001 at 11:57:51PM +0100, Guido Hennecke wrote:
> At 08.12.2001, Phillip Hofmeister wrote:
> > grr...forgot to reply to list...
>
> It was not necessary because...
>
> > From: Phillip Hofmeister <[EMAIL PROTECTED]>
> > > ORyou could use IPCHAINS or IPTABLES to REJECT (or DENY
Postfix is configurable as to which interfaces it listens to. So are samba,
courier-imap, apache. The only problem is that each one has its own
completely different kind of configuration file.
The new vserver patch (for 2.4.16) can be used to force processes to use
only one interface.
~mark
Postfix is configurable as to which interfaces it listens to. So are samba,
courier-imap, apache. The only problem is that each one has its own
completely different kind of configuration file.
The new vserver patch (for 2.4.16) can be used to force processes to use
only one interface.
~mark
-
On Sat, Dec 08, 2001 at 08:09:50PM +0100, Guido Hennecke wrote:
> At 08.12.2001, Michael Wood wrote:
> > On Sat, Dec 08, 2001 at 07:40:06PM +1000, [EMAIL PROTECTED] wrote:
> [...]
> > > So my question is:
> > > Is there some way to make certain daemons, (say postfix)
> > > listen only on some inter
grr...forgot to reply to list...
- Original Message -
From: Phillip Hofmeister <[EMAIL PROTECTED]>
To: Guido Hennecke <[EMAIL PROTECTED]>
Sent: Saturday, December 08, 2001 3:10 PM
Subject: Re: Can a daemon listen only on some interfaces?
> ORyou could use IPCHAINS or IPTABLES to REJEC
On Sat, Dec 08, 2001 at 01:40:06AM -0800, [EMAIL PROTECTED] wrote:
> After reading a previous thread about stopping services from listening
> on certains ports, I decided to investigate things a little further for
> my system.
> So, what I can figure out is that it seems that I have only the
> foll
On Sat, Dec 08, 2001 at 08:09:50PM +0100, Guido Hennecke wrote:
> At 08.12.2001, Michael Wood wrote:
> > On Sat, Dec 08, 2001 at 07:40:06PM +1000, [EMAIL PROTECTED] wrote:
> [...]
> > > So my question is:
> > > Is there some way to make certain daemons, (say postfix)
> > > listen only on some inte
grr...forgot to reply to list...
- Original Message -
From: Phillip Hofmeister <[EMAIL PROTECTED]>
To: Guido Hennecke <[EMAIL PROTECTED]>
Sent: Saturday, December 08, 2001 3:10 PM
Subject: Re: Can a daemon listen only on some interfaces?
> ORyou could use IPCHAINS or IPTABLES to REJE
On Sat, Dec 08, 2001 at 01:40:06AM -0800, [EMAIL PROTECTED] wrote:
> After reading a previous thread about stopping services from listening
> on certains ports, I decided to investigate things a little further for
> my system.
> So, what I can figure out is that it seems that I have only the
> fol
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> "mdevin" == mdevin <[EMAIL PROTECTED]> writes:
[...]
mdevin> The only ones I didn't know about in this list are portmap and
mdevin> XF86_SVGA. Firstly, I can't seem to find the config file for X
mdevin> where you set the --nolisten parameter
At 15:06 08.12.01, you wrote:
>I do want sshd to listen on all (0.0.0.0) but I would like to find a way
>to make it only accept connection attempts for a certain user from the
>internet but still allow several other users to connect from the LAN. I
>do know how to make it accept connections for
Robert Epprecht <[EMAIL PROTECTED]> writes:
> I need ssh to access some cvs servers. As the files are stored locally
> below /usr/local/ and ordinary users have no write access there I called
> ssh-keygen as root. But now I have my doubts if this was The Right
> Thing to do regarding security.
> use NIS or NFS just chown the file again to executable.
OPSS, i mean chmod not chown.
--
Alberto Cortés Martín | Ing. de Telecomunicaciones
email: [EMAIL PROTECTED] | Universidad Carlos III
tel: +34 91 450 09 85 | Madrid
mobile: 600 42 77 57 | Spain
url: http://montoya.aig.uc3m.
El dom, 09 de dic de 2001, a las 00:06 +1000,
mdevin decía que:
> > Make sure your /etc/X11/xinit/xserverrc contains something like
> > this:
> >
> > #!/bin/sh
> > exec /usr/bin/X11/X -dpi 100 -nolisten tcp
>
> Hmmm. This file did not exist on my computer. I don't know why. I
> just assumed
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> "mdevin" == mdevin <[EMAIL PROTECTED]> writes:
[...]
mdevin> The only ones I didn't know about in this list are portmap and
mdevin> XF86_SVGA. Firstly, I can't seem to find the config file for X
mdevin> where you set the --nolisten parameter
On Sat, Dec 08, 2001 at 07:39:44PM +1000, [EMAIL PROTECTED] wrote:
>
> The only ones I didn't know about in this list are portmap and
> XF86_SVGA. Firstly, I can't seem to find the config file for X where
> you set the --nolisten parameter
>From man Xserver(1)
-nolisten trans-type
On Sat, Dec 08, 2001 at 01:25:16PM +0200, Michael Wood wrote:
> Hi
>
> On Sat, Dec 08, 2001 at 07:40:06PM +1000, [EMAIL PROTECTED] wrote:
> [snip]
> > So, what I can figure out is that it seems that I have only
> > the following daemons listening: postfix, sshd, cupsd,
> > XF86_SVGA, portmap.
> >
At 15:06 08.12.01, you wrote:
>I do want sshd to listen on all (0.0.0.0) but I would like to find a way
>to make it only accept connection attempts for a certain user from the
>internet but still allow several other users to connect from the LAN. I
>do know how to make it accept connections for
Robert Epprecht <[EMAIL PROTECTED]> writes:
> I need ssh to access some cvs servers. As the files are stored locally
> below /usr/local/ and ordinary users have no write access there I called
> ssh-keygen as root. But now I have my doubts if this was The Right
> Thing to do regarding security.
> use NIS or NFS just chown the file again to executable.
OPSS, i mean chmod not chown.
--
Alberto Cortés Martín | Ing. de Telecomunicaciones
email: [EMAIL PROTECTED] | Universidad Carlos III
tel: +34 91 450 09 85 | Madrid
mobile: 600 42 77 57 | Spain
url: http://montoya.aig.uc3m
El dom, 09 de dic de 2001, a las 00:06 +1000,
mdevin decía que:
> > Make sure your /etc/X11/xinit/xserverrc contains something like
> > this:
> >
> > #!/bin/sh
> > exec /usr/bin/X11/X -dpi 100 -nolisten tcp
>
> Hmmm. This file did not exist on my computer. I don't know why. I
> just assumed
On Sat, Dec 08, 2001 at 07:39:44PM +1000, [EMAIL PROTECTED] wrote:
>
> The only ones I didn't know about in this list are portmap and
> XF86_SVGA. Firstly, I can't seem to find the config file for X where
> you set the --nolisten parameter
>From man Xserver(1)
-nolisten trans-type
On Sat, Dec 08, 2001 at 01:25:16PM +0200, Michael Wood wrote:
> Hi
>
> On Sat, Dec 08, 2001 at 07:40:06PM +1000, [EMAIL PROTECTED] wrote:
> [snip]
> > So, what I can figure out is that it seems that I have only
> > the following daemons listening: postfix, sshd, cupsd,
> > XF86_SVGA, portmap.
> >
Hello
Sorry for my last mail, I sent it to a wrong list.
Pardon.
thx
An-Dee
Hi
On Sat, Dec 08, 2001 at 07:40:06PM +1000, [EMAIL PROTECTED] wrote:
[snip]
> So, what I can figure out is that it seems that I have only
> the following daemons listening: postfix, sshd, cupsd,
> XF86_SVGA, portmap.
>
> I have only deliberately decided to run postfix, sshd and
> cupsd. Everyth
I need ssh to access some cvs servers. As the files are stored locally
below /usr/local/ and ordinary users have no write access there I called
ssh-keygen as root. But now I have my doubts if this was The Right
Thing to do regarding security. I *do* trust the cvs servers in
question and am not p
After reading a previous thread about stopping services from listening
on certains ports, I decided to investigate things a little further for
my system.
So, what I can figure out is that it seems that I have only the
following daemons listening: postfix, sshd, cupsd, XF86_SVGA, portmap.
I have o
Hello
Sorry for my last mail, I sent it to a wrong list.
Pardon.
thx
An-Dee
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Hi
On Sat, Dec 08, 2001 at 07:40:06PM +1000, [EMAIL PROTECTED] wrote:
[snip]
> So, what I can figure out is that it seems that I have only
> the following daemons listening: postfix, sshd, cupsd,
> XF86_SVGA, portmap.
>
> I have only deliberately decided to run postfix, sshd and
> cupsd. Everyt
I need ssh to access some cvs servers. As the files are stored locally
below /usr/local/ and ordinary users have no write access there I called
ssh-keygen as root. But now I have my doubts if this was The Right
Thing to do regarding security. I *do* trust the cvs servers in
question and am not
After reading a previous thread about stopping services from listening
on certains ports, I decided to investigate things a little further for
my system.
So, what I can figure out is that it seems that I have only the
following daemons listening: postfix, sshd, cupsd, XF86_SVGA, portmap.
I have
34 matches
Mail list logo
