[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-developers] post restore blues
- Subject: [cobalt-developers] post restore blues
- From: jramer <wormbutt@xxxxxxxxxxxxx>
- Date: Thu May 24 22:19:11 2001
- List-id: Discussion Forum for developers on Cobalt Networks products <cobalt-developers.list.cobalt.com>
Hello.
What can be causing my inability to access my raq 3 from a browser;
telnet or FTP? The only way I can get to it are thru a serial port and a
null modem cable. The *only* changes I have made are in my hosts.allow.
The story, briefly:
I restored my raq via .iso on Tuesday. Gave the box a local IP addy-
don't have a static here at home. I was able to get into the box via
http, FTP and telnet just fine via the null modem cable. I managed to
install ssh; portsentry, logcheck, lcap, whois, Ipchains, lionfind and
chkrootkit. I was working on tripwire when the weather got nasty so I
shut everything down. I was able to get into my box every conceivable
way. Later; I tried to get into the box, couldn't. Well I knew I had
managed to block my self with portsenty; completely forgot to add myself
to hosts allow and of course couldn't get in. This is when My troubles
began. Managed to get in on another computer; got to the hosts allow;
added myself; and deleted me from hosts deny (this little journey took
about 3 hours because vi and I do not get along)
After finally being able to get myself in, I figured I should now be
able to get in on my own computer. Wrong. Only way I can get in is
limited terminal. That's it. Tried everything I could most of Wednesday
night; combed the archives,looked at logfiles until I turned blue,
changed IPs did a bit of everything. Nothing worked.
So yesterday morning I decided to restore once again. Using the same iso
cd I burned earlier in the week (it has updates up til 5/9/01) Same
problem. Only it took me all day to hit on an IP that will alow me to
terminal into the box. Finally; last night I got into the box and
changed my hosts.allow. (and I don't want to tell you how I did that
one) and started slocate. I picked apart my boot messages line by line
and searched them in the archives. I tried fsck (got a command not found
on that) There is nothing unusual in the logfiles; except for momentary
glitches that I knew I had caused.
In the inetd.conf file; telnet is enabled. Forgot to look at proftp. I
looked at my services file; this is what is enabled:
tcpmux1/tcp# TCP port service multiplexer
echo7/tcp
echo7/udp
discard9/tcpsink null
discard9/udpsink null
systat11/tcpusers
daytime13/tcp
daytime13/udp
netstat15/tcp
qotd17/tcpquote
msp18/tcp# message send protocol
msp18/udp# message send protocol
I looked at my httpd.conf file; there is nothing there added for my ip.
In named; I only have 127.0.0.1 and the ip I am currently using. (found
something curious here; I reset the ip for that of my ip; and I still
managed to login under the local 192.168 number I was using)
When I try to access http, ftp or telnet I get a connection timed out.
Sometimes I get a host not found; this happens when I change IPs. I even
tried to ftp my rpms from my local machine to the cobalt; just kept
getting a listing message. Tried to ftp from a normal site from the
cobalt; got host not found. I have tried to get in thru http thru
variations of
http://xxx.xxx.xxx.xxx:81/.cobalt/sysManage/ no go.
netstat -all looks like this:
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address
State
tcp 0 0 *:www *:*
LISTEN
tcp 0 0 *:81 *:*
LISTEN
tcp 0 0 *:snpp *:*
LISTEN
tcp 0 0 *:telnet *:*
LISTEN
tcp 0 0 *:ftp *:*
LISTEN
raw 0 0 *:icmp *:*
7
raw 0 0 *:tcp *:*
7
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node Path
unix 0 [ ACC ] STREAM LISTENING 278
/tmp/.s.PGSQL.5583
unix 2 [ ] DGRAM 48 /dev/log
unix 0 [ ] DGRAM 1487
unix 0 [ ] DGRAM 148
ps -aux:
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.1 0.7 1120 476 ? S 06:22 0:05 init
root 2 0.0 0.0 0 0 ? SW 06:22 0:00 [kflushd]
root 3 0.0 0.0 0 0 ? SW 06:22 0:00 [kupdate]
root 4 0.0 0.0 0 0 ? SW 06:22 0:00 [kpiod]
root 5 0.0 0.0 0 0 ? SW 06:22 0:00 [kswapd]
root 6 0.0 0.0 0 0 ? SW< 06:22 0:00
[mdrecoveryd]
root 91 0.0 0.8 1172 552 ? S 06:23 0:00 syslogd
-m 0
root 100 0.0 1.2 1484 780 ? S 06:23 0:00 klogd
root 324 0.0 0.7 1136 480 ? S 06:23 0:00 inetd
root 333 0.0 8.0 6572 5068 ? S 06:23 0:00
/usr/sbin/httpd -
root 356 0.0 8.0 6572 5056 ? S 06:23 0:00
/usr/sbin/httpd -
postgres 369 0.0 1.8 4892 1172 ? S 06:23 0:00
/usr/bin/postmast
root 394 0.0 8.0 6592 5084 ? S 06:23 0:00
/usr/sbin/httpd -
httpd 398 0.0 8.0 6592 5072 ? S 06:23 0:00
/usr/sbin/httpd -
httpd 399 0.0 8.0 6592 5072 ? S 06:23 0:00
/usr/sbin/httpd -
httpd 400 0.0 8.0 6592 5072 ? S 06:23 0:00
/usr/sbin/httpd -
httpd 401 0.0 8.0 6592 5072 ? S 06:23 0:00
/usr/sbin/httpd -
httpd 402 0.0 8.0 6592 5072 ? S 06:23 0:00
/usr/sbin/httpd -
root 419 0.0 0.2 296 128 ? S 06:23 0:00
/sbin/lcdsleep
root 457 0.0 1.3 1968 880 ttyS0 S 06:23 0:00 login --
admin
admin 1783 0.0 1.3 1544 868 ttyS0 S 06:55 0:00 -bash
root 1797 0.0 1.3 1952 872 ttyS0 S 06:55 0:00 su
root 1798 0.0 1.3 1552 852 ttyS0 S 06:55 0:00 sh
root 2349 0.0 1.3 2516 876 ttyS0 R 07:08 0:00 ps -aux
Does anyone have a clue? Am I perhaps hooked up the wrong way? (tried
switching ends on the serial cable as well as computers) Sig other
swears I had a cable also going from the cobalt to my hub. To be honest
I don't remember.
Help.
Thanks;
joann