[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-developers] /var/log/messages process every 15 minutes

Subject: RE: [cobalt-developers] /var/log/messages process every 15 minutes
From: "DNSAdmin" <dnsadmin@xxxxxxxxxxxxx>
Date: Thu Sep 27 01:24:13 2001
List-id: Discussion Forum for developers on Sun Cobalt Networks products <cobalt-developers.list.cobalt.com>

> -----Original Message-----
> From: cobalt-developers-admin@xxxxxxxxxxxxxxx
> [mailto:cobalt-developers-admin@xxxxxxxxxxxxxxx]On Behalf Of njd 76
> Sent: Thursday, September 27, 2001 11:34 AM
> To: cobalt-developers@xxxxxxxxxxxxxxx
> Subject: Re: [cobalt-developers] /var/log/messages process every 15
> minutes
>
>
>
> Thanks, I turned off telnet. I was told in the past that if you
> turned off
> telnet then ssh would also be shut down. However let it be know you are
> correct you can shut down telnet services and still run ssh.
> Thank you for
> your help. You saved me from a Hack I am sure...
>
>
-- SNIP --
>
> >
> >>Sep 26 20:30:05 NAME telnetd[30969]: ttloop: read: Broken pipe
> >
> >
> >This would most likely be Active Monitor and the chance you've been
> >hacked is always there, but based on the above message I have no way of
> >saying. Do you get this message every 15 minutes?
> >
> >Gerald was right: ditch telnet, get openssh. If you would rather not
> >rely on Sun/Cobalt to keep making up-to-date packages, head on over to
> >http://www.openssh.com, click Linux (which will lead you to the
> >'portable' section) and then find a suitable mirror. Get the RedHat 6.2
> >RPMS and do subscribe to the announce list.
> >
> >HTH... Nico
> >

Hi,

I'd like to add an extra measure of protecting your ability to get in the
machine should SSH go down:

You can move telnet over to an unconventional port.

To do so modify the following:

1) change the entries in /etc/services to reflect the new telnet port.
2) make modifications to your firewall rules (if necessary).
3) change /etc/cobalt/swatch/services/telnet to reflect the new telnet port.

This last change will allow the GUI to report telnet services up or down. I
moved telnet and left it up because I saw other admins have problems with
SSH that eventually locked them out of their machines.

I am not revealing my telnet port for security reasons. Choose your
carefully after a bit of research.

Cheers,
Glenn

Follow-Ups:
- Re: [cobalt-developers] /var/log/messages process every 15 minutes
  - From: Nico Meijer
- Re: [cobalt-developers] /var/log/messages process every 15 minutes
  - From: Marco Baurdoux
- Re: [cobalt-developers] /var/log/messages process every 15 minutes
  - From: Gerald Waugh
- Re: [cobalt-developers] /var/log/messages process every 15 minutes
  - From: Jeff Lasman

References:
- Re: [cobalt-developers] /var/log/messages process every 15 minutes
  - From: njd 76

Prev by Date: Re: [cobalt-developers] /var/log/messages process every 15 minutes
Next by Date: RE: [cobalt-developers] First login on raq 4i, internal error
Previous by thread: Re: [cobalt-developers] /var/log/messages process every 15 minutes
Next by thread: Re: [cobalt-developers] /var/log/messages process every 15 minutes

Sun Cobalt Developers Message Index

Sun Cobalt Developers Thread Index