[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-developers] /var/log/messages process every 15 minutes
- Subject: Re: [cobalt-developers] /var/log/messages process every 15 minutes
- From: Marco Baurdoux <linux@xxxxxxxxxxxxx>
- Date: Thu Sep 27 04:21:04 2001
- List-id: Discussion Forum for developers on Sun Cobalt Networks products <cobalt-developers.list.cobalt.com>
le 27.9.2001 18:20, DNSAdmin à dnsadmin@xxxxxxxxxxxxx a écrit :
>> -----Original Message-----
>> From: cobalt-developers-admin@xxxxxxxxxxxxxxx
>> [mailto:cobalt-developers-admin@xxxxxxxxxxxxxxx]On Behalf Of njd 76
>> Sent: Thursday, September 27, 2001 11:34 AM
>> To: cobalt-developers@xxxxxxxxxxxxxxx
>> Subject: Re: [cobalt-developers] /var/log/messages process every 15
>> minutes
>>
>>
>>
>> Thanks, I turned off telnet. I was told in the past that if you
>> turned off
>> telnet then ssh would also be shut down. However let it be know you are
>> correct you can shut down telnet services and still run ssh.
>> Thank you for
>> your help. You saved me from a Hack I am sure...
>>
>>
> -- SNIP --
>>
>>>
>>>> Sep 26 20:30:05 NAME telnetd[30969]: ttloop: read: Broken pipe
>>>
>>>
>>> This would most likely be Active Monitor and the chance you've been
>>> hacked is always there, but based on the above message I have no way of
>>> saying. Do you get this message every 15 minutes?
>>>
>>> Gerald was right: ditch telnet, get openssh. If you would rather not
>>> rely on Sun/Cobalt to keep making up-to-date packages, head on over to
>>> http://www.openssh.com, click Linux (which will lead you to the
>>> 'portable' section) and then find a suitable mirror. Get the RedHat 6.2
>>> RPMS and do subscribe to the announce list.
>>>
>>> HTH... Nico
>>>
>
> Hi,
>
> I'd like to add an extra measure of protecting your ability to get in the
> machine should SSH go down:
>
> You can move telnet over to an unconventional port.
>
> To do so modify the following:
>
> 1) change the entries in /etc/services to reflect the new telnet port.
> 2) make modifications to your firewall rules (if necessary).
> 3) change /etc/cobalt/swatch/services/telnet to reflect the new telnet port.
>
> This last change will allow the GUI to report telnet services up or down. I
> moved telnet and left it up because I saw other admins have problems with
> SSH that eventually locked them out of their machines.
>
Hi there,
Since the LCD is only based on perl scripts I just added one script in the
/etc/lcd.d directory. So now I can simply restart all my services via the
LCD panel. It's extremely simple to do. Just take a look at one of the other
and you'll quickly understand how to adapt it. There are no complicated
regular expressions.
=======================================================================
Marco Baurdoux
Unix Administrator
Infomaniak Network SA
Avenue de la Praille 26
1227 Carouge
Switzerland
Tel: +41 (0)22 820 35 41
Fax: +41 (0)22 820 35 46
http://web.infomaniak.ch
Linux/Unix is very user friendly,
it's just very picky about who its friends are !!!
=======================================================================