Re: [cobalt-users] locked myself out - one computer only-help?

[David Lucas <david@xxxxxxxxxxxxxxxx>]

reboot the raq


At 03:09 PM 8/23/2003, you wrote:
> I've got two Raq 4r's with one set up as an email/web server on our DMZ 
> port of a firewall and I have the other set up as an intranet file share, 
> etc. on the private interface on the firewall. Nothing out of ordinary 
> shows in firewall logs.
>
> My main computer is what I do all my admin stuff on for the two raqs. 
> Recently I was changing my ip address (on my computer) to other networks 
> as I was testing some wireless equipment to deploy. When I put everything 
> back to the way it was and went home. The next day I couldn't get my email 
> from the one raq and I couldn't browse our webpage, though I still had 
> internet access and could browse other unrelated webpages.
> After initial panic, I rebooted and then everything worked fine.. email 
> and webpage and being able to ssh into the raq. All the time I could still 
> ssh into the private raq - that was never a problem.
>
> So I did some more wireless testing, changing my ip address/gateway/etc., 
> and when I put it back, I couldn't get to the public raq (email/web) 
> again. Reboots have not worked this time (win2000). If I go to another 
> computer, I can ssh into the raq, but somehow it has blocked by computer. 
> Except if I ssh into the private raq and from there ssh into the public 
> one, I can do that.
>
> Security measures I have taken are probably pretty lax and mostly consist 
> of keeping updates going. I do have chkrootkit, and so the only clue I 
> have been able to find so far is the last line of its output:
> "checking 'z2' ...usr jdory deleted or never loged from lastlog."
> Nothing else shows up suspect. Maybe I'm not looking in the right places.. 
> I did check /var/log/messages, secure, auth, etc.. I don't have any 
> ipchains rules going that I've done.
>
> I can still check my email on the raq if I go through webmail on a 
> different computer.
>
> Please let me know of any checks or solutions, or if more info is needed.
>
> thanks, Jim
>
> --
> Jim Dory, Engineering
> City of Nome
> PO Box 281
> 102 Division St.
> Nome, AK 99762
> 907.443.6604
>
> http://www.nomealaska.org
>
>
> _____________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To subscribe/unsubscribe, or to SEARCH THE ARCHIVES, go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.



--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.