multi-homing and pf; removing user with uid 0
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 This is somewhat of a multipart question and unrelated question. Figured I would ask here since the host I have the box on isn't much help with anything, and when they do help they want to charge up the ass for it. I understand they need to make money too, but they end up breaking shit and not helping than anything...So here goes nothing. Right now I've got a /27 and I am attemtpting to add 5 addresses of that adress block (ipv4) to the box as either seperate addreses (not aliases to the primary interface) or seperate addresses bound to sub-interfaces. So far I have been unsuccessful and the host told me to use aliases. I also wish for these settings to stay after (re)boot. Not to mention they say my firewall is the problem and they couldn't get out to the internet from root console (im using pf and have the rule of 'pass out all'. Next thing, a second account just 'showed up' on the box with uid 0. toor:*:0:0:Bourne-again Superuser:/root: - from /etc/master.passwd I suspect it was techs from the host, but I want it off the machine. How do I do this? thanks, m - -- Marc Cabanatuan [EMAIL PROTECTED] Network and Systems Administrator A+, Net+, Linux+, CCNA, MCP -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBInn0QXmDWC9ByjIRAq/ZAJ49XJ37qihWUFFMO8Wf2e1AU1J7ygCgk7AP SKIlYffqYO5a5ABNmJN9CPY= =YHVK -END PGP SIGNATURE- ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: multi-homing and pf; removing user with uid 0
Marc Cabanatuan wrote: [ ... ] Right now I've got a /27 and I am attemtpting to add 5 addresses of that adress block (ipv4) to the box as either seperate addreses (not aliases to the primary interface) or seperate addresses bound to sub-interfaces. So far I have been unsuccessful and the host told me to use aliases. FreeBSD doesn't let you configure multiple IP addresses within the same subnet. You will either have to use different netmasks, or else use aliases as recommended. I also wish for these settings to stay after (re)boot. See /etc/rc.conf, and add something like: # Sample alias entry. #ifconfig_lo0_alias0=inet 127.0.0.254 netmask 0x Not to mention they say my firewall is the problem and they couldn't get out to the internet from root console (im using pf and have the rule of 'pass out all'. Hmm. Next thing, a second account just 'showed up' on the box with uid 0. toor:*:0:0:Bourne-again Superuser:/root: - from /etc/master.passwd I suspect it was techs from the host, but I want it off the machine. How do I do this? FreeBSD ships with a toor account available but disabled, which can be useful if someone breaks the shell used by the root account itself. If you want to get rid of it, run vipw. -- -Chuck ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: multi-homing and pf; removing user with uid 0
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alright as far as netmasks goes, am i allowed to add an ip with netmask 255.255.255.255 for each IP? Chuck Swiger wrote: | Marc Cabanatuan wrote: [ ... ] | | Right now I've got a /27 and I am attemtpting to add 5 addresses | of that adress block (ipv4) to the box as either seperate | addreses (not aliases to the primary interface) or seperate | addresses bound to sub-interfaces. So far I have been | unsuccessful and the host told me to use aliases. | | | FreeBSD doesn't let you configure multiple IP addresses within the | same subnet. You will either have to use different netmasks, or | else use aliases as recommended. | | I also wish for these settings to stay after (re)boot. | | | See /etc/rc.conf, and add something like: | | # Sample alias entry. #ifconfig_lo0_alias0=inet 127.0.0.254 | netmask 0x | | Not to mention they say my firewall is the problem and they | couldn't get out to the internet from root console (im using pf | and have the rule of 'pass out all'. | | | Hmm. | | Next thing, a second account just 'showed up' on the box with uid | 0. | | toor:*:0:0:Bourne-again Superuser:/root: - from | /etc/master.passwd | | I suspect it was techs from the host, but I want it off the | machine. How do I do this? | | | FreeBSD ships with a toor account available but disabled, which can | be useful if someone breaks the shell used by the root account | itself. If you want to get rid of it, run vipw. | - -- Marc Cabanatuan [EMAIL PROTECTED] Network and Systems Administrator A+, Net+, Linux+, CCNA, MCP -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBIn6fQXmDWC9ByjIRAivrAKDcyJ62CuBDxZwLlt4FFqK483EiBgCbBkxk ai4Q2sV0j9iK9DxEHeC/Tlk= =jE6o -END PGP SIGNATURE- ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: multi-homing and pf; removing user with uid 0
Marc Cabanatuan [EMAIL PROTECTED] writes: This is somewhat of a multipart question and unrelated question. Please try putting them in separate messages next time, then. Figured I would ask here since the host I have the box on isn't much help with anything, and when they do help they want to charge up the ass for it. I understand they need to make money too, but they end up breaking shit and not helping than anything...So here goes nothing. Right now I've got a /27 and I am attemtpting to add 5 addresses of that adress block (ipv4) to the box as either seperate addreses (not aliases to the primary interface) or seperate addresses bound to sub-interfaces. So far I have been unsuccessful and the host told me to use aliases. I also wish for these settings to stay after (re)boot. Not to mention they say my firewall is the problem and they couldn't get out to the internet from root console (im using pf and have the rule of 'pass out all'. What actually *happened* when you tried this? Did you remember to use all-ones netmasks? Ref. FAQ: How can I set up Ethernet aliases? http://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/networking.html#ETHERNET-ALIASES Next thing, a second account just 'showed up' on the box with uid 0. toor:*:0:0:Bourne-again Superuser:/root: - from /etc/master.passwd I suspect it was techs from the host, but I want it off the machine. How do I do this? It's completely standard, and while you can remove it like any other account, there's no reason to. Ref. FAQ: What is this UID 0 toor account? Have I been compromised? http://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/security.html#TOOR-ACCOUNT ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: multi-homing and pf; removing user with uid 0
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 so far ive got this along with the primary inet address with the /27 subnet mask in /etc/rc.conf ifconfig_rl0_alias*=inet 0.0.0.0 netmask 255.255.255.255 (replacing 0's with ip address of course) Chuck Swiger wrote: | Marc Cabanatuan wrote: [ ... ] | | Right now I've got a /27 and I am attemtpting to add 5 addresses | of that adress block (ipv4) to the box as either seperate | addreses (not aliases to the primary interface) or seperate | addresses bound to sub-interfaces. So far I have been | unsuccessful and the host told me to use aliases. | | | FreeBSD doesn't let you configure multiple IP addresses within the | same subnet. You will either have to use different netmasks, or | else use aliases as recommended. | | I also wish for these settings to stay after (re)boot. | | | See /etc/rc.conf, and add something like: | | # Sample alias entry. #ifconfig_lo0_alias0=inet 127.0.0.254 | netmask 0x | | Not to mention they say my firewall is the problem and they | couldn't get out to the internet from root console (im using pf | and have the rule of 'pass out all'. | | | Hmm. | | Next thing, a second account just 'showed up' on the box with uid | 0. | | toor:*:0:0:Bourne-again Superuser:/root: - from | /etc/master.passwd | | I suspect it was techs from the host, but I want it off the | machine. How do I do this? | | | FreeBSD ships with a toor account available but disabled, which can | be useful if someone breaks the shell used by the root account | itself. If you want to get rid of it, run vipw. | - -- Marc Cabanatuan [EMAIL PROTECTED] Network and Systems Administrator A+, Net+, Linux+, CCNA, MCP -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBIotTQXmDWC9ByjIRAiRrAJ4sCx8m0/eaKHU4OcZS9EQAYrAlQwCg2+Cw YXerOL9ouz07WCB7S8PohG8= =OVE9 -END PGP SIGNATURE- ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: multi-homing and pf; removing user with uid 0
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Oh also, when i connect to a service bound to the primary IP (say its a .2) and im connecting to a .6 to the SAME service (not bound to the address) it goes right to .2 eg, i can ssh to .6 and it allows me to get to the box. i would really like it to be completely seperate, or at least as seperate as possible. Marc Cabanatuan wrote: | so far ive got this along with the primary inet address with the | /27 subnet mask in /etc/rc.conf | | | ifconfig_rl0_alias*=inet 0.0.0.0 netmask 255.255.255.255 | (replacing 0's with ip address of course) Chuck Swiger wrote: | | | Marc Cabanatuan wrote: [ ... ] | | Right now I've got a /27 and | I am attemtpting to add 5 addresses | of that adress block (ipv4) | to the box as either seperate | addreses (not aliases to the | primary interface) or seperate | addresses bound to | sub-interfaces. So far I have been | unsuccessful and the host | told me to use aliases. | | | FreeBSD doesn't let you configure | multiple IP addresses within the | same subnet. You will either | have to use different netmasks, or | else use aliases as | recommended. | | I also wish for these settings to stay after | (re)boot. | | | See /etc/rc.conf, and add something like: | | # | Sample alias entry. #ifconfig_lo0_alias0=inet 127.0.0.254 | | netmask 0x | | Not to mention they say my firewall is the | problem and they | couldn't get out to the internet from root | console (im using pf | and have the rule of 'pass out all'. | | | | Hmm. | | Next thing, a second account just 'showed up' on the box | with uid | 0. | | toor:*:0:0:Bourne-again Superuser:/root: - | from | /etc/master.passwd | | I suspect it was techs from the | host, but I want it off the | machine. How do I do this? | | | | FreeBSD ships with a toor account available but disabled, which can | | be useful if someone breaks the shell used by the root account | | itself. If you want to get rid of it, run vipw. | | ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] - -- Marc Cabanatuan [EMAIL PROTECTED] Network and Systems Administrator A+, Net+, Linux+, CCNA, MCP -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBIozzQXmDWC9ByjIRAspSAKC4btPRPk9M7PECUPznYrK+hCcGpQCgtyeY HBFN/sExTav5yPcF8lvWV9I= =6Z6W -END PGP SIGNATURE- ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: multi-homing and pf; removing user with uid 0
in message [EMAIL PROTECTED], wrote Marc Cabanatuan thusly... -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Oh also, when i connect to a service bound to the primary IP (say its Could you please not top post? Marc Cabanatuan wrote: | so far ive got this along with the primary inet address with the | /27 subnet mask in /etc/rc.conf | | | ifconfig_rl0_alias*=inet 0.0.0.0 netmask 255.255.255.255 | (replacing 0's with ip address of course) Chuck Swiger wrote: | | | Marc Cabanatuan wrote: [ ... ] | | Right now I've got a /27 and | I am attemtpting to add 5 addresses | of that adress block (ipv4) Additionaly, please properly quote only the relevant parts to your reply. Thanks much for your consideration. - Parv -- ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]