I have a small problem on one of my dev boxes. I have a bod bootup ipfw
rulset and I find myself locked out of the machine.
There will be a technician at the NOC on Tuesday that will be able to
My question is: Will he/she be able to simply reboot, logon as root as
I there, i was trying freebsd for a while, and comparing it against
The winner was Debian by far... Freebsd could be stable, but it is not
faster... and Debian is far much more 'usable'.
Freebsd package installation is very laborious compared with Debian's apt
system. I have to
Thanks for reply!
If u have more experience, please give some example about what sysctl
variable to set,
There are a variety of them, I can give you a few examples of ones that I
set but depending upon the attack and what it is targetting, they may
proveto be ineffective. Keep in mind that
That doesnt work for me :(
Make sure that you replaced rl0 with the name of your interface, which can
be found with a simple ifconfig -a.
any other way?
write a simple shell script to do it or do it manually with the following:
ifconfig interface inet ip netmask subnet mask alias
In response to your first question, I would highly recommend setting up a
verbose firewall if you have not already done so. Personally, I use ipfw but
there are a variety of options available to you (pf/ipf/ipfw/ipfw2), so
check out the handbook and figure out which one you want to use. Doing
I would highly discourage you from doing this, especially without the
permission of your company. Just make sure that your admin knows that you
are doing this and make sure that your BSD box at home is properly secured.
Keep in mind that if your system at home is compromised then your system at
My understanding is that the netmask (255.255.255.0 as you put it) is only
to determine how much of the IP address is used for the subnet address. I'm
a newb with this as well, so please, someone correct me if i'm wrong. If
your IP is 192.168.1.10 and your netmask is 255.255.255.0, then only
other pass in rules
except for port number. Thanks again.
James Bowman Sineath, III wrote:
You should send messages to the list directly. When you start your
question by hitting reply to a question about shell accounts, your
message will be lumped under there in a lot of mail clients
I have the following rule in my ipf.rules:
pass in log first quick on xl0 proto tcp from any to any port = 25 keep
for some reason it will pass the first connection but block the next. A log
is below. Any ideas on why this is happening would be much appreciated.
Jun 8 16:11:38
I would also check out lomag at http://www.lomag.net/
I've worked with them for the past 3 or 4 years and their service is
amazing. Their connectivity is very good as well.
- Original Message -
From: Peter Thoenen [EMAIL PROTECTED]
To: Bob Perry [EMAIL PROTECTED]; [EMAIL PROTECTED];
I'm running a diskless 5.2-CURRENT, and it has a read-only /etc. sshd can't
start, because it can't create /etc/ssh/ssh_host_key.
I can work around this myself, of course, but is there a better way?
Mail list logo