Re: mail not being delivered
Date: Mon, 22 Aug 2005 07:17:30 -0500 (EST) From: Mail Delivery Subsystem MAILER-DAEMON To: postmaster Subject: Postmaster notify: see transcript for details Parts/Attachments: 1 Shown 11 lines Text 2 Shown274 bytes Message, Delivery Status 3 Shown6.6 KB Message, Warning: could not send message for past 4 hours 3.1 Shown 12 lines Text 3.2 Shown332 bytes Message, Delivery Status 3.3 Shown4.7 KB Message, blade.projectosiris.net security run output 3.3.1 Shown 57 lines Text The original message was received at Wed, 17 Aug 2005 07:11:28 -0500 (EST) from localhost with id j7HCACmT090026 - Transcript of session follows - [EMAIL PROTECTED]... Deferred: Operation timed out with projectosiris.net. Warning: message still undelivered after 4 hours Will keep trying until message is 5 days old Etc... Hope this helps Joe On 8/21/05, Joe Wood [EMAIL PROTECTED] wrote: The message has since been deleted and I cannot give an exact message, but it says the message has been queued for X days and will be deleted. The messages then goes on to show the email that was waiting to be delivered and it is what appears to be the security logs, and among the others are various cron jobs that failed delivery as well. I am not sure if this would affect it but about a week ago (the same time this started) we were doing some reconfigurations on the network and the 3600 series router this machine was on. There was about 2 hours of down time and my mailbox was flooded with cron jobs not working (which I expected since they are internet related jobs) after that all email just stopped. Sorry for the lack of information Joe -Original Message- From: Glenn Dawson [mailto:[EMAIL PROTECTED] Sent: Sunday, August 21, 2005 5:07 PM To: Joe Wood; freebsd-questions@freebsd.org Subject: Re: mail not being delivered At 01:56 PM 8/21/2005, Joe Wood wrote: I am running fbsd 5.4, this server has been up for about 70 days and just recently (maybe within the last 4 days) I have not been receiving the usual security and daily summery reports, but every 2 or 3 days I will get the message undeliverable email. Is there any reason why I would not be able to get these anymore? What does the undeliverable message say? If you're not sure how to interpret it, someone on the list probably can. Without that information, all anyone can do is guess what the problem might be. -Glenn Thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- You've officially been Gmailed ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
User mngmt using SSH2 and Public Key
I recently installed ssh2 from ssh.com and everything is working great. In a few months I am going to setup a cluster and the system with ssh2 is going to be the gateway between the outside and the cluster. Instead of traditional password based access I want to use some kind of key so that I know the person accessing the system is one that I have granted access to and is allowed it. Is this a viable solution or am I barking up the wrong tree? I have read a few articles public key authentication but if anyone could tell me more I would be greatly appreciative. Thanks Joe -- You've officially been Gmailed ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
FreeBSD ip alias
I have an issue that is driving me mad, it may be something simple that I am overlooking but any insight would be great. I have a freebsd machine with 2 nics and one being used. The first has 2 ip addresses, one of them via alias. I have BIND listening x.x.x.19 and regular operations on x.x.x.18. My problem is that apache wants to listen on both IPs and I dont want someone being able to point their browser at the ns1.domain.com and see a web page, so how do i get apache to stop listening on this IP. I have tried binding it to the .18 address and even setting Listen x.x.x.18:80 but it still wants to go to the main apache TLS/SSL has been installed page when i point it at x.x.x.19. Any thoughts as to what I might be doing wrong? Thanks -- You've officially been Gmailed ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ipfw and nmap
You could try using nmap with the -sA (ACK) scanning...this is good for mapping firewall rulesets to see what is being let in. You could also use -f (fragment) with -sS to send fragmented packets...this will show open ports unless most of the time too. But -sA is better since the firewall things its a legitimate request and not a port scan On Mon, 14 Mar 2005 11:52:54 -0500, daniel quinn [EMAIL PROTECTED] wrote: i've been experimenting with ipfw since moving some of my machines from linux to freebsd and i've run across an oddity wrt nmap and freebsd firewalls. it doesn't seem to work and the activity isn't logged either. the firewall is working though. ssh goes through, while other ports are being blocked (and logged). i've confirmed this with telnet. but nmap still comes up empty. i'd like to be able to do a proper portscan, but is this a feature with ipfw or a lack of feature in nmap? for the purposes of this test, i've used a variation on the firewall supplied in the freebsd handbook: www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-ipfw.html -- ...he who in dealing with the empire loves his subjects as one should love one's body is the best person to whom one can commit the empire. - lau tzu, tao te ching: chapter xiii ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- You've officially been Gmailed ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
feedback on a good DNS server
I am looking into setting up a DNS server on our network using an existing FreeBSD box. I have been looking around and reading comments on different DNS servers out their but everyone has mixed feelings. I know someone who uses BIND and is happy with it .. is their any reason why BIND wouldn't be a good choice? All i need is to have DNS running on a webserver so we can host our site internally...any feedback on this setup and/or DNS server is appreciated Thanks in advance ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD Hardware Recomendations - NIC/HD
I like Intel's network adapters alot, I've never had a single issue out of the gigabit adapter I use (Intel Pro/1000 MT PWLA8490MT) As far as SATA drives if its size you are going for then WD has a fairly decent SATA drive for a good price, but in my book the best SATA drive is the Raptor by WD..even if its only 74Gb it still has to be the fastest SATA drive out.. imo :) On Tue, 8 Mar 2005 11:29:11 -0700, Nick Pavlica [EMAIL PROTECTED] wrote: All, I'm looking at adding some hardware to my FreeBSD 5.3+ Backup servers and would like your recommendations for the following items: - Gigabit Ethernet cards: I'm going to use them as dedicated cards in the primary and backup servers so that I can quickly rsync between them. I would like to find a card that is currently MP safe and a good performer. - SATA HD: I'm currently planning on adding two 200GB drives to both servers. Are there any that stand out as good performers? Thanks! --Nick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- You've officially been Gmailed ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
unknown port..what is this?
I ran nmap against one of my BSD boxes and it keeps returning port 199:smux.. I have no idea why it would be running or what its for. I am running nmap from a windows machine...would this affect it any? Thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: unknown port..what is this?
Ah, yes I am.. but what would this be for? thanks for the reply On Mon, 07 Mar 2005 15:21:50 -0600, Kevin Kinsey [EMAIL PROTECTED] wrote: sn1tch wrote: I ran nmap against one of my BSD boxes and it keeps returning port 199:smux.. I have no idea why it would be running or what its for. I am running nmap from a windows machine...would this affect it any? Thanks Are you running SNMP? Kevin Kinsey -- You've officially been Gmailed ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: unknown port..what is this?
Thanks for the help, it seems to work..just one thing i noticed on the console was a message stating it could not bind to that IP which I understand is normal. Thanks again On Mon, 7 Mar 2005 15:53:07 -0600, Troy [EMAIL PROTECTED] wrote: If you want to disable it, just edit snmpd.conf in /usr/local/share/snmp and put in something like: smuxsocket 1.0.0.0 and you will notice the smux port will no longer be listening. -Troy On Mon, Mar 07, 2005 at 04:47:19PM -0500, sn1tch wrote: Ah, yes I am.. but what would this be for? thanks for the reply On Mon, 07 Mar 2005 15:21:50 -0600, Kevin Kinsey [EMAIL PROTECTED] wrote: sn1tch wrote: I ran nmap against one of my BSD boxes and it keeps returning port 199:smux.. I have no idea why it would be running or what its for. I am running nmap from a windows machine...would this affect it any? Thanks Are you running SNMP? Kevin Kinsey -- You've officially been Gmailed ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- You've officially been Gmailed ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
security logs being mailed to root
When I ran FBSD 5.2.1 I used to get the daily, weekly, and monthly security logs and such mailed to root...now since I did a clean install with 5.3 I no longer get anything, when I log in I have no mail...what gives? I enjoyed reading them .. is there a way to get that functionality back? Thanks, Joe ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: security logs being mailed to root
On Fri, 4 Mar 2005 12:08:41 -0500, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: On Fri, Mar 04, 2005 at 08:59:45AM -0500, sn1tch wrote: When I ran FBSD 5.2.1 I used to get the daily, weekly, and monthly security logs and such mailed to root...now since I did a clean install with 5.3 I no longer get anything, when I log in I have no mail...what gives? I enjoyed reading them .. is there a way to get that functionality back? Thanks, Joe ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] 5.3 also does this by default. Are you sure your computer is turned on at the times these mails are sent, in /etc/crontab? Yes this is my webserver and is running 24/7 .. and there are no crontab entries for it but I wasnt aware that crontab needed to start this up, I figured it was automatic. -- You've officially been Gmailed ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: security logs being mailed to root
On Fri, 04 Mar 2005 12:34:36 -0600, Kevin Kinsey [EMAIL PROTECTED] wrote: [EMAIL PROTECTED] wrote: On Fri, Mar 04, 2005 at 08:59:45AM -0500, sn1tch wrote: When I ran FBSD 5.2.1 I used to get the daily, weekly, and monthly security logs and such mailed to root...now since I did a clean install with 5.3 I no longer get anything, when I log in I have no mail...what gives? I enjoyed reading them .. is there a way to get that functionality back? Thanks, Joe 5.3 also does this by default. Are you sure your computer is turned on at the times these mails are sent, in /etc/crontab? And ... If the logs and such exist, then syslogd is probably OK. Otherwise check syslogd first. Next, make sure that crond is running. Don't know why it wouldn't be, be might as well check. Then, check sendmail. Depending on settings, this might be the issue. If syslogd is working as expected, you should find a note in /var/mail/maillog (about 3:0x a.m. system time) that shows a mail going to [EMAIL PROTECTED]. Which brings us to /etc/mail/aliases. Is the alias for root pointing to your email address? I'm sure there's stuff I may have missed as well, but here's the start of a debug checklist. HTH, Kevin Kinsey Crontab doesnt have any listings and rc.conf shows this... sendmail_enable=NONE syslogd_flags=-ss and in /etc/periodic there are dail weekly monthly and security folders. I chose not to build sendmail at all, or any type of mail server for that matter, but why would that affect it because a friend of mine has a fresh install of 5.3 and he gets the logs, no problems. Would a specific option in a custom kernel cause it to not send. syslog.conf shows security.* /var/log/security is there anything else I can show you guys/girls to help out? Thanks for the help ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: CGI script executing and Apache help
Try adding this /Directory ScriptAlias /cgi-bin/ /home/user/site/public_html/cgi-bin/ On Fri, 4 Mar 2005 14:36:04 -0500 (EST), Shawn B [EMAIL PROTECTED] wrote: I am running FreeBSD-4.8 with Apache 1.3 installed. I changed the htdocs directory in httpd.conf to /home/user1/public_html/ and I added a /cgi-bin/ in the same user directory. Scripts will not execute from the cgi-bin, as the scripts contents are displayed in the browser window. I went through httpd.conf using the search feature in Easy Editor, editing sections that have .cgi in it. Now, I am stumped as to how to get the CGI scripts to execute. Thanks, Shawn B. FreeBSD newbie __ Post your free ad now! http://personals.yahoo.ca ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- You've officially been Gmailed ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ipfw and nmap
I am fairly new to IPFW, I have question regarding the stateful part of it. Now I may just be misunderstanding this so set me straight if I am. From what I understand when you add a check-state rule and then following that a rule to keep-state, if a packet destined for that port is new and setup was not added to the keep-state rule then wouldn't it get denied at the check-state rule since keep-state did not add a dynamic rule? My problem is this, and again this may not even be correct but I have a bsd box that is simply providing me SSH capabilities..here are the rules for it: add check-state add allow all from any to any 22 in via fxp0 keep-state then the default to deny rule. Now is there a way to allow setup connections but disallow port scanners like nmap from seeing it as being open? Thanks for any help ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Mindterm and SSH
Hello everyone, I have a question regarding the use of the Mindterm applet on a site sitting on my bsd machine. I have it setup and everything runs great, except for when it comes time to login via the applet. Mindterm, upon entering my username, abruptly responds Authentication method 'password' not supported by server. I went into the sshd_config and changed the 'passwordauthentication' to yes and it now asks me for my password (which it never did before) and I get my shell. Now firstly, is this an option I want to leave on? Or is there a better way of going about this? Please forgive the ignorance but I hope this is the right list to post to. Thanks in advance for any help. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Apache and MRTG Logs
I'm not sure if this is something I need to be worried about, but after I got MRTG setup on my bsd system I noticed that the error logs were starting to show this: [error] [client *.*.*.71] (13)Permission denied: mod_mime_magic: can't read `/home/sites/ipv4.youthranches.org/web/mrtg/127.0.0.1_2.log' [Fri Feb 18 13:35:25 2005] [error] [client *.*.*.71] (13)Permission denied: mod_mime_magic: can't read `/home/sites/ipv4.youthranches.org/web/mrtg/127.0.0.1_1.log' [Fri Feb 18 13:35:25 2005] [error] [client *.*.*.71] (13)Permission denied: file permissions deny server access: /home/sites/ipv4.youthranches.org/web/mrtg/127.0.0.1_1.log I chmoded the files 755 but as soon as mrtg updates theold and new log files they are set back to 640 Thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
