Re: messages log file

To: Craig W <craigw@bigpond.net.au>
Cc: debian-user@lists.debian.org
Subject: Re: messages log file
From: Alvin Oga <aoga@Maggie.Linux-Consulting.com>
Date: Sat, 11 Aug 2001 00:34:57 -0700 (PDT)
Message-id: <[🔎] Pine.LNX.3.96.1010811002617.22216A-100000@Maggie.Linux-Consulting.com>
In-reply-to: <[🔎] 009b01c12232$f45317c0$0300a8c0@thebrain>

hi ya craig

> This may sound really stupid, however I cannot seem to locate anything about
> it anywhere.
> When I view the messages log file it is full of --MARK-- , what does this
> mean? I have never seen it

it means your system is not as busy as it should be....

if your system was bz.... you'd see tons of stuff between --MARK-- that
makes those entries less significant noise in the log file....

> on any other of the Linux boxes I have (running RH though). I am slowly
> trying to get to grips with Debian
> before I go swapping out all the RH boxes.
> 
> Also any ideas on why I have ssh running & can log in from my internal
> network, I have allowed the IP range from work access, I can scan the box
> from work & it reports that the ports I have open are definitely open, yet I
> cannot connect

which is it... that you can login or that you cannot ???

am assuming you cannot...
	- check that sshd is running on the target machine you are trying
	to get into

	- check that ssh is properly installed ... 
	/etc/ssh/*  - check for the files and ip# and if you
	allow/disallow root to login etc


> (I even set up Apache to see if I could get a webpage, ie:
> some sort of connection happening between the box & the remote) & yet I

what does "telnet www.your_machine.com 80"   say

is httpd running on that amchine ( www.your_machine.com )

> still get "connection refused by remote.." I have triple-checked that I have
> the ipchains set up correctly ( & ran a packet through the chains to ensure
> the chains weren't to blame),

doesnt sound like ipchains is passing it thru...


> any ideas, I have checked the config of ssh &
> all appears sweet,

how do you know its "sweet" ??? is it working???

> although I get this error when I even try to get the
> default page up in a browser on the  remote.

> I am suspicious of my ISP
> "filtering" the connections (although after speaking to them they tell me
> they don't),

Most ISP do NOT filter traffic to/from you... they have bigger worries

> although wouldn't a std. nmap scan show my ports as closed or
> filtered if this is the case?

nmap from where to who ???

any namp from  a machine to anotehr is subject to the ethernet traffic
and firewalls, routers, packet filters, and all the gizmos along the way


collection online free nmap audit(ors)... 
	http://www.Linux-Sec.net/Audit/nmap.test.gwif.html

urls to trojan detections, scanners, detectors, etc..etc...
	http://www.Linux-Sec.net/Audit

c ya
alvin

Reply to:

Follow-Ups:
- Re: messages log file
  - From: Dave Sherohman <esper@sherohman.org>

References:
- messages log file
  - From: "Craig W" <craigw@bigpond.net.au>

Prev by Date: Re: unable to stat
Next by Date: sqrt C function(clarification)
Previous by thread: messages log file
Next by thread: Re: messages log file
Index(es):
- Date
- Thread