Re: messages log file
hi ya craig
> This may sound really stupid, however I cannot seem to locate anything about
> it anywhere.
> When I view the messages log file it is full of --MARK-- , what does this
> mean? I have never seen it
it means your system is not as busy as it should be....
if your system was bz.... you'd see tons of stuff between --MARK-- that
makes those entries less significant noise in the log file....
> on any other of the Linux boxes I have (running RH though). I am slowly
> trying to get to grips with Debian
> before I go swapping out all the RH boxes.
>
> Also any ideas on why I have ssh running & can log in from my internal
> network, I have allowed the IP range from work access, I can scan the box
> from work & it reports that the ports I have open are definitely open, yet I
> cannot connect
which is it... that you can login or that you cannot ???
am assuming you cannot...
- check that sshd is running on the target machine you are trying
to get into
- check that ssh is properly installed ...
/etc/ssh/* - check for the files and ip# and if you
allow/disallow root to login etc
> (I even set up Apache to see if I could get a webpage, ie:
> some sort of connection happening between the box & the remote) & yet I
what does "telnet www.your_machine.com 80" say
is httpd running on that amchine ( www.your_machine.com )
> still get "connection refused by remote.." I have triple-checked that I have
> the ipchains set up correctly ( & ran a packet through the chains to ensure
> the chains weren't to blame),
doesnt sound like ipchains is passing it thru...
> any ideas, I have checked the config of ssh &
> all appears sweet,
how do you know its "sweet" ??? is it working???
> although I get this error when I even try to get the
> default page up in a browser on the remote.
> I am suspicious of my ISP
> "filtering" the connections (although after speaking to them they tell me
> they don't),
Most ISP do NOT filter traffic to/from you... they have bigger worries
> although wouldn't a std. nmap scan show my ports as closed or
> filtered if this is the case?
nmap from where to who ???
any namp from a machine to anotehr is subject to the ethernet traffic
and firewalls, routers, packet filters, and all the gizmos along the way
collection online free nmap audit(ors)...
http://www.Linux-Sec.net/Audit/nmap.test.gwif.html
urls to trojan detections, scanners, detectors, etc..etc...
http://www.Linux-Sec.net/Audit
c ya
alvin
Reply to: