Mailinglist Archive: opensuse-security (343 mails)

< Previous Next >
Re: [suse-security] ssh shells and ircd on a small lan
Well as soon as I send the email I figure it out... anyone else every have
a day like that? heheh

I got ssh port-forwarded now and working fine while ssh on the firewall is
turned off. Issue closed about ssh.

The only questions left here is where should ircd /irc be located and how to
get mine starting automaticaly again. And if anyone can see a flaw in how I
am doing things I would like to hear so I can patch any holes up.

current inetd.conf entry for ircd shows:
# from man ircd
ircd stream tcp wait irc /etc/ircd ircd -i

I notice in netstat -paut that there is no 6667 listening.
if i type ircd

and netstat -paut again
*:6667 listen

I don't think that's how your supposed to start ircd automatically.

On Tuesday 10 July 2001 02:12 pm, you wrote:
> Greetings all,
> I been trying to give my friend a shell account
> (ssh) And I have ran into some confusion.
>
> The firewall box has ssh already on it, but it also has portforwarding. So
> I am confused as to where I should give my friend a shell at.
>
> I also talk irc with my friend on a ircd which is located on 192.168.0.2 ,
> but I wondering if this is safe to let ircd be port forwarded through
> firewall box
>
> |----------------------------------
> | modem (dialup)-- firewall box
> |
> | redhat eth0
> |----------------------------------
> |
> |------------ |----------------
> | hub | -- | (eth0) 192.168.0.1 (just a client mandrake)
> |------------
>
> \ |----------------
>
> | (eth0) 192.168.0.2 (irc, shell accounts suse 7.2)
>
> at the moment the only way I know to get through the external network is
> to ssh to the firewall box as root, then ssh again into 192.168.0.2 box.
>
> I don't want my friend to know the root password on the firewall.
> I trust the guy, but he isn't very adept at linux and he might screw
> something up by accident. I want to avoid the accident. I also want
> to limit him to say 10MB and 10 process's (the cpu goes to 100% now with
> no limits on the account)
>
> If I shut ssh off the firewall how can I turn on ssh through it to the
> shell accounts. Or is this the wrong way to do this? I am thinking the
> shell might be better off located on the firewall.
>
> Should ircd be relocated to the firewall instead of where it is
> now (192.168.0.2)
>
> and finally... a bloob, I accidentally deleted my ircd startup from the
> inetd.conf I tried YaST and manually editing it but the only way to
> start irc is manually now. Can someone show the line or lines in the
> inetd.conf that have the irc/ircd start up from inetd.conf There is
> not anything in the manual about this.
>
> it used to start when I boot, but no more...;o(

< Previous Next >