Brian Wildasinn wrote:
> Hi!
> I've been having people telnet into my box while I have a live-connection=
 to my
> school's servers here at Cal.State Long Beach, California. Today one came
> from a box called 'n116client168.hawaii.rr.com. Last week someone's box c=
alled
> 'snoop' something made telnet connections also.=20
>=20
> Is there a fix for these intrusions?=20

certainly.  do you know what list of servers you want to allow connections
from?  we have tcp-wrappers compiled into our networking code now via
libwrap, so all you should have to do is fill out the appropriate
/etc/hosts.allow and /etc/hosts.deny files.  i believe that both are
documented in section 5 of the manual (or at least i hope they are).
there might be other ways to do it as well, but this is all i can think of
off the top of my head.
=20
> I wasn't able to see the connection in ps -aux or netstat -r or -a, but l=
ike
> the rest of the console messages on this netbsd-1.3.2 upgraded system=1B,=
 they
> scroll up from the bottom of the terminal and also appear in each open xt=
erm and
> application.=20

take a look at /var/log/messages.  just about every console message should
also be captured there, and if they're not, edit /etc/syslog.conf to make
it so.  the logs are rotated fairly frequently, tho, so you might have to
check an older log file.

> =1B I used to have bwildasi add to the group "wheel" file, but decided to=
 take
> it out since ftp and telnet seemed to be able to sign in with that since =
I left
> off the password.

don't _ever_ put a machine on the net that doesn't have passwords on all
it's accessible accounts.  you're just asking for pain and suffering
otherwise.

> E-gad that's still a problem, since I haven't found a way to
> get my added user names to be able to use applications I've compiled under
> root, which seems to be mandatory anyway in order to gain access to all t=
he
> compiler tools and other files that require root authorization to use. Th=
us,
> i've just used 'root' to login.

there are _no_ compiler tools that require root authorization to use.  at
worst, to install binaries, you might want to have root authorization so
that you get the proper ownership/permissions (e.g. for stuff in the
package system).  however, it sounds like you either don't have the proper
directories in your path, or else you've gotten permissions horribly
screwed up.  what are the permissions settings on these programs you're
having trouble running?

> I'm reading up on my partially installed apache server to see if that is =
the
> problem. It installed all its files, but still needs to have  ServerName =
set
> which I'm trying to do now by reading the htdocs/manual it installed .

i haven't set up apache in quite a while, so i can't help on this one.
hopefully with a little more info, we'll be able to fix the other
problems, tho.

later.

--=20
Colin Wood                                 cwood@ichips.intel.com
Component Design Engineer - PMD                 Intel Corporation
-----------------------------------------------------------------
I speak only on my own behalf, not for my employer.