multi-homing and pf; removing user with uid 0
Marc Cabanatuan
mcabanatuan at wi.rr.com
Tue Aug 17 14:54:43 PDT 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Alright as far as netmasks goes, am i allowed to add an ip with
netmask 255.255.255.255 for each IP?
Chuck Swiger wrote:
| Marc Cabanatuan wrote: [ ... ]
|
|> Right now I've got a /27 and I am attemtpting to add 5 addresses
|> of that adress block (ipv4) to the box as either seperate
|> addreses (not aliases to the primary interface) or seperate
|> addresses bound to sub-interfaces. So far I have been
|> unsuccessful and the host told me to use aliases.
|
|
| FreeBSD doesn't let you configure multiple IP addresses within the
| same subnet. You will either have to use different netmasks, or
| else use aliases as recommended.
|
|> I also wish for these settings to stay after (re)boot.
|
|
| See /etc/rc.conf, and add something like:
|
| # Sample alias entry. #ifconfig_lo0_alias0="inet 127.0.0.254
| netmask 0xffffffff"
|
|> Not to mention they say my firewall is the problem and they
|> couldn't get out to the internet from root console (im using pf
|> and have the rule of 'pass out all'.
|
|
| Hmm.
|
|> Next thing, a second account just 'showed up' on the box with uid
|> 0.
|>
|> toor:*:0:0:Bourne-again Superuser:/root: - from
|> /etc/master.passwd
|>
|> I suspect it was techs from the host, but I want it off the
|> machine. How do I do this?
|
|
| FreeBSD ships with a toor account available but disabled, which can
| be useful if someone breaks the shell used by the root account
| itself. If you want to get rid of it, run vipw.
|
- --
Marc Cabanatuan <mcabanatuan at wi.rr.com>
Network and Systems Administrator
A+, Net+, Linux+, CCNA, MCP
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFBIn6fQXmDWC9ByjIRAivrAKDcyJ62CuBDxZwLlt4FFqK483EiBgCbBkxk
ai4Q2sV0j9iK9DxEHeC/Tlk=
=jE6o
-----END PGP SIGNATURE-----
More information about the freebsd-questions
mailing list