Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
Mandrake 9.0 - after having read various warnings about logging in as root when the adsl connection is up and running, I've got into the habit of going into the mandrake control centre, finding the connection thingy, and disconnecting, sometimes I get a little message about it detecting another connection, and something/somebody might be using my network.
What does this mean, is it something to do with server stuff that I might have running or is it something that I should be concerned with?
John, actually there are alot of messages on your box that the unaware, or un-familiar might seem like system being compromised, but that's because alot of your things run as seperate servers, and aren't all integrated so perfectly.
If you post some error messges, some of us might be able to "translate" them better for you.
I don't recall the exact wording Chad, but I seems to come up on the "connections dialogue", I often leave the mandrake control centre in the background, and just bring it back up to be able to disconnect, it is then that it comes up with Warning: a second connection has been detected, someone may be using your connection. or words to that effect.
Not being a command line nut, I don't know the difference between using gui to look at the logs and /var/logs/messages (pathetic eh!)that unspawn suggested, but I looked through all the various headings under the logs section, an apart from a few ip addresses that as far as I can tell (or remember) originate from my isp. Hence I am not sure what or how to check to see if someone has been "visiting".
I suspect that I have got something running serverwise, that is causing this, but I have to plead the usual "ignorance" excuse.
How some of the more knowledgeable types here have learned so much eludes me, trying to read some of the help stuff off a screen give me a headache.
But any suggestion what I need to look for and where will be very helpful, and next time I get the message I'll write it down and post it (I say next time, because I've been digging around to try and sort my sound snags - and have managed to kill something in the connection - SIOCDELRT - yarda yarda - line 150 command not found. This is the second time i've had this with the mandy 9.0 and both times I have ended up going through the rigmarole of re-installing the OS because what little I can find about it, means absolutely zero - and i've just re-installed and still haven't finished setting my connection and preferences etc)
Wow, that's really a horrible story John. I would have a heck of a time with Linux if everytime I crashed my box I reinstalled it.
I wouldn't worry too much about someone plugging around on your box, as long as you aren't being root, and have given root a hard-to-crack pass and things of the normal paranoia settings, then you are probably ok. But I think UnSpawn would have my name changed to blundering fool if I didn't also say that it is possible. You might wanna just see if you can grab some screens or something like that, makes it much easier than retyping an error message, you could save it to a fat32/ntfs partition and then bring it up when you go online and post it that way.
This is where a "catchall" rule in your /etc/syslog.conf comes in handy. If you add this line (w/o quotes and yes, <tab> is a tab):
"*.*<tab><tab>/var/log/catchall.log" , do a "touch /var/log/catchall.log" chmod it 0600 and then restart syslog, all error messages should be dumped there, unless an app dumps it to stderr.
Because it might be filling up quite fast you want to consider making a separate logrotate entry for it and call it from cron over a reasonable interval. If you set up a logrotate prerotation script you can even mail the interesting entries to yourself:
Whoooooooooosh! (the noise your post made as it shot straight over my head).
Seriously though, Thanks for the idea, since I read the post from bulliver, I can't recall seeing the prompt, but now I am going to watch out for it and start digging through the logs with paranoid obsession.
I am pretty sure that I don't have the luxury of static IP's as mentioned by ianr (I seem to recall that my provider charges extra for static IP's though when I do ifconfig the numbers don't change very much!).
Again, many thanks
p.s. being a linux dummy, is there a point where the logs are full and start to auto delete i.e. like cache memory in a browser????? or do they just carry on logging and eventually eat into available disc space? - sorry if this sounds like i'm being thick!