FedoraThis forum is for the discussion of the Fedora Project.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
A lot of that looks like stuff that should only be running on localhost. What does your /etc/hosts file look like? Fedora/RedHat has written this file dead wrong for some time
Also do a chkconfig --list and see what all is turned on. Looks like you have a good deal of services that I'm guessing you don't need.
- great it's supposed to be stopped from services menu GUI, but how to make a final no for isdn? I know a console command that will do that but isn't it enought I removed it form service to be started?
why on init 2? I don't use it, but not sure why it's set for 2,4 and 5, while not for 3 it's really interesting to understand that before I remove it from chkconfig
how to properly set it because I guess on 3 it's not needed just for 5 ok?
what's arptables_jf for? Automates a packet filtering firewall with arptables.?
how do I use that arptables to make a packet filter - don't need a manual just a tip, guess it's for binding stuff with MAC, or I'm confusing some terms?
and arpwatch? The arpwatch daemon attempts to keep track of ethernet/ip address pairings.? what for? faster local net since AFAIK it's a non-routable
Last edited by johnnydangerous; 02-08-2005 at 04:15 PM.
any ideas about: (question at bottom)
[root@cook ~]# netstat -apn |more
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:32768 0.0.0.0:* LISTEN 3412/rpc.statd
tcp 0 0 0.0.0.0:5900 0.0.0.0:* LISTEN 4735/vino-server
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 3392/portmap
tcp 0 0 0.0.0.0:6000 0.0.0.0:* LISTEN 4613/X
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 3526/cupsd
tcp 0 0 :::6000 :::* LISTEN 4613/X
tcp 0 0 :::22 :::* LISTEN 3723/sshd
udp 0 0 0.0.0.0:32768 0.0.0.0:* 3412/rpc.statd
udp 0 0 0.0.0.0:68 0.0.0.0:* 3313/dhclient
udp 0 0 0.0.0.0:620 0.0.0.0:* 3412/rpc.statd
udp 0 0 0.0.0.0:111 0.0.0.0:* 3392/portmap
udp 0 0 0.0.0.0:631 0.0.0.0:* 3526/cupsd
udp 0 0 84.238.135.26:123 0.0.0.0:* 3904/ntpd
udp 0 0 127.0.0.1:123 0.0.0.0:* 3904/ntpd
udp 0 0 0.0.0.0:123 0.0.0.0:* 3904/ntpd
udp 0 0 :::123 :::* 3904/ntpd
is it necessary for the X port 6000 to be binded twice? how to bind it just to localhost ?
and ntp 4 times wow pls someone how to lower ntp to just external ip?
and I want to bind VNC to local host too if possible?
this is driving me crazy - tcp 0 0 0.0.0.0:32768 0.0.0.0:* LISTEN 3412/rpc.statd why to have it opened???? I need to close it if possible?
best regards,
Last edited by johnnydangerous; 02-08-2005 at 05:01 PM.
statd is part of the NFS daemons. If you're not using NFS, turn it off. If you are, it's time for a firewall somewhere between that socket and the internet.
NTPd is the network time server. If you're not syncing time on other machines with that machine, turn it off.
X -- I forget the proceedure to disable the TCP sockets, but it can be done (and should in 99% of the cases out there.)
vncserver takes an argument of which display to start the server on. vncserver localhost:0 or whatever.
Great help just the kind I needed Thanks again! I just noticed thanks to you that it'a ntpdeamon I thought it's the client, which is wow, well I didn't specify in the first time just made it to load (the vncserver) but I don't want to be binded to *.* just localhost I'm begging for a quick tip I'm sure most of you use it, because I do it through ssh but still I don't want to see that binding I consider unappropriate. In few words can u point out top benefits of RHE u're using (I don't want the commercial version from web)
Last edited by johnnydangerous; 02-08-2005 at 05:24 PM.
The RHEL listed in my profile is work related. It wouldn't be there if I had my way about things, but those decisions are made by hapless people with letters after their names ... But I digress ...
On the VNC issue, I'd just disable the service (chkconfig --level 2345 vncserver off) and then start it as needed and tunnel it through ssh.
As for arpwatch and arptables_jf -- I have no idea. I don't have either of those things installed.
but also I want it to be enabled to whatever display is in use , how-to? and to listen on that 5900 but only for localhost (which i suppose is the needed config for ssh vnc)
unfortunately in GUI config remote desktop seems it's assuming the alias for my external IP which is not good wondering how to set it from a config file for example whichout interfering with GUI setup?
Last edited by johnnydangerous; 02-08-2005 at 06:20 PM.
If you are using a windows manager, you are in init level 5. The startx command will take you from level 3 to level 5. I don't see how using vnc in level 3 would make any sense.
If you are using a windows manager, you are in init level 5. The startx command will take you from level 3 to level 5. I don't see how using vnc in level 3 would make any sense.
If you use ssh, it will run commands on the remote computer using a different screen number in the display variable. I think it uses screen 11 by default. You be well advised to google for both ssh and vnc and compare. I believe that there is also a tight-vnc that may use the ssl library by default. OK, I just googled for that:
Quote:
-via gateway
Automatically create encrypted TCP tunnel to the gateway machine before connection, connect to the host through that tunnel (TightVNC-specific). By default, this option invokes SSH local port forwarding, assuming that SSH client binary can be accessed as /usr/bin/ssh. Note that when using the -via option, the host machine name should be specified as known to the gateway machine, e.g. "localhost" denotes the gateway, not the machine where vncviewer was launched. See the ENVIRONMENT section below for the information on configuring the -via option.
First, yes, runlevel is supposed to dictate if X runs or not, but in the real world, it doesn't. Example: Debian uses only 0, 1, 2 and 6.
Second, startx does not change what runlevel you're in.
Third, port forwards are not the same as X forwarding. A port forward is what that's talking about. X forwarding is what uses DISPLAY=:1x.0 -- the former lets you create tunneled ports through your SSH connection while the latter fakes using a remote X display. Most SSH servers are configured to do port forwards by default. This is not the case for X forwarding.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.