[TriLUG] 'muting' a linux box, so to speak...
Jon Carnes
jonc at nc.rr.com
Tue May 25 07:44:38 EDT 2004
On Tue, 2004-05-25 at 01:06, Brian A. Henning wrote:
> Hi List Folk,
> I've got a friend running a linux box on his home lan, which includes a
> Windows box providing ICS with a dial-up connection. I'm trying to help him
> get his linux machine configured so that it doesn't trigger an auto-dial on
> his ICS box unless he does something deliberate, like opening a web browser
> or otherwise issuing an internet-centric command.
> Is there a way to make a linux box that passive (but still able to
> function with the 'net on demand)? I tried disabling all the services that
> I thought would automatically establish connections, but either I missed
> something or that's not the whole answer.
> He's running FC1 and uses the machine mainly only for SMB file sharing and
> just general self-education in the linux environment. I had him give me the
> output of `ps -e`, so here that is:
> PID TTY TIME CMD
> 1 ? 00:00:06 init
> 2 ? 00:00:00 keventd
> 3 ? 00:00:00 kapmd
> 4 ? 00:00:00 ksoftirqd/0
> 6 ? 00:00:00 bdflush
> 5 ? 00:00:00 kswapd
> 7 ? 00:00:00 kupdated
> 8 ? 00:00:00 mdrecoveryd
> 12 ? 00:00:00 kjournald
> 81 ? 00:00:00 khubd
> 2418 ? 00:00:00 kjournald
> 4613 ? 00:00:00 syslogd
> 4618 ? 00:00:00 klogd
> 4639 ? 00:00:00 portmap
> 4659 ? 00:00:00 rpc.statd
> 4697 ? 00:00:00 apmd
> 4737 ? 00:00:00 smartd
> 4754 ? 00:00:00 cupsd
> 4792 ? 00:00:00 sshd
> 4808 ? 00:00:00 xinetd
> 4818 ? 00:00:00 gpm
> 4828 ? 00:00:00 crond
> 4853 ? 00:00:01 xfs
> 4863 ? 00:00:00 smbd
> 4867 ? 00:00:00 nmbd
> 4877 ? 00:00:00 anacron
> 4886 ? 00:00:00 atd
> 4896 ? 00:00:00 dbus-daemon-1
> 4908 ? 00:00:00 miniserv.pl
> 4914 tty1 00:00:00 mingetty
> 4915 tty2 00:00:00 mingetty
> 4916 tty3 00:00:00 mingetty
> 4917 tty4 00:00:00 mingetty
> 4918 tty5 00:00:00 mingetty
> 4919 tty6 00:00:00 mingetty
> 4920 ? 00:00:00 gdm-binary
> 4955 ? 00:00:00 gdm-binary
> 4956 ? 00:00:03 X
> 5193 ? 00:00:00 startkde
> 5530 ? 00:00:00 ssh-agent
> 6260 ? 00:00:00 smbd
> 6263 ? 00:00:00 kdeinit
> 6266 ? 00:00:00 kdeinit
> 6269 ? 00:00:00 kdeinit
> 6272 ? 00:00:06 kdeinit
> 6281 ? 00:00:03 artsd
> 6292 ? 00:00:04 kdeinit
> 6293 ? 00:00:00 kwrapper
> 6295 ? 00:00:03 kdeinit
> 6296 ? 00:00:05 kdeinit
> 6298 ? 00:00:07 kdeinit
> 6300 ? 00:00:06 kdeinit
> 6301 ? 00:00:00 kdeinit
> 6302 ? 00:00:00 autorun
> 6308 ? 00:00:04 kdeinit
> 6309 ? 00:00:00 pam-panel-icon
> 6310 ? 00:00:00 eggcups
Cups can be set to look for updates on startup. I'm not sure if it comes
that way by default.
> 6311 ? 00:00:00 pam_timestamp_c
> 6312 ? 00:00:05 kdeinit
> 6314 ? 00:00:00 gconfd-2
> 6315 ? 00:00:04 rhn-applet-gui
The rhn-applet is going to hit the web looking for updates. Even if you
shut it down, it may be in cron and popping up every now and then to
make a network connection
> 6319 pts/2 00:00:00 bash
> 6968 pts/2 00:00:00 ps
>
> So does anything there jump out at anyone?
>
> I'm not sure why rhn-applet-gui is running; I tried to disable rhn.. but at
> any rate, there's something else causing it because on another attempt, I
> closed the rhn applet and still the auto-dialer kicked in after a while.
>
> Thanks to everyone who helps me ponder this one.
>
> Cheers,
> ~Brian
Try looking at the Cron files to see what is kicked off at regular
intervals. Also you can run ethereal on the box and have it capture all
packets passing through the network interface. That will get you what
you want very quickly.
Good luck - Jon Carnes
More information about the TriLUG
mailing list