[TriLUG] 'muting' a linux box, so to speak...

Aaron S. Joyner aaron at joyner.ws
Tue May 25 08:33:17 EDT 2004


Also, don't forget that computers behind the linux box that have the 
ability to cause it to dial on demand (DOD), may be causing the same 
symptoms.  Mail checkers, antivirus updaters (recent versions of NAV 
default to updating every 4 hours) active destkop backgrounds, or even 
anything that tries to do a DNS query.  All those little things you take 
for granted when you have a dedicated internet connection can really 
play havoc with a DOD connection.

Aaron J.

Jon Carnes wrote:

>On Tue, 2004-05-25 at 01:06, Brian A. Henning wrote:
>  
>
>>Hi List Folk,
>>  I've got a friend running a linux box on his home lan, which includes a
>>Windows box providing ICS with a dial-up connection.  I'm trying to help him
>>get his linux machine configured so that it doesn't trigger an auto-dial on
>>his ICS box unless he does something deliberate, like opening a web browser
>>or otherwise issuing an internet-centric command.
>>  Is there a way to make a linux box that passive (but still able to
>>function with the 'net on demand)?  I tried disabling all the services that
>>I thought would automatically establish connections, but either I missed
>>something or that's not the whole answer.
>>  He's running FC1 and uses the machine mainly only for SMB file sharing and
>>just general self-education in the linux environment.  I had him give me the
>>output of `ps -e`, so here that is:
>>  PID TTY          TIME CMD
>>    1 ?        00:00:06 init
>>    2 ?        00:00:00 keventd
>>    3 ?        00:00:00 kapmd
>>    4 ?        00:00:00 ksoftirqd/0
>>    6 ?        00:00:00 bdflush
>>    5 ?        00:00:00 kswapd
>>    7 ?        00:00:00 kupdated
>>    8 ?        00:00:00 mdrecoveryd
>>   12 ?        00:00:00 kjournald
>>   81 ?        00:00:00 khubd
>> 2418 ?        00:00:00 kjournald
>> 4613 ?        00:00:00 syslogd
>> 4618 ?        00:00:00 klogd
>> 4639 ?        00:00:00 portmap
>> 4659 ?        00:00:00 rpc.statd
>> 4697 ?        00:00:00 apmd
>> 4737 ?        00:00:00 smartd
>> 4754 ?        00:00:00 cupsd
>> 4792 ?        00:00:00 sshd
>> 4808 ?        00:00:00 xinetd
>> 4818 ?        00:00:00 gpm
>> 4828 ?        00:00:00 crond
>> 4853 ?        00:00:01 xfs
>> 4863 ?        00:00:00 smbd
>> 4867 ?        00:00:00 nmbd
>> 4877 ?        00:00:00 anacron
>> 4886 ?        00:00:00 atd
>> 4896 ?        00:00:00 dbus-daemon-1
>> 4908 ?        00:00:00 miniserv.pl
>> 4914 tty1     00:00:00 mingetty
>> 4915 tty2     00:00:00 mingetty
>> 4916 tty3     00:00:00 mingetty
>> 4917 tty4     00:00:00 mingetty
>> 4918 tty5     00:00:00 mingetty
>> 4919 tty6     00:00:00 mingetty
>> 4920 ?        00:00:00 gdm-binary
>> 4955 ?        00:00:00 gdm-binary
>> 4956 ?        00:00:03 X
>> 5193 ?        00:00:00 startkde
>> 5530 ?        00:00:00 ssh-agent
>> 6260 ?        00:00:00 smbd
>> 6263 ?        00:00:00 kdeinit
>> 6266 ?        00:00:00 kdeinit
>> 6269 ?        00:00:00 kdeinit
>> 6272 ?        00:00:06 kdeinit
>> 6281 ?        00:00:03 artsd
>> 6292 ?        00:00:04 kdeinit
>> 6293 ?        00:00:00 kwrapper
>> 6295 ?        00:00:03 kdeinit
>> 6296 ?        00:00:05 kdeinit
>> 6298 ?        00:00:07 kdeinit
>> 6300 ?        00:00:06 kdeinit
>> 6301 ?        00:00:00 kdeinit
>> 6302 ?        00:00:00 autorun
>> 6308 ?        00:00:04 kdeinit
>> 6309 ?        00:00:00 pam-panel-icon
>>    
>>
>
>  
>
>> 6310 ?        00:00:00 eggcups
>>    
>>
>Cups can be set to look for updates on startup. I'm not sure if it comes
>that way by default.
>
>  
>
>> 6311 ?        00:00:00 pam_timestamp_c
>> 6312 ?        00:00:05 kdeinit
>> 6314 ?        00:00:00 gconfd-2
>>    
>>
>
>  
>
>> 6315 ?        00:00:04 rhn-applet-gui
>>    
>>
>The rhn-applet is going to hit the web looking for updates. Even if you
>shut it down, it may be in cron and popping up every now and then to
>make a network connection
>
>  
>
>> 6319 pts/2    00:00:00 bash
>> 6968 pts/2    00:00:00 ps
>>
>>So does anything there jump out at anyone?
>>
>>I'm not sure why rhn-applet-gui is running; I tried to disable rhn..  but at
>>any rate, there's something else causing it because on another attempt, I
>>closed the rhn applet and still the auto-dialer kicked in after a while.
>>
>>Thanks to everyone who helps me ponder this one.
>>
>>Cheers,
>>~Brian
>>    
>>
>
>Try looking at the Cron files to see what is kicked off at regular
>intervals.  Also you can run ethereal on the box and have it capture all
>packets passing through the network interface.  That will get you what
>you want very quickly.
>
>Good luck - Jon Carnes
>
>  
>




More information about the TriLUG mailing list