Thread: A Few Noob Questions.
View Single Post

   
  #3 (permalink)  
Old 05-10-2008, 02:01 PM
Tammy Lyn
 
Posts: n/a
Default Re: A Few Noob Questions.
On Fri, 09 May 2008 02:35:49 +0200, Joachim Schipper wrote:

> Tammy Lyn <Tlyn@notformail.com> wrote:
>> 1...My sound card is detected and works, however programs like
>> Xmms/Amarok will not allow me to use their volume controls, I'm limited
>> to the speaker volume controls. Both programs play and work fine but I
>> can't use the programs volume/equalizer controls.
>
> This is sound card specific, if I remember correctly. I'm pretty sure
> someone will be along to help you with this; if not, try posting a
> dmesg.

Ok. Thanks..

>> 2...Xorg is listening on port 6000. I don't need or want that. How to
>> disable?
>
> It doesn't actually accept data from anywhere unless you change things
> with xhost(1) and the like. In short, this is harmless.

Cool.

> The way to stop this is passing -nolisten tcp to the X binary (see
> Xserver(8)). How to do this will likely vary depending on how you start
> X (usually xinit or startx). This might break stuff, though.
>
> If you're really paranoid, you're better off configuring pf to block
> access.


I'm behind a router and the "Shields Up" test show no open ports.
Everything is stealth. https://www.grc.com/x/ne.dll?bh0bkyd2

Do I still need PF?

>> 3...'netstat -an' is showing my computer is listening on several ports
>> by default. How to disable sendmail etc?
>
> sendmail(8) doesn't accept data from outside either, at least not by
> default. See afterboot(8), under "Sendmail".

So it's okay to run sendmail for security reports etc?
What about syslogd?
On FreeBSD

syslogd_enable="YES"
syslogd_program="/usr/sbin/syslogd"
syslogd_flags="-ss"

syslogd_flags="-ss" will stop outside connections.
Does openbsd's syslog allow incoming connections?


> sshd(8) is also listening; make sure you either have a strong password
> for all relevant accounts or disallow password logins altogether.

I don't need sshd. How to disable? /etc/rc.conf sshd_enable=NO?

> The rest are run by inetd(8), see /etc/inetd.conf.

Since this is a desktop system. I can disable inetd?
I don't want any incoming connections to my computer from the outside. No telnet/sshd etc.

A fresh OpenBSD install disable these incoming connection by default unless you allow them?

> Relax. OpenBSD is secure by default.

Yes, that's why I chose it. My problem is that I don't know how to tweak the system
to make it secure. Jails/ and mandatory access control etc.

> P.S. What's with wrapping at 113 columns or some such nonsense? A
> classical terminal is 80 characters wide, so wrap at 72 columns or less
> to allow for some follow-ups.
> P.P.S. Welcome to OpenBSD! Feel free to post any questions you have
> either here or on misc@openbsd.org. Do read the FAQ, archives,
> afterboot(8), and any other relevant man pages first (man -k may be
> helpful). OpenBSD has very good documentation.

Sorry about the word wrap. I was using the default word wrap in PAN.
Hope I got that fixed.

Thanks for your help.
Reply With Quote