From: Allen Parker (infowolfe_at_gmail.com)
Date: Wed 27 Apr 2005 - 10:51:19 BST
seems you haven't setup services on your main host to only bind to
10.0.0.1, which used to be a pre-requisite whenever setting up new
virtual-servers.
On 4/27/05, Gaz Wilson <dragon_at_dragons.org.uk> wrote:
>
> Hi all!
>
> I am running a single physical host, say 10.0.0.1 with a single vhost
> on, say 10.0.0.20.
>
> On the main host, I have ssh running to be able to get onto the machine
> to admin the vservers. Within the vserver, I do NOT have ssh running.
>
> When I nmap the machine (10.0.0.1), I get a list of ports, including SSH.
>
> When I nmap the vserver (10.0.0.20), I get the exact same list of ports
> as when I nmap the main server!!! I can even ssh to my vserver's IP
> and get logged into the physical host! This is no good to me for security
> reasons - so what have I done wrong? Why doesn't nmap'ing the vserver
> address only show the services which are running in the vserver? How
> does the vserver see whats running on the main host?
>
> Please xplain to me :)
>
> G
>
> --
> / Gary Wilson, aka dragon/dragonlord/dragonv480 \
> .'(_.------. e: dragon_at_northernscum.org.uk MSN: dragonv480 .------._)`.
> < _ | Skype:dragonv480 ICQ:342070475 AIM:dragonv480 | _ >
> `.( `------' w: http://volvo480.northernscum.org.uk `------' ).'
> \ w: http://www.northernscum.org.uk /
> _______________________________________________
> Vserver mailing list
> Vserver_at_list.linux-vserver.org
> http://list.linux-vserver.org/mailman/listinfo/vserver
>
-- ________________________________________ To avoid being added to my spam filter: 1. Utilize list replies unless otherwise requested. 2. If you DO send me a personal email, use english. 3. HTML isn't cute. It belongs on the web, not in my inbox. _______________________________________________ Vserver mailing list Vserver_at_list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver