through the various files.) To determine which jail
through the various files.) To determine which jail a process is part of, first find the directory for the process ID you’re interested in, and then look for a file named status. The last word in the status file is the host-name of the jail the process is running in. If the process is not jailed, the last word is a hyphen (-). Shutting Down a Jail When you shut down the host server, the various client jails are shut down as well. Shutting down a jail without shutting down the host is only slightly more complicated. Programs such as shutdown(8) and reboot(8) are useless for shutting down a jail because their main responsibility is to sync and unmount disks, disconnect the network, and so on. A virtual machine does not have those responsibilities. To shut down a jail, first log in to the jail as root. If your jail is hosting programs that like a nice, safe shutdown, such as databases, you should run the shutdown script to shut them down. ………………………………………………………………………………………. # /bin/sh /usr/local/etc/rc.d/programname.sh stop # /bin/sh /etc/rc.shutdown ………………………………………………………………………………………. Once that’s done, send the jail’s main process (-1) a shutdown signal, also known as signal 15. ………………………………………………………………………………………. # kill -15 -1 ………………………………………………………………………………………. This will shut down all jail processes. Since a jail is only processes, the jail will be shut down at this time. Note Do not do kill -15 -1 on a nonjailed server. You’ll shut down lots of stuff, leaving your system in a fairly useless state similar to single-user mode. Monitoring System Security So, you think your server is secure. Maybe it is, for now. Unfortunately, there’s a class of intruder with nothing better to do than to keep up on the latest security holes and try them out on systems they think might be vulnerable. Even if you read FreeBSD-security religiously and apply every single patch that comes along, you might still get hacked some day. While there is no way to be absolutely sure that you haven’t been hacked, the following hints will help you be aware when something does happen: Be familiar with your servers. Run ps -axx on them regularly, and learn what processes normally run on them. If you see a process you don’t recognize, investigate. Take a look at your open network ports via netstat -na and sockstat. What TCP and UDP ports should your server be listening on? If you don’t recognize a port, investigate. 183
Note: If you are looking for good and high quality web space to host and run your application check Lunarwebhost Inexpensive Web Hosting services