Latest image
Recent comments
- iptables entry
21 weeks 3 days ago - Don't download the linked
47 weeks 5 days ago - blue bonnets
1 year 3 weeks ago - I prefer sim city 2000's
1 year 3 weeks ago - fw_laptop on servers
1 year 3 weeks ago
My identi.ca posts
My Other Sites
Creative Commons
Subscribe
Blog:
Podcast:
Photoblog:
Statistics
OS Install Experiences - Part 3: PC-BSD [Update]
Fri, 2006-06-02 02:07 — Uwe Hermann
Note: This article is part of my OS Install Experiences series.
I'll continue with the recently released operating system PC-BSD 1.1, which is based on FreeBSD 6.1.
This is actually the first time I installed a BSD-like OS, so I thought it would be a bit of a hassle. But I was surprised to find that the install was really pretty easy (which is a major goal of PC-BSD, as I understand it). I didn't even read a manual or installation instructions or anything...
Install
- First, I downloaded a PC-BSD 1.1 CD #1 image, burned it on a CD, and booted from that.
- The first installer screen is text-based (later it's graphical), and allows you to choose between a normal install ("boot FreeBSD"), install "with ACPI", "safe mode", "single user mode", and "with verbose logging". You can also "escape to loader prompt", or "reboot".
- While the installer runs, it merely shows a nice desktop background, pressing any key shows you the boot messages.
- After a while you can select a screen resolution for the graphical installer, run fdisk, escape into an "emergency shell", chroot into the root partition, or reboot. Default is to start the installation at a pre-selected screen resolution.
- You can choose the language and keyboard layout. Although you can click "back" to return to previous steps in the installer, you can not go back to the language/keyboard selection later!
- Partitioning. First, you can choose on which disk to install, then choose the partition to use. The list only shows the primary partitions and an "extended DOS" partition. Device names for disks are a bit different in BSD world.
/dev/ad0(counting starts at 0) is the first disk,/dev/ad0s1(counting starts at 1) the first "partition" (called "slice" in BSD). It doesn't seem to be possible to install PC-BSD on an extended partition (please correct me if I'm wrong), so I installed it on/dev/hda2(/dev/ad0s2in BSD-speak), which is a primary partition. To make things more complex and confusing, a BSD slice can contain multiple "partitions" (not the same as Linux partitions!). I now have/dev/ad0s2a, which is the boot partition, and/dev/ad0s2b, the swap partition. Confused? Me too. - Note that changes made to the partition table seem to be effective immediately, there's no way to go back without losing data! Debian's installer is better at this. The default PC-BSD file system is UFS, btw.
- The hardware will be automatically detected (worked quite well for me).
- You can now choose to either install the BSD bootloader in the MBR, or install no bootloader at all. Not sure what the best thing for me is here, but I decided to install the BSD bootloader (overwriting GRUB). I might have to re-install GRUB (and tell it about PC-BSD) if the BSD bootloader cannot boot the other (Linux) OSes.
- Now I must enter the root password, and I can also create another user. I noticed that passwords can only contain alpha-numeric characters (no %$§,.#+!? and so on). WTF? They can't be serious... Also, you must enter a real name for the normal user, it won't let you continue until you type something... Pretty annoying. There's a checkbox called "Auto-Login User?" which is enabled by default, but I didn't find out what exactly that does...
- The network is successfully auto-configured via DHCP. I was not asked for a hostname, but typed
hostnameafter the install and I gotPCBSD.localhost. - Reboot. The CD is not ejected automatically, you have to remove it manually before booting up.
- I'm asked to insert CD 2 (language packs), which I don't have (or want), as I only burned CD 1. Clicking "abort" does the trick, and I can continue with English as the default language.
- Finally, I'm dropped into a KDE session, and that's it.
Security
Update 2006-06-02: Added IPv6 netstat/sockstat output.
Update 2006-06-02: Shortened the length of the article on my main webpage as well as the RSS feed. But you can always read the whole article here, of course.
- Portscan from another box:
PORT STATE SERVICE 22/tcp open ssh 139/tcp open netbios-ssn 445/tcp open microsoft-ds 631/tcp open ipp
ssh is configured to not allow root logins per default.
- netstat output:
%sockstat -l -4 -6 USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS root smbd 771 19 tcp4 *:445 *:* root smbd 771 20 tcp4 *:139 *:* root nmbd 763 6 udp4 *:137 *:* root nmbd 763 7 udp4 *:138 *:* root nmbd 763 8 udp4 192.168.0.4:137 *:* root nmbd 763 9 udp4 192.168.0.4:138 *:* root cupsd 703 0 tcp4 *:631 *:* root cupsd 703 2 udp4 *:631 *:* root sendmail 658 4 tcp4 127.0.0.1:25 *:* root sshd 630 3 tcp6 *:22 *:* root sshd 630 4 tcp4 *:22 *:* root syslogd 480 6 udp6 *:514 *:* root syslogd 480 7 udp4 *:514 *:*
Gah, netstat options differ quite a bit from the Linux netstat implementation. After some googling I found you can use either
netstat -f inet -an, orsockstat -l -4. - Some permissions:
-rw-r--r-- 2 root wheel 801 Sep 18 2005 .cshrc -rw-r--r-- 2 root wheel 251 Sep 18 2005 .profile drwxr-xr-x 2 root wheel 512 Jan 9 19:28 .qt drwxrwxr-x 2 root operator 512 May 31 12:56 .snap -r--r--r-- 1 root wheel 6188 Sep 18 2005 COPYRIGHT drwxr-xr-x 14 root wheel 512 May 31 12:57 PCBSD drwxr-xr-x 7 root wheel 512 Aug 2 2005 Programs drwxr-xr-x 2 root wheel 1024 May 22 14:13 bin lrwxr-xr-x 1 root wheel 10 Nov 2 2005 compat -> usr/compat dr-xr-xr-x 5 root wheel 512 Dec 31 1969 dev -rw------- 1 root wheel 4096 May 26 09:52 entropy drwxr-xr-x 18 root wheel 2048 May 31 21:07 etc lrwxrwxrwx 1 root wheel 8 Jan 10 21:48 home -> usr/home dr-xr-xr-x 2 root wheel 512 Sep 18 2005 proc drwxr-xr-x 2 root wheel 2560 May 22 14:14 rescue drwxr-xr-x 4 root wheel 512 May 31 21:21 root lrwxr-xr-x 1 root wheel 11 May 22 14:12 sys -> usr/src/sys drwxrwxrwx 10 root wheel 512 May 31 21:07 tmp drwxr-xr-x 3 root wheel 512 May 31 13:56 /usr/home drwxr-xr-x 7 uwe uwe 1024 May 31 21:07 /home/uwe/ crw-rw-rw- 1 root operator 0, 98 May 31 21:01 acd0 crw-r--r-- 1 root wheel 0, 30 May 31 21:01 acpi crw-r----- 1 root operator 0, 96 May 31 21:01 ad0* crw-r----- 1 root operator 0, 97 May 31 21:01 ad1* crw------- 1 root wheel 0, 32 May 31 21:01 agpgart crw-rw-r-- 1 root operator 0, 31 May 31 21:01 apm crw------- 1 root operator 0, 29 May 31 21:01 ata crw------- 1 root wheel 0, 64 May 31 21:01 atkbd0 crw-rw-rw- 1 root wheel 0, 37 May 31 21:01 audio0.* crw------- 1 root wheel 0, 142 May 31 21:01 bpf0 crw-rw-rw- 1 root operator 0, 141 May 31 21:01 cd0 crw------- 1 root wheel 0, 11 May 31 21:20 console crw------- 1 root wheel 0, 82 May 31 21:01 consolectl crw-rw-rw- 1 root wheel 0, 12 May 31 21:01 ctty crw-rw---- 1 uucp dialer 0, 55 May 31 21:01 cuad* crw------- 1 root wheel 0, 4 May 31 21:01 devctl cr-------- 1 root wheel 0, 94 May 31 21:01 devstat dr-xr-xr-x 2 root wheel 512 Dec 31 1969 dri crw-rw-rw- 1 root wheel 0, 35 May 31 22:40 dsp* dr-xr-xr-x 2 root wheel 512 Dec 31 1969 fd crw-r----- 1 root operator 0, 95 May 31 21:01 fd0 crw------- 1 root wheel 0, 16 May 31 21:01 fido crw-r----- 1 root operator 0, 5 May 31 21:01 geom.ctl crw------- 1 root wheel 0, 17 May 31 21:01 io crw------- 1 root wheel 0, 25 May 31 21:01 kbdmux0 crw------- 1 root wheel 0, 7 May 31 21:01 klog crw-r----- 1 root kmem 0, 28 May 31 21:01 kmem crw------- 1 root wheel 0, 49 May 31 21:01 lpt0* crw------- 1 root wheel 0, 93 May 31 21:01 mdctl crw-r----- 1 root kmem 0, 27 May 31 21:01 mem crw-rw-rw- 1 root wheel 0, 34 May 31 21:01 mixer0 dr-xr-xr-x 2 root wheel 512 Dec 31 1969 net crw------- 1 root wheel 0, 3 May 31 21:01 network crw------- 1 root wheel 0, 84 May 31 21:01 nfs4 crw------- 1 root kmem 0, 15 May 31 21:01 nfslock crw-rw-rw- 1 root wheel 0, 8 May 31 22:33 null crw-rw-rw- 1 root operator 0, 140 May 31 21:01 pass0 crw-r--r-- 1 root wheel 0, 10 May 31 21:01 pci crw------- 1 root wheel 0, 85 May 31 21:01 pf crw------- 1 root wheel 0, 51 May 31 21:01 ppi0 crw-rw-rw- 1 root wheel 0, 146 May 31 21:01 ptyp* crw-rw-rw- 1 root wheel 0, 13 May 31 21:01 random cr--r--r-- 1 root wheel 0, 6 May 31 21:01 sndstat crw------- 1 root wheel 0, 18 May 31 21:01 sysmouse crw------- 1 root wheel 0, 52 May 31 21:01 ttyd* crw--w---- 1 uwe tty 0, 147 May 31 21:01 ttyp0 crw------- 1 uwe tty 0, 149 May 31 22:40 ttyp1 crw------- 1 root tty 0, 66 May 31 21:07 ttyv0 crw------- 1 root wheel 0, 67 May 31 21:02 ttyv[1-9a-f] crw-r--r-- 1 root operator 0, 83 May 31 21:01 ums0 lrwxr-xr-x 1 root wheel 6 Dec 31 1969 urandom -> random crw-rw---- 1 root operator 0, 45 May 31 21:01 usb* crw-rw-rw- 1 root operator 0, 92 May 31 21:01 xpt0 crw-rw-rw- 1 root wheel 0, 9 May 31 21:01 zero
At least
/rootand/home/*could use achmod 700. - Default users and shells:
root:*:0:0:Charlie &:/root:/bin/csh toor:*:0:0:Bourne-again Superuser:/root: daemon:*:1:1:Owner of many system processes:/root:/usr/sbin/nologin operator:*:2:5:System &:/:/usr/sbin/nologin bin:*:3:7:Binaries Commands and Source:/:/usr/sbin/nologin tty:*:4:65533:Tty Sandbox:/:/usr/sbin/nologin kmem:*:5:65533:KMem Sandbox:/:/usr/sbin/nologin games:*:7:13:Games pseudo-user:/usr/games:/usr/sbin/nologin news:*:8:8:News Subsystem:/:/usr/sbin/nologin man:*:9:9:Mister Man Pages:/usr/share/man:/usr/sbin/nologin sshd:*:22:22:Secure Shell Daemon:/var/empty:/usr/sbin/nologin smmsp:*:25:25:Sendmail Submission User:/var/spool/clientmqueue:/usr/sbin/nologin mailnull:*:26:26:Sendmail Default User:/var/spool/mqueue:/usr/sbin/nologin bind:*:53:53:Bind Sandbox:/:/usr/sbin/nologin proxy:*:62:62:Packet Filter pseudo-user:/nonexistent:/usr/sbin/nologin _pflogd:*:64:64:pflogd privsep user:/var/empty:/usr/sbin/nologin _dhcp:*:65:65:dhcp programs:/var/empty:/usr/sbin/nologin uucp:*:66:66:UUCP pseudo-user:/var/spool/uucppublic:/usr/local/libexec/uucp/uucico pop:*:68:6:Post Office Owner:/nonexistent:/usr/sbin/nologin www:*:80:80:World Wide Web Owner:/nonexistent:/usr/sbin/nologin nobody:*:65534:65534:Unprivileged user:/nonexistent:/usr/sbin/nologin cyrus:*:60:60:the cyrus mail server:/nonexistent:/usr/sbin/nologin uwe:*:1001:1001:U:/home/uwe:/bin/csh
Now, this is nice. The default shell for system users seems to be
/usr/sbin/nologin. Default for normal users is/bin/csh. There's no/etc/shadow, but/etc/master.passwdseems to serve the same purpose. MD5 hashes seem to be used to store passwords (hashes begin with$1$). - Setuid/setgid files:
# find / -type f \( -perm -4000 -o -perm -2000 \) -exec ls -ld '{}' \; -r-sr-xr-x 1 root wheel 18332 May 22 14:13 /bin/rcp -rwsr-sr-t 2 root wheel 10832 May 22 14:14 /sbin/mdmfs -rwsr-sr-t 2 root wheel 10832 May 22 14:14 /sbin/mount_mfs -r-sr-x--- 1 root operator 4912 May 22 14:14 /sbin/mksnap_ffs -rwsr-sr-t 1 root wheel 14968 May 22 14:14 /sbin/mount -rwsr-sr-t 1 root wheel 7908 May 22 14:14 /sbin/mount_cd9660 -rwsr-sr-t 1 root wheel 6212 May 22 14:14 /sbin/mount_ext2fs -rwsr-sr-t 1 root wheel 10408 May 22 14:14 /sbin/mount_msdosfs -rwsr-sr-t 1 root wheel 16884 May 22 14:14 /sbin/mount_nfs -rwsr-sr-t 1 root wheel 15220 May 22 14:14 /sbin/mount_nfs4 -rwsr-sr-t 1 root wheel 10304 May 22 14:14 /sbin/mount_ntfs -rwsr-sr-t 1 root wheel 6152 May 22 14:14 /sbin/mount_nullfs -rwsr-sr-t 1 root wheel 6148 May 22 14:14 /sbin/mount_reiserfs -rwsr-sr-t 5 root wheel 6192 May 22 14:14 /sbin/mount_std -rwsr-sr-t 5 root wheel 6192 May 22 14:14 /sbin/mount_devfs -rwsr-sr-t 5 root wheel 6192 May 22 14:14 /sbin/mount_fdescfs -rwsr-sr-t 5 root wheel 6192 May 22 14:14 /sbin/mount_linprocfs -rwsr-sr-t 5 root wheel 6192 May 22 14:14 /sbin/mount_procfs -rwsr-sr-t 1 root wheel 6868 May 22 14:14 /sbin/mount_udf -rwsr-sr-t 1 root wheel 7472 May 22 14:14 /sbin/mount_umapfs -rwsr-sr-t 1 root wheel 6184 May 22 14:14 /sbin/mount_unionfs -r-sr-xr-x 1 root wheel 21792 May 22 14:14 /sbin/ping -r-sr-xr-x 1 root wheel 28660 May 22 14:14 /sbin/ping6 -r-sr-x--- 1 root operator 10148 May 22 14:14 /sbin/shutdown -rwsr-sr-t 1 root wheel 14276 May 22 14:14 /sbin/umount -rwsr-sr-t 1 uwe uwe 661 Mar 28 12:20 /sbin/mount_auto -r-sr-xr-x 4 root wheel 20948 May 22 14:14 /usr/bin/at -r-sr-xr-x 4 root wheel 20948 May 22 14:14 /usr/bin/atq -r-sr-xr-x 4 root wheel 20948 May 22 14:14 /usr/bin/atrm -r-sr-xr-x 4 root wheel 20948 May 22 14:14 /usr/bin/batch -r-xr-sr-x 1 root kmem 8500 May 22 14:14 /usr/bin/btsockstat -r-sr-xr-x 6 root wheel 17532 May 22 14:14 /usr/bin/chpass -r-sr-xr-x 6 root wheel 17532 May 22 14:14 /usr/bin/chfn -r-sr-xr-x 6 root wheel 17532 May 22 14:14 /usr/bin/chsh -r-sr-xr-x 6 root wheel 17532 May 22 14:14 /usr/bin/ypchpass -r-sr-xr-x 6 root wheel 17532 May 22 14:14 /usr/bin/ypchfn -r-sr-xr-x 6 root wheel 17532 May 22 14:14 /usr/bin/ypchsh -r-xr-sr-x 1 root kmem 14340 May 22 14:14 /usr/bin/fstat -r-sr-xr-x 1 root wheel 7680 May 22 14:14 /usr/bin/lock -r-sr-xr-x 1 root wheel 17616 May 22 14:14 /usr/bin/login -r-xr-sr-x 1 root kmem 114864 May 22 14:14 /usr/bin/netstat -r-sr-xr-x 1 root wheel 4128 May 22 14:14 /usr/bin/opieinfo -r-sr-xr-x 1 root wheel 10572 May 22 14:14 /usr/bin/opiepasswd -r-sr-xr-x 2 root wheel 5828 May 22 14:14 /usr/bin/passwd -r-sr-xr-x 2 root wheel 5828 May 22 14:14 /usr/bin/yppasswd -r-sr-xr-x 1 root wheel 10140 May 22 14:14 /usr/bin/rlogin -r-sr-xr-x 1 root wheel 8016 May 22 14:14 /usr/bin/rsh -r-sr-xr-x 1 root wheel 11992 May 22 14:15 /usr/bin/su -r-xr-sr-x 1 root tty 10536 May 22 14:15 /usr/bin/wall -r-xr-sr-x 1 root tty 8172 May 22 14:15 /usr/bin/write -r-sr-xr-x 1 root wheel 24544 May 22 14:15 /usr/bin/crontab -r-xr-sr-x 1 root smmsp 582752 May 22 14:15 /usr/libexec/sendmail/sendmail -r-sr-xr-x 1 root wheel 3400 May 22 14:13 /usr/libexec/pt_chown -r-sr-xr-x 1 root wheel 4244 Mar 2 08:29 /usr/local/bin/artswrapper -rwsr-xr-x 1 root wheel 11001 Oct 10 2005 /usr/local/bin/fileshareset -rwsr-xr-x 1 root wheel 5936 Apr 12 12:39 /usr/local/bin/kpac_dhcp_helper -rwsr-xr-x 1 root wheel 5972 Apr 12 12:14 /usr/local/bin/kgrantpty -r-xr-sr-x 1 root kmem 39780 Apr 12 18:28 /usr/local/bin/ksysguardd -rwsr-xr-x 1 root wheel 10812 Apr 12 18:06 /usr/local/bin/kcheckpass -rwxr-sr-x 1 root nogroup 49324 Apr 12 18:08 /usr/local/bin/kdesud -rwsr-xr-x 1 root wheel 595620 Apr 12 21:46 /usr/local/bin/kppp -rwsr-xr-x 1 root daemon 8848 Mar 2 10:17 /usr/local/bin/lppasswd -r-sr-xr-x 1 root wheel 5744 Oct 11 2005 /usr/local/sbin/eject -r-sr-sr-x 1 root authpf 14724 May 22 14:15 /usr/sbin/authpf -r-xr-sr-x 1 root daemon 43112 May 22 14:15 /usr/sbin/lpc -r-sr-xr-x 1 root wheel 15844 May 22 14:15 /usr/sbin/mrinfo -r-sr-xr-x 1 root wheel 30452 May 22 14:15 /usr/sbin/mtrace -r-sr-x--- 1 root network 324192 May 22 14:15 /usr/sbin/ppp -r-sr-x--- 1 root dialer 96760 May 22 14:15 /usr/sbin/pppd -r-sr-x--- 1 root network 11636 May 22 14:15 /usr/sbin/sliplogin -r-sr-xr-x 1 root wheel 14908 May 22 14:15 /usr/sbin/timedc -r-sr-xr-x 1 root wheel 19168 May 22 14:15 /usr/sbin/traceroute -r-sr-xr-x 1 root wheel 16212 May 22 14:15 /usr/sbin/traceroute6 -r-xr-sr-x 1 root kmem 8252 May 22 14:15 /usr/sbin/trpt -rws--x--x 1 root wheel 257252 Apr 12 11:03 /usr/X11R6/bin/xterm -rws--x--x 1 root wheel 1677417 Apr 12 10:55 /usr/X11R6/bin/XorgQuite a lot more than other OSes, I have the impression. They use sendmail?! Or is that a more secure replacement? Didn't check...
- World-writable files:
# find / -not -type l -perm -o+w -exec ls -ld '{}' \; drwxrwxrwx 10 root wheel 512 May 31 21:51 /tmp drwxrwxrwt 2 root wheel 512 May 31 21:07 /tmp/.X11-unix srwxrwxrwx 1 root wheel 0 May 31 21:07 /tmp/.X11-unix/X0 drwxrwxrwt 2 root wheel 512 May 31 21:07 /tmp/.ICE-unix drwxrwxrwt 2 root wheel 512 May 31 21:01 /tmp/.font-unix drwxrwxrwt 2 root wheel 512 May 31 21:01 /tmp/.XIM-unix srw-rw-rw- 1 root wheel 0 May 31 21:01 /var/run/devd.pipe srw-rw-rw- 1 root wheel 0 May 31 21:01 /var/run/log srw-rw-rw- 1 root wheel 0 May 31 21:07 /var/run/xdmctl/dmctl/socket srw-rw-rw- 1 root wheel 0 May 31 21:07 /var/run/xdmctl/dmctl-:0/socket drwxrwxrwt 2 root wheel 512 Apr 12 10:40 /var/spool/samba drwxrwxrwt 5 root wheel 512 May 31 21:07 /var/tmp drwxrwxrwt 2 root wheel 512 May 31 21:51 /var/tmp/vi.recover drwxrwxrwx 2 root wheel 512 May 11 2005 /Programs/.tmp crw-rw-rw- 1 root wheel 0, 8 May 31 21:44 /dev/null crw-rw-rw- 1 root wheel 0, 9 May 31 21:01 /dev/zero crw-rw-rw- 1 root wheel 0, 12 May 31 21:01 /dev/ctty crw-rw-rw- 1 root wheel 0, 13 May 31 21:01 /dev/random crw-rw-rw- 1 root wheel 0, 19 May 31 21:01 /dev/fd/0 crw-rw-rw- 1 root wheel 0, 21 May 31 21:01 /dev/fd/1 crw-rw-rw- 1 root wheel 0, 23 May 31 21:01 /dev/fd/2 crw-rw-rw- 1 root wheel 0, 34 May 31 21:01 /dev/mixer0 crw-rw-rw- 1 root wheel 0, 35 May 31 21:41 /dev/dsp0.0 crw-rw-rw- 1 root wheel 0, 36 May 31 21:01 /dev/dspW0.0 crw-rw-rw- 1 root wheel 0, 37 May 31 21:01 /dev/audio0.0 crw-rw-rw- 1 root wheel 0, 38 May 31 21:01 /dev/dsp0.1 crw-rw-rw- 1 root wheel 0, 39 May 31 21:01 /dev/dspW0.1 crw-rw-rw- 1 root wheel 0, 40 May 31 21:01 /dev/audio0.1 crw-rw-rw- 1 root wheel 0, 41 May 31 21:01 /dev/dspr0.1 crw-rw-rw- 1 root operator 0, 92 May 31 21:01 /dev/xpt0 crw-rw-rw- 1 root operator 0, 98 May 31 21:01 /dev/acd0 crw-rw-rw- 1 root wheel 0, 128 May 31 21:01 /dev/dsp0.2 crw-rw-rw- 1 root wheel 0, 129 May 31 21:01 /dev/dspW0.2 crw-rw-rw- 1 root wheel 0, 130 May 31 21:01 /dev/audio0.2 crw-rw-rw- 1 root wheel 0, 131 May 31 21:01 /dev/dsp0.3 crw-rw-rw- 1 root wheel 0, 132 May 31 21:01 /dev/dspW0.3 crw-rw-rw- 1 root wheel 0, 133 May 31 21:01 /dev/audio0.3 crw-rw-rw- 1 root wheel 0, 134 May 31 21:01 /dev/dsp0.4 crw-rw-rw- 1 root wheel 0, 135 May 31 21:01 /dev/dspW0.4 crw-rw-rw- 1 root wheel 0, 136 May 31 21:01 /dev/audio0.4 crw-rw-rw- 1 root wheel 0, 137 May 31 21:01 /dev/dsp0.5 crw-rw-rw- 1 root wheel 0, 138 May 31 21:01 /dev/dspW0.5 crw-rw-rw- 1 root wheel 0, 139 May 31 21:01 /dev/audio0.5 crw-rw-rw- 1 root operator 0, 140 May 31 21:01 /dev/pass0 crw-rw-rw- 1 root operator 0, 141 May 31 21:01 /dev/cd0 crw-rw-rw- 1 root wheel 0, 146 May 31 21:01 /dev/ptyp0 crw-rw-rw- 1 root wheel 0, 148 May 31 21:53 /dev/ptyp1
That's it.
Comments, suggestions, flames?
Comments
netstat
I think you should also check for IPv6 sockets.
sockstat -l -4 -6
Added, thanks.