[ale] Linux Box is Garbage Spewer please help!

[Jonathan Rickman]

On Wed, 20 Jun 2001, djinn wrote:

> Greetings
>
> My ISP just waved a paper in my face proclaiming that one of two boxen
> that I run, both Linux, is spewing forth garbage...but he doesn't know
> which one.  Our outbound traffic went thru the roof last night, while
> inbound is its normal, sedate, tiny self.

Did they provide logs or packet captures? That would be a big help.

> Now, I certainly don't have anything set up to spew garbage, and I
> *think* all is well with my boxen...they're not acting peculiar and I
> know them pretty well.  Can anyone give me any diagnostic pointers in
> this case?  I'm not very knowledgable about what happens once a packet
> leave my box, so I'm having a hard time trying to figure out what to
> diagnose here or even how to diagnose it.

First, you'll need to do the same thing the ISP needs to do...get logs and
packet captures.

> While I await help, I'm going to run a clean lsof and my usual "have we
> been cracked" checksums and diagnostics...but should those fail to tell
> me anything...what do you guys suggest?

If those don't show anything, use tcpdump, or any sniffer for that matter,
and find out if you actually are "spewing garbage".

-- 
Jonathan Rickman
X Corps Security
http://www.xcorps.net



--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.