[ale] Linux Box is Garbage Spewer please help!

Ankur Chatterjee ankur at 5sc.net
Wed Jun 20 12:18:47 EDT 2001 

Try using a sniffer such as Ethereal or even raw tcpdump. You will need to
compile libpcap to use either of these, but Ethereal is a great util that
will organize the packets into TCP/UDP/<INSERT PROTOCOL HERE> categories and
give you gobs of information about each packet. You can even follow a
particular selected TCP stream if neccessary. Capture some of the info that
you acquire into logs and if it does show garbage packets being generated,
try finding the processes that are causing it. If not, show those logs to
your ISP and hopefully they'll realize they're victims of a id10t error.
Good luck!

- Ankur Chatterjee
  Network Engineer
  Five Star Communications
  mobile: 678/612.5033
  e-mail: ankur at 5sc.net

-----Original Message-----
From: owner-ale at ale.org [mailto:owner-ale at ale.org]On Behalf Of djinn
To: ale at ale.org
Sent: Wednesday, June 20, 2001 11:45 AM
To: ale at ale.org
Subject: [ale] Linux Box is Garbage Spewer please help!


Greetings

My ISP just waved a paper in my face proclaiming that one of two boxen
that I run, both Linux, is spewing forth garbage...but he doesn't know
which one.  Our outbound traffic went thru the roof last night, while
inbound is its normal, sedate, tiny self.

Now, I certainly don't have anything set up to spew garbage, and I
*think* all is well with my boxen...they're not acting peculiar and I
know them pretty well.  Can anyone give me any diagnostic pointers in
this case?  I'm not very knowledgable about what happens once a packet
leave my box, so I'm having a hard time trying to figure out what to
diagnose here or even how to diagnose it.

While I await help, I'm going to run a clean lsof and my usual "have we
been cracked" checksums and diagnostics...but should those fail to tell
me anything...what do you guys suggest?

Please help??

TIA
jenn
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message
body.

--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.

More information about the Ale mailing list