LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 07-27-2006, 02:54 AM   #1
sathyguy
Member
 
Registered: Sep 2005
Location: Indian Working in Saudi Arabia
Distribution: Redhat Linux AS 3.0
Posts: 93

Rep: Reputation: 15
Very Urgent! Strange msg in /var/log/messages


Friends,
We have RHEL AS 3.0 [2.4.21-4.ELsmp] with Oracle 9i.
Daily i use to check tail -100 /var/log/messages
today i saw in the messages....

Jul 27 08:34:03 prodb ucd-snmp[1157]:Received SNMP packet(s) from 166.34.2.144
Jul 27 08:34:06 prodb ucd-snmp[1157]:/proc/stat buffer increased to 384
Jul 27 08:34:06 prodb ucd-snmp[1157]:/proc/stat buffer increased to 640
Jul 27 08:34:06 prodb ucd-snmp[1157]:/proc/stat buffer increased to 896

166.34.2.144 is one of our collegue's ip.
what is this message? What i have to do now?
Please advice me.

Thanks
Sathyguy
 
Old 07-27-2006, 03:46 AM   #2
konsolebox
Senior Member
 
Registered: Oct 2005
Distribution: Gentoo, Slackware, LFS
Posts: 2,245
Blog Entries: 15

Rep: Reputation: 233Reputation: 233Reputation: 233
do you have a physical access to your collegue's system? why not search for the sending program there?
 
Old 07-27-2006, 03:52 AM   #3
sathyguy
Member
 
Registered: Sep 2005
Location: Indian Working in Saudi Arabia
Distribution: Redhat Linux AS 3.0
Posts: 93

Original Poster
Rep: Reputation: 15
i didnt understand.
is there any program from my collegue's pc is trying to contact our server?
he is using winxp.
 
Old 07-27-2006, 04:07 AM   #4
konsolebox
Senior Member
 
Registered: Oct 2005
Distribution: Gentoo, Slackware, LFS
Posts: 2,245
Blog Entries: 15

Rep: Reputation: 233Reputation: 233Reputation: 233
yup. that's what i mean. try fport from foundstone to find listening programs. you might also simply do netstat. it can even be the windows xp itself. try to turn off the snmp querying in windows. the bad thing is i really don't know if windows have snmp querying and i don't know how to turn it off.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Redirecting the kernel messages to file other than /var/log/messages jyotika_b83 Linux - General 3 04-28-2005 06:39 PM
Deleted /var/log/messages, can't log any files-iptables chingyenccy Linux - Newbie 7 02-27-2005 04:03 PM
strange logs in /var/log/messages dominant Linux - Security 1 04-21-2004 12:12 PM
/var/log/messages full of these messages. Should I be concerned? mdavis Linux - Security 5 04-16-2004 10:08 AM
iptables, changing log file from /var/log/messages acid2000 Linux - Networking 3 03-11-2003 08:38 PM


All times are GMT -5. The time now is 08:55 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration