Date: Sun, 21 May 2000 11:41:36 -0700 From: "Khairuddin Abdul Ghani" <abdulgha@usc.edu> To: <freebsd-questions@FreeBSD.ORG> Subject: mysterious shutdowns Message-ID: <00b401bfc354$31b72aa0$6f1f7d80@phoenix>
next in thread | raw e-mail | index | archive | help
Hello. First thanks to Crist for helping me with my talkd problem, but now there seems to be something more sinister happening on my machine. At least once a day, the machine would 'shutdown' (as noted in the 'last' output) mysteriously for no apparent reason. What bothers me is that just before or during each shutdown, there would be a ton of traffic going into the machine (an outside attack it seems). Unfortunately, nothing seems to be logged, because syslogd dies during the shutdown. Sometimes certain libraries like mm and tcl which are heavily used would disappear. At the moment I'm trying to log incoming connections with log_in_vain, and maybe just running tcpdump indefinitely. If there are any better ways, please tell. I have IPFIREWALL compiled with log amount of 50 and VERBOSE. Best regards, Rudy. eg. last | grep shutdown: shutdown ~ Fri May 19 15:09 flash ttypm 194.133.37.38 Fri May 19 15:04 - shutdown (00:05) misterio ttyp5 62.11.132.164 Fri May 19 15:01 - shutdown (00:07) di0lam0r ttypb a-na12-61.tin.it Fri May 19 12:44 - shutdown (02:24) xgen ttyp6 res-3617.usc.edu Fri May 19 10:59 - shutdown (04:09) /var/log/messages: May 21 05:21:47 sage syslogd: exiting on signal 15 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00b401bfc354$31b72aa0$6f1f7d80>