solaris strange log question

2002-01-07 Thread Yiming Gong
Hey all, when I examine the log file on my solaris box these days ,I can always catching these "bsd-gw[pid]: Error reading from connection: Bad file number" It seems unusual,but i can't find any answer on that. Anyone has encounter this before? -- 我要更好的生活 Yimi

RE: bandwidth monitoring

2001-12-18 Thread Yiming Gong
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, My antivirus soft reported Trojan.Way.24 in commview's cv2k.dll. This software was download from www.download.com as Nilesh offered. I think you gotta check your download. regards! - -- ÎÒÒª¸üºÃµÄÉú»î Yiming Gong Senior S

RE: ¡¡I NEED HELP!!

2001-12-01 Thread Yiming Gong
Hey, I've not ever heard that the are *nix version netbus or something like exist. Just use on your linux box to see what program is using these port. -- ÎÒÒª¸üºÃµÄÉú»î Yiming Gong Senior System Administrator China Telcom [EMAIL PROTECTED] http://security.zz.ha.cn 0086-0371-79

RE: firewall / DNS question

2001-11-30 Thread Yiming Gong
easily ! e.g. options { allow-transfer {ip.of.trust.server;} }; -- ÎÒÒª¸üºÃµÄÉú»î Yiming Gong Senior System Administrator China Telcom [EMAIL PROTECTED] http://security.zz.ha.cn 0086-0371-7934907 > -Original Message- > From: novitiate [mailto:[EMAIL PROTECTED]] > Se

RE: Any recent ssh attacks?

2001-11-30 Thread Yiming Gong
consult this http://www.cert.org/current/current_activity.html#ssh -- ÎÒÒª¸üºÃµÄÉú»î Yiming Gong Senior System Administrator China Telcom [EMAIL PROTECTED] http://security.zz.ha.cn 0086-0371-7934907 > -Original Message- > From: Wooi Koay [mailto:[EMAIL PROTECTED]]

RE: Listning processes.

2001-11-27 Thread Yiming Gong
Hey The only thing you need is a straight forward command? Why not try some great tools? e.g. lsof. It is a good solution to get the clues of open files and what unix processes have them open. at here ftp://vic.cc.purdue.edu/pub/tools/unix/lsof/ -- ÎÒÒª¸üºÃµÄÉú»î Yiming Gong Senior System

RE: packet sniffer

2001-11-22 Thread Yiming Gong
You can try windump, or Iris(http://www.eeye.com/html/Products/Iris/Download.html). It is a good graphic data capture tools. ;) -- ÎÒÒª¸üºÃµÄÉú»î Yiming Gong Senior System Administrator China Telcom [EMAIL PROTECTED] http://security.zz.ha.cn 0086-0371-7934907 > -Original Mess

RE: Snort Question

2001-11-22 Thread Yiming Gong
That is management-agent-file-read, you can have a look at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0771 -- ÎÒÒª¸üºÃµÄÉú»î Yiming Gong Senior System Administrator China Telcom [EMAIL PROTECTED] http://security.zz.ha.cn 0086-0371-7934907 > -Original Mess

strange udp packet reported by snort

2001-11-20 Thread yiming
.H5 77 40 12 75 75 14 80 35 2D 08 11 15 3B 1A 50 75 w@.uu..5-...;.Pu 2F 1C 40 32 2C 4E 50 35 7C 90 99 CA A1 98 B9 F0 /.@2,NP5|... 33 10 D0 C2 AF C1 AF 34 1E F1 8B 36 61 80 E8 B1 3..4...6a... -- Who know what is this? Any clues are greatly appreciated. Yiming Gong [EMAIL PROTECTED] 2001-11-20

re: Users traffic and activity on the servers

2001-11-14 Thread Yiming Gong
Mc Guinness -- yiming [EMAIL PROTECTED]

re: Tcp-wrapper question !

2001-11-14 Thread Yiming Gong
Hi, i think you should have a look on your tcp_wrapper makefile,have you uncomment below? -- STYLE = -DPROCESS_OPTIONS # Enable language extensions. -- Only enable language extensions may cause your tcp_wrapper understand in.telnetd : USER_ACCOUNT_NAME@ALL -- Yiming