| Stephen Gran on 24 May 2006 09:50:54 -0000 |
|
On Tue, May 23, 2006 at 09:26:17PM -0400, Dan Widyono said: > > So I ran some sensors in KSysGuard and got this for udp: > > May 22 23:38:48 localhost network/sockets/udp/count: 0 > > May 22 23:38:50 localhost network/sockets/udp/count: 0 > [...] > > One udp packet every few minutes. No further info. > > Um, that's every *two seconds*. That seems more worrisome to me (on my > system) than every few minutes. Well, ntp, cups, samba, syslog, name resolution, nfs, portmapper, plenty more. There is a lot of legitimate udp traffic on most networks. > > Also, the disk chatters every few seconds. A sensor applied to the disk > > produces this: > > May 22 23:43:30 localhost disk/8:0/total: 0 > > May 22 23:43:32 localhost disk/8:0/total: 0 > > Again, every *two seconds*. > > I wonder if there's a C library wrapper which provides such a feature (wraps > system calls and collects statistics). strace does do that but you have to > monitor each process individually. Enjoy. There are, but the simplest is just to set an iptables rule to log every outbound traffic, and look at the logs for what's going on. It will at least give you a starting point - i.e., if all of the destination ports are 53, then you are making a lot of dns queries, and you'll just have to figure out why then. Take care, -- -------------------------------------------------------------------------- | Stephen Gran | QOTD: "A university faculty is 500 | | steve@lobefin.net | egotists with a common parking | | http://www.lobefin.net/~steve | problem." | -------------------------------------------------------------------------- Attachment:
signature.asc ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|