[ale] remote investigation
matty91 at bellsouth.net
matty91 at bellsouth.net
Tue Sep 2 09:09:43 EDT 2003
On Tue, 2 Sep 2003, John Wells wrote:
> Guys,
>
> Came back from the Labor Day holiday and my mail server/web server is acting
> rather odd.
>
> Services respond rather slowly, and sometimes not at all. When services
> stop responding, I can still hit the router, so I know it has to be the
> server itself.
>
> I'm currently logged in remotely and everything seems good, if not slow, but
> I expect it to freeze soon (it has a few times in the last hour or so).
> When it freezes, I can usually get a response after about 20 minutes or so.
>
> The odd thing is, when services do "freeze" up, I can still telnet to a port
> on the machine, like 25 for smtp, and get a connection. However, the SMTP
> server fails to respond and I just sit there.
>
> I guess I'm kind of at a loss as to what sort of investigation I can do
> remotely. I suppose the best way to see what's going on is to attempt to
> repeat the problem from home with a monitor connected and to see if it's
> actually doing anything during these timeouts, but I'd like to come home
> armed with any equipment that might be required.
>
> Anyone had a similar experience in the past? Does this sound like a
> possible bad NIC/harddrive/etc? My first thought was that the box may have
> been compromised, but it'd be a wierd attack to let someone in every few
> minutes or so. Netstat doesn't show anything unusual going on when I'm in,
> at least.
>
> Any tests I could run against NIC/harddrive/etc to check for malfunctioning
> hardware?
What does "netstat -i" show you? I believe there is an MII test utility
out in the wild. I don't recall the package name, but a google search out
to turn it up.
>
> Thanks for humoring the grasping at straws. I'm frustrated, and clear
> thought is not currently an option... ;-)
>
> John
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
>
Ryan Matteson - UNIX Administrator | GPG ID: 92D5DFFF
Public Key: http://www.daemons.net/~matty/public_key.txt
Fingerprint = 4BEC 6145 30A6 BCE6 5602 FF11 4954 165D 92D5 DFFF
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale
More information about the Ale
mailing list