[ale] Followup to my locking up system.
Mike Harrison
meuon at geeklabs.com
Mon Nov 28 14:11:18 EST 2005
> This system is sorta like an IDS/IPS. It does have a
> Warning (read_object): no symbols in
> /lib/modules/2.4.23-4/kernel/drivers/net/e1000/e1000.o
Smells like a bad card, or the driver for it has been changed/modified
somehow.. If it's an IDS, could it have been intruded on?
Got known good "identical" binaries of ps, netstat, ls.. etc.. you can
copy into the machine and poke around? Got identical ethernet modules
from a working machine?
But I'd swap ethernet cards first... if you are getting error messages
regarding it.. An easy troubleshooting step. :)
Stupid Pet Trick: I've made a 'clean.zip' file for various installs
in when I build them, and store it on the server as well as a backup
elsewhere.. with a "trusted" copy of ps, netstat, ls, find, etc..
in it. Staticly linked if possible.. Very useful when you may have reason
to not trust a box.
More information about the Ale
mailing list