Security Basics mailing list archives
Re: System Monitor
From: Gabriel Orozco <gabriel_orozco () mx sumida com>
Date: Mon, 30 Jan 2006 14:46:37 -0600
Hello Againfrom another system on the network, also with Debian over ultrasparc hardware, we took the notice that is taking about 50% for irq.
this leaded me to check and I think I found the cause of the problem: PID USER PRI NI VIRT RES SHR S CPU% MEM% TIME+ Command 3 root 18 19 0 0 0 S 0.0 0.0 0:00.00 ksoftirqd_CPU0I think this process is the cause, and just noted that. Need to research in order to understand what happens with Linux over Sparc hardware for this to happend.
but IMHO this is a kind of "DoS" self-made... More to follow, in the mean time, thanks for all your answers Gabriel
Hello Every buddy I'm checking another computer on the network. thats has an stranger behavior. Let me explain This is a Linux/Debian computer installed some 9 days ago. Assigned user want to run Moodle on it. But they called me asking why with 40 users the server went to top processor and memory. Hardware is a Sun-Ultra, with 2GB of RAM, and plenty of scsi disk space... The problem: when I run "top" I have between 43% to 52% of processor used by "Sys" (System Tasks) and I cannot identify what is taking these process power. top does not give anything using the system nothing is being transfered (checked with iptraf) no disk usage (using iostat) no root kits, checked with ckrootkit some minutes ago no programs listening, checked with netstat I don't know which tool can help me to find the problem. I know there should be one and am surfing freshmeat.net, but I can happily accept any help you can give Thanks in advance Gabriel Orozco --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degreecustomizations including Emergency Management, Business Continuity Planning,Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus--------------------------------------------------------------------------- ForwardSourceID:NT0000789ENotice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you
--------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- System Monitor Gabriel Orozco (Jan 28)
- Re: System Monitor FocusHacks (Jan 30)
- Re: System Monitor xyberpix (Jan 30)
- Re: System Monitor Matt Alexander (Jan 31)
- Re: System Monitor ilaiy (Jan 31)
- <Possible follow-ups>
- Re: System Monitor Gabriel Orozco (Jan 30)