18 Apr
2009
18 Apr
'09
3:27 p.m.
On Sat, 18 Apr 2009, Kenneth Gonsalves wrote:
On Saturday 18 April 2009 10:54:30 jtd wrote:
How do I find out what is being downloaded ? or what program is the guilty one ?
assuming you have one nic connected to the modem
tcpdump -vv -i eth0 will dump all packets passing thru eth0
maybe somewhere he has told some package to automatically update itself? Or is someone trying a brute force attempt to ssh into the system? shutting down sshd - if it is running - may help. /var/log/messages would normally show attempts at ssh login. -- regards Kenneth Gonsalves
There's nothing in /var/log/messages. I always have a tail -f running on it. I'm also running arno's iptables firewall with no changes in the last couple of months.
regards,
Sharukh
--
Dr. Sharukh K. R. Pavri. Homoeopath, Linuxer.
Why does Superman stop bullets with his chest, but ducks when you
throw a revolver at him ?