There was a bad rule yesterday. It was removed almost immediately but it
looks like you missed the update until 1000pm. It takes a while to compile
rulebase updates. Since you mention 4pm and 10pm I'm guessing you have your
updates scheduled. A better method would be to trigger updates based on
Have you tried a reboot? Checked your error logs? Made sure that DNS
and all of your E-mail services are running?
Is there even a chance that you will be able to receive this message?
Matt
Richard Farris wrote:
I just did an Windows NT update and now I cant get any email...when I turn
I've been having trouble for the last 24 hrs or maybe a bit more with log
uploads failing. The FTP either fails to connect, or it does connect and
the upload begins and then fails after a small percentage done. Uploads are
scheduled every 6 hours. Yesterday afternoon I tried renaming the log
That is possible. I'm still looking for an alternate repeatable cause.
_M
At 08:43 PM 3/24/2004, you wrote:
I see over a 1000 of these ERROR_BAD_MATRIX entries in my Sniffer log file
today, as well. Is this due to the ruleset issue from earlier today?
Bill
-Original Message-
From:
I am having the same problem when I download the update and run snf2check
H.
- Original Message -
From: Landry William [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, March 25, 2004 2:57 PM
Subject: RE: [sniffer] Error_Bad_Matrix
I run snf2check.exe against every .snf file
This has been a bad week here!
A big increase in total email volume, a huge increase in false positives as
well as a huge increase in spam getting past our filters.
Sheldon
Sheldon Koehler, Owner/Partnerhttp://www.tenforward.com
Ten Forward Communications 360-457-9023
We've found that when we do a manual download, everything works fine. It's
the automatic download on the Windows 2000 server that seems to corrupt
things.
M. Stein
Computer House
- Original Message -
From: Pete McNeil [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, March
I think the problem is in the file extension.
It should not be .com, but rather .cmd.
Hope this helps,
_M
At 12:32 PM 3/25/2004, you wrote:
Hi,
When I try to run the .com file, I get an error. I have attached the
error dialog box and a copy of the .com file (name altered to .co_) that
I am
MicroNeil Voice Line: 703-779-4909
_M
At 01:30 PM 3/25/2004, you wrote:
I got
it.I am on to something so I might figure it outif I dont is
there a number I can call..
Richard Farris
Ethixs Online
1.270.247. Office
1.800.548.3877 Tech Support
- Original Message -
From:
I've been looking at that. The problem seems to be related to downloads,
not generation. That is, every rulebase that I use locally has been clean
throughout this episode. Also, folks who manually download the rulebase
seem to be able to correct the problem. I'm not sure yet what is different
snf2check.exe will catch a partial download but it will not catch
corruption in the middle of the file.
_M
At 03:57 PM 3/25/2004, you wrote:
I run snf2check.exe against every .snf file downloaded. I just checked it
again manually, and no errors were reported. I now have almost 3500
By 8pm we had done at least 6 that I was part of.
_M
At 04:32 PM 3/25/2004, you wrote:
How many updates have happened today...I have only received 1 today..
Richard Farris
Ethixs Online
1.270.247. Office
1.800.548.3877 Tech Support
- Original Message -
From: Pete McNeil [EMAIL
Pete,
FYI, I was trying to set up log uploads yesterday night and it took me a
while to figure out that the FTP connection was unreliable from my
server. Packets were being dropped/munged somewhere. I also noted a
much lower hit rate on SNIFFER-PHARMACY yesterday, but no indication of
I'm exploring that possibility - though there is nothing in the logs. I've
seen some instability on the Sprint T1 though it seems stable now.
Sprint made an announcement that they were going to change their routing
and that seems to coincide with these new events. Perhaps instability on
that
At 06:25 PM 3/25/2004, you wrote:
We also saw many BAD_MATRIX errors last night.
If the problem was 'wget', shouldn't the snf2check
utility detect a corrupt file? Also, we did a manual
update yesterday afternoon and there were no 'wget'
error messages. The problem got corrected sometime
between
snf2check.exe makes the assumption that if the entire file is there and the
head and tail of it can be verified that it must have survived the
transfer. Clearly something is happening where that is not the case -
something new.
One possibility that has been suggested is that we could gzip
At 06:51 PM 3/25/2004, you wrote:
Looks like a bandwidth issue to me, since even doing the download manually,
my connection stalled 5 times before I could complete a successful download.
And the download speeds were atrocious, many times in bytes/second rather
than even kb/second - and my
I'm getting to be pretty sure it's Sprint. After bouncing the router there
have been 109 carrier transitions in 3 hours. That's insane. I will be
pounding on them.
_M
At 11:44 PM 3/25/2004, you wrote:
Pete,
FYI, I was trying to set up log uploads yesterday night and it took me a
while to
snf2check does a byte length and partial checksum by default. The first and
last few kbytes of the file are encrypted in sequence using Mangler. If any
single bit of those two segments is missing or altered then the file will
fail to authenticate. The only thing missing is a CRC for the middle
19 matches
Mail list logo
