Hi,
have you checked your gmond.conf, maybe this ip is defined as
udp_send_channel ?
i've checked one of my aix system with tcpdump and get no connection to
this ip.
my gmond version is 3.0.7
greets
Mit freundlichen Grüßen
Ron Wellnitz
--
Ron Wellnitz
Debeka-Hauptverwaltung
Abteilung IS/FK
Ferdinand-Sauerbruch-Str. 18
56058 Koblenz
Telefon: (0261) 498 3140
Telefax: (0261) 498 3160
E-Mail: [email protected]
Internet: www.debeka.de
Debeka Krankenversicherungsverein a. G., AmtsG Koblenz: HRB 125
Debeka Lebensversicherungsverein a. G., AmtsG Koblenz: HRB 141
Debeka Allgemeine Versicherung AG, AmtsG Koblenz: HRB 2300
Debeka Pensionskasse AG, AmtsG Koblenz: HRB 6683
Vorstand: Uwe Laue (Vorsitzender), Rolf Florian, Roland Weber,
Thomas Brahm, Dr. Peter Görg
Aufsichtsratsvorsitzender: Peter Greisler
Sitz Koblenz am Rhein
Debeka Bausparkasse Aktiengesellschaft, Amtsgericht Koblenz: HRB 1114
Vorstand: Jörg Phlippen, Dirk Botzem (st. V.)
Aufsichtsratsvorsitzender: Peter Greisler
Sitz Koblenz am Rhein
Ahmed F. Al Twaijiry schrieb:
>
> Dears,
>
> We managed to install ganglia in all our Systems (SUN & AIX) within 3
> weeks in around 400 servers, everything seems to be fine and everyone
> is happy with Ganglia specially when I told them it’s open source
> (actually management was more happy J )
>
> Now today, security team they contact us complaining that there is
> some attack from all our servers to an external IP 5.145.151.109,
> usually our servers will never connect to internet
>
> The attach currently is a ping to this IP 5.145.151.109 and when we
> stop gmond the attach stop and when we start it we get the ping again.
>
> Do you know what is this IP 5.145.151.109 and how to stop it ?
>
> Thanks
>
> * Event Name: Deny ICMP
> * Attacker IP: All our internal servers.
> * Target IP: 5.145.151.109
> * Target Port: Changeable
> * FW IP: internal
>
> * the CPU was start high after this traffic start
>
> Best Regards,**
>
> *_________________________*
>
> *Ahmad AlTwaijiry*
>
> *Unix Team Leader*
>
> *ITO/Data Center*
>
> *Office* +966 560314453
>
> *Mobile* +966 *561110304*
>
> cid:734115205@03062009-2469
>
> ------Disclaimer- This email and any files transmitted with are
> classified as confidential unless otherwise specified. This e-mail is
> intended solely for the use of the individual or entity to whom this
> e-mail is addressed. If you have received this email by mistake,
> please notify the sender and delete this e-mail immediately and
> permanently. Although measures were taken to free this e-mail and its
> attachments from any malicious code infection, it is the
> responsibility of the recipient to check this email and any
> attachments for the presence of such infection. The use of EEC(Mobily)
> e-mail service is limited for EEC(Mobily) business use only.
>
> ------------------------------------------------------------------------
>
> ------------------------------------------------------------------------------
> SOLARIS 10 is the OS for Data Centers - provides features such as DTrace,
> Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW
> http://p.sf.net/sfu/solaris-dev2dev
> ------------------------------------------------------------------------
>
> _______________________________________________
> Ganglia-general mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/ganglia-general
>
------------------------------------------------------------------------------
SOLARIS 10 is the OS for Data Centers - provides features such as DTrace,
Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW
http://p.sf.net/sfu/solaris-dev2dev
_______________________________________________
Ganglia-general mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/ganglia-general
