Re: [Haifux] /var/log/messages
On Thu, 22 Jan 2004, Cohen, Nahum wrote: Where can I find information about the error messages in /var/log/messages go to google, enter the error message between double quotes (like error 450: no reply bla bla) --guy ? I get all kind of messages and I want to know what they mean. For example: Jan 19 23:38:58 nahum-x telnetd[24258]: ttloop: peer died: EOF Jan 1923:38:58 nahum-x telnetd[24375]: ttloop: read: Connection reset by peer And this one that is much more to worry about: Jan 21 02:42:57 nahum-x kernel: eth0: Too much work in interrupt, status 8401. The reason I'm asking is becausefrom time to time my telnetd is like not responding ... Then I have to run service xinetd restart to restart the telnetd. Any information will be appreciate. Nahum Cohen The road to success is always under construction (Jim Miller) -- Haifa Linux Club Mailing List (http://www.haifux.org) To unsub send an empty message to [EMAIL PROTECTED] -- guy For world domination - press 1, or dial 0, and please hold, for the creator. -- nob o. dy -- Haifa Linux Club Mailing List (http://www.haifux.org) To unsub send an empty message to [EMAIL PROTECTED]
Re: [Haifux] /var/log/messages question (fwd)
Orna Agmon wrote: On behalf of Nahum Cohen: -- Forwarded message -- Date: Fri, 23 Jan 2004 12:37:43 +0200 From: Cohen, Nahum [EMAIL PROTECTED] To: '[EMAIL PROTECTED]' [EMAIL PROTECTED] Subject: [Haifux] /var/log/messages question Hi, Where can I find information about the error messages in /var/log/messages ? I get all kind of messages and I want to know what they mean. For example: Jan 19 23:38:58 nahum-x telnetd[24258]: ttloop: peer died: EOF Jan 19 23:38:58 nahum-x telnetd[24375]: ttloop: read: Connection reset by peer And this one that is much more to worry about: Jan 21 02:42:57 nahum-x kernel: eth0: Too much work in interrupt, status 8401. The reason I'm asking is because from time to time my telnetd is like not responding ... Then I have to run service xinetd restart to restart the telnetd. Any information will be appreciate. -- Haifa Linux Club Mailing List (http://www.haifux.org) To unsub send an empty message to [EMAIL PROTECTED] It could be some kind of attack or some network device error, if you get those messages with a ?onstant periodicity. If you decided to use a telnet instead of ssh, try to run ( % script_name.sh ) this little script. It will write to the file /var/log/ttloop_log the network connections to your telnetd at the moment of the error event... #!/bin/sh while :; do tail -0f /var/log/messages | grep -q ttloop; date /var/log/ttloop_log; netstat -ntp | grep ':23 ' /var/log/ttloop_log; done Also, you maybe need to check the basic security rules like iptables, xinetd attributes only_from or no_access - restrict an access to telnetd by IP/Submask, access_times 00:00 - 08:00 ... , cps x y - if exceeds x connections per sec, delays for y sec ( default 50 (or 25) 10 ). I hope it will help ... - Slava. -- Haifa Linux Club Mailing List (http://www.haifux.org) To unsub send an empty message to [EMAIL PROTECTED]
Re: [Haifux] /var/log/messages question (fwd)
On Sat, Jan 24, 2004 at 09:33:14AM +0200, Orna Agmon wrote: Where can I find information about the error messages in /var/log/messages ? Each error usually comes from a specific program. In your case, it's telnetd. Therefore, it's best to look for information on the error message in the documentation (or sources...) of the program that generated it. google is always helpful, too. I get all kind of messages and I want to know what they mean. For example: Jan 19 23:38:58 nahum-x telnetd[24258]: ttloop: peer died: EOF Jan 19 23:38:58 nahum-x telnetd[24375]: ttloop: read: Connection reset by peer Nothing to worry about. telnetd is telling you that the other side of the connection is disconnecting without properly terminating the telnet connection first. It's abnormal, but it's bound to happen sometimes. And this one that is much more to worry about: Jan 21 02:42:57 nahum-x kernel: eth0: Too much work in interrupt, status 8401. That says that your NIC is not too good. Again, it's not something to worry about - the kernel should handle this gracefully. If you want to solve it, you need either a better NIC (which one do you have?), or possibly a better driver for it. The reason I'm asking is because from time to time my telnetd is like not responding ... Then I have to run service xinetd restart to restart the telnetd. That is suboptimal. Is there a correlation between when the telnetd does not repond, and the above messages? do other network services work? can you ping the machine? Any information will be appreciate. Just one more bit - telnet is unsafe, since it sends your password and data in the clear (unencrypted). Always use 'ssh' if you can. Cheers, Muli -- Muli Ben-Yehuda http://www.mulix.org | http://mulix.livejournal.com/ the nucleus of linux oscillates my world - [EMAIL PROTECTED] signature.asc Description: Digital signature
[Haifux] /var/log/messages
Hi, Where can I find information about the error messages in /var/log/messages ? I get all kind of messages and I want to know what they mean. For example: Jan 19 23:38:58 nahum-x telnetd[24258]: ttloop: peer died: EOF Jan 19 23:38:58 nahum-x telnetd[24375]: ttloop: read: Connection reset by peer And this one that is much more to worry about: Jan 21 02:42:57 nahum-x kernel: eth0: Too much work in interrupt, status 8401. The reason I'm asking is because from time to time my telnetd is like not responding ... Then I have to run service xinetd restart to restart the telnetd. Any information will be appreciate. Nahum Cohen The road to success is always under construction (Jim Miller) attachment: winmail.dat
Re: [Haifux] /var/log/messages
On Thu, 22 Jan 2004, Nahum Cohen wrote: Hi, Where can I find information about the error messages in /var/log/messages ? I get all kind of messages and I want to know what they mean. For example: Jan 19 23:38:58 nahum-x telnetd[24258]: ttloop: peer died: EOF Jan 19 23:38:58 nahum-x telnetd[24375]: ttloop: read: Connection reset by peer And this one that is much more to worry about: Jan 21 02:42:57 nahum-x kernel: eth0: Too much work in interrupt, status 8401. Sounds like a broken network card driver. A long time ago, I used to have similar problems with Mandrake 8.0 Try to see if there are any updates for your network card driver or linux distro. Emil -- Haifa Linux Club Mailing List (http://www.haifux.org) To unsub send an empty message to [EMAIL PROTECTED]
[Haifux] /var/log/messages question (fwd)
On behalf of Nahum Cohen: -- Forwarded message -- Date: Fri, 23 Jan 2004 12:37:43 +0200 From: Cohen, Nahum [EMAIL PROTECTED] To: '[EMAIL PROTECTED]' [EMAIL PROTECTED] Subject: [Haifux] /var/log/messages question Hi, Where can I find information about the error messages in /var/log/messages ? I get all kind of messages and I want to know what they mean. For example: Jan 19 23:38:58 nahum-x telnetd[24258]: ttloop: peer died: EOF Jan 19 23:38:58 nahum-x telnetd[24375]: ttloop: read: Connection reset by peer And this one that is much more to worry about: Jan 21 02:42:57 nahum-x kernel: eth0: Too much work in interrupt, status 8401. The reason I'm asking is because from time to time my telnetd is like not responding ... Then I have to run service xinetd restart to restart the telnetd. Any information will be appreciate. -- Haifa Linux Club Mailing List (http://www.haifux.org) To unsub send an empty message to [EMAIL PROTECTED]
