[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: DNS
I captured that particular output by using my mouse to cut and paste
and the strace stopped there and just sinply hung. And no it didn't sleep
I am the one who restarted the DNS in order to show what it does when it s
running.
As well I haven't run any other version of bind other than that on this
name server So i hope there are no back doors.
On Thu, 22 Jun 2000, Brian Candler wrote:
> Date: Thu, 22 Jun 2000 14:27:26 +0100
> From: Brian Candler <B.Candler at pobox.com>
> To: ksemat at eahd.or.ug
> Cc: afnog at afnog.org
> Subject: Re: DNS
>
> On Thu, Jun 22, 2000 at 02:58:44PM +0300, ksemat at eahd.or.ug wrote:
> > I am running bind 8.2.2-P5
>
> Good (although if you were running and older one, and you were hacked, there
> will still most likely be many other backdoors open into your system which
> were installed at that time)
>
> > this the output from strace at the exact point
>
> > fcntl(5, F_SETFL, O_RDWR) = 0
> > gettimeofday({961674520, 598848}, NULL) = 0
> > close(5
>
> Ouch - it didn't even finish the output from strace.
>
> How _exactly_ were you capturing that? If you were capturing via a file
> (e.g. strace -p ... | tee file) then you may not get all of the text,
> because it's buffered. Safest is to let it output to the console, and then
> copy the console output using the mouse. It's only the last couple of lines
> which are important.
>
> # strace -p <pid> >filename 2>&1
>
> ought to capture all the output though.
>
> Brian.
>
> -----
> This is the afnog mailing list, managed by Majordomo 1.94.4
>
> To send a message to this list, e-mail afnog at afnog.org
> To send a requet to majordomo, e-mail majordomo at afnog.org and put
> your request in the body of the message (i.e use "help" for help)
>
> This list is mantained by owner-afnog at afnog.org
>
Sematimba Noah
Network Administrator
Uganda Online
-------------------------------------------------------------------------------
ksemat at eahd.or.ug P.O.Box 1254 Kampala
-----
This is the afnog mailing list, managed by Majordomo 1.94.4
To send a message to this list, e-mail afnog at afnog.org
To send a requet to majordomo, e-mail majordomo at afnog.org and put
your request in the body of the message (i.e use "help" for help)
This list is mantained by owner-afnog at afnog.org
- References:
- Re: DNS
- From: Brian Candler <B.Candler at pobox.com>