Hudson Delbert J Contr 61 CS/SCBN
Delbert.Hudson at LOSANGELES.AF.MIL
Mon Nov 15 16:24:29 UTC 2004
I found some old satan scripts and redid
the perl stuff to basically run a service from
xinetd to tail -f on eth0 logging sorta like
tcpdump. I like this format as it gives me a
little bit of payload drill down.
this is a weird (at least to me) pattern.
12NOV2004 at 17:24:48 host=research sharktank!kernel:0:0.1
i think its a an icmp port unreachable due to a dns timer expiring.
it also looks like the truncation bit is set, so would this traffic have to
change to udp
to get a complete answer ?
thx for any info...just looked goofy to me, don't know why?
More information about the ubuntu-users