<table cellpadding=3 cellspacing=0 border=0 width=100% bgcolor=white><tr valign=top><td width=100%> --- On Fri 09/10, Alexander Dalloz < alexander.dalloz@uni-bielefeld.de > wrote: <BLOCKQUOTE style="PADDING-LEFT: 7px; MARGIN-LEFT: 7px; BORDER-LEFT: orange 2px solid"> From: Alexander Dalloz [mailto: alexander.dalloz@uni-bielefeld.de] To: usmany@excite.com, fedora-list@redhat.com Date: Fri, 10 Sep 2004 16:06:33 +0200 Subject: Re: Observation on FC2/Help on FC1 Am Fr, den 10.09.2004 schrieb usmany@excite.com um 13:32: > I observered FC2 has more problem than FC1 as other users are having different types of problems. The trouble making host is an FC2? This is not very clear from your description. But I does not really matter. What I mean is the way and numbers of complaints from others on fedora core 2 is almost more than that of fedora core 1 (FC). > I am new to redhat linux but find it very good and reliable than other os so far... I am using FC1 on my network servers and seem appreciating it. Fedora is not Redhat - see http://fedora.redhat.com. You are using Fedora Core and not Redhat Linux. Thanks for that information Sir... > I have little problem with one of the servers that I set as secondary server.... if I connect the server/system to the network, its slow down and consume > all my bandwidth by transmitting almost 80 to 90% of my total bandwidth. Says not much. Modem bandwidth is not much. If the systems are connected through ethernet it will be much traffic. And you did not say any word as what kind of server this host is acting. Is it running a webserver, DNS services, a mail server, even an MTA? Is running secondary DNS only nothing more on it and is are all connected through ethernet (switch) from my network modem-------router-------switch-----systems, but I also have another system (primary DNS) running on window 2000 advanced server that has mail server running on, but is not slowing the network.... first i suspected it to be the culprit taking away the bandwidth... when i traced/troubleshooted 1 system after the other, i endup getting the fedora core 1 (secondary) server DNS to be the problem. Please, how will i know the bind version of my DNS and check if the system is vulnerable and has ports open for relay, etc? > I disconnected the system from the network trying to trobleshoot and make inquiry on what is making it behave that way while others that I set not > behaving as same. Just a blind shot: are you running a misconfigured MTA on the "victim" host which is acting as an open relay? I can tell sir as I dont know how to detect that on the system... all i know is that my network is not been enable for open relay, but on this new os i am now running. How will I find that sir? This can typically explain the traffic. A misconfigured DNS can cause such constant high traffic too. I think is misconfigured DNS... Is my friend that setted that DNS for me while I did the others and seem mine (those) I did are better doing well than one he does. How can I check that too sir? > When I was using win2k advanced server, I use to collect logs of port scanning from other networks on my firewall logs database. > Guys what could be the problem and how to troubleshoot the system (FC1). The directory /var/log/ is full of log files. It is always the first place to look at. Most important log files are messages, secure and if running an MTA the maillog. I was able to locate the logs and seem some are okay while some are not like mailman and cron which shows error messages i.e. on one of the servers (fedora core1) I have on my network. I will appreciate all asistance from you and others sir. Thanks Usman Yahaya Alexander -- Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13 Fedora GNU/Linux Core 2 (Tettnang) kernel 2.6.8-1.521smp Serendipity 15:58:57 up 11 days, 13:15, load average: 0.91, 0.85, 0.98 Attachment: signature.asc (0.19KB) </BLOCKQUOTE> </td></tr></table><hr>Join Excite! - <a href=http://www.excite.com target=_blank>http://www.excite.com</a> The most personalized portal on the Web!