radium things

carter at qosient.com carter at qosient.com
Tue Jun 13 08:06:01 EDT 2006


Hey Robin,
How about syslog messages in (not sure of your system) /var/log/messages?  Regardless, the -w option should work, so I'll check it out later this afternoon.

Carter
 
Carter Bullard
QoSient LLC
150 E. 57th Street Suite 12D
New York, New York 10022
+1 212 588-9133 Phone
+1 212 588-9134 Fax  

-----Original Message-----
From: Robin Gruyters <r.gruyters at yirdis.nl>
Date: Tue, 13 Jun 2006 11:23:17 
To:carter at qosient.com
Cc:Argus <argus-info at lists.andrew.cmu.edu>
Subject: Re: [ARGUS] radium things

Quoting carter at qosient.com:

> So I am not getting any kind of problems with radium. You will have   
> to be root to listen on any privledged ports ( under 1024 ).
> You should have gotten some form of error messages?
>
Nope no messages. I notice when starting radium without the '-w'  
option it creates a listing port (default 561)

[...]
# radium -d -P561 -Slocalhost:562
# netstat -na|grep 561
tcp4       0      0  *.561                  *.*                    LISTEN
#
[...]

If I add the '-w' option

[...]
# radium -d -P561 -Slocalhost:562 -w /data2/argus/argus.radium
# netstat -na|grep 561
#
[...]

Regards,

Robin

> Carter
>
>
> Carter Bullard
> QoSient LLC
> 150 E. 57th Street Suite 12D
> New York, New York 10022
> +1 212 588-9133 Phone
> +1 212 588-9134 Fax
>
> -----Original Message-----
> From: Robin Gruyters <r.gruyters at yirdis.nl>
> Date: Fri, 09 Jun 2006 15:12:55
> To:Argus <argus-info at lists.andrew.cmu.edu>
> Subject: [ARGUS] radium things
>
> Hi ya,
>
> I was testing the new radium tool and notice a few things:
>
> 1) It coredumps when connecting with non-root account to remote   
> Argus daemons.
>     $ radium -Slocalhost:562 -Slocalhost:563 -w /tmp/argus.radium
>     Bus error (core dumped)
>
> 2) When trying to run radium as a server (-P561) it won't create a listening
>     interface.
>
> Regards,
>
> Robin Gruyters
> Network and Security Engineer
> Yirdis B.V.
> I: http://yirdis.com
> P: +31 (0)36 5300394
> F: +31 (0)36 5489119
>
>
>




More information about the argus mailing list