argus client commands, unexpected results?
Matt Sheridan
mattmail5050 at gmail.com
Mon Nov 16 16:52:31 EST 2009
Two commands seem to be returning unexpected results. The tar I downloaded
just a week ago was named argus-clients-3.0.0.tar. Installed on RHEL5 Intel
64bit.
Running ratop just hangs (ratop -S localhost:561). No new prompt, just hangs
on carriage return. I originally thought this was just a terminal isssue. I
am VT100 on a SecureCRT ssh session. But when I began to have other issues,
I wondered if it was symptomatic of something else.
running ra against a argus server with parsing laguage returns results as
expected, running it against a argus file does not - it simply returns all
results. So:
Using the local argus server on a listening port:
[root at xxxxxx 127.0.0.1]# ra -S localhost:561 host 10.192.1.23
16:46:44.047054 M tcp 10.192.1.23.33170 ->
x.x.x.x.https 4 240 FIN
16:46:44.096464 M tcp 10.192.1.23.42979 ->
x.x.x.x.https 4 240 FIN
16:46:44.336521 M tcp 10.192.1.23.15801 ->
x.x.x.x.https 4 240 FIN
16:46:44.524054 M icmp x.x.x.x <->
10.192.1.23 2 196 ECO
16:46:44.777712 M tcp 10.192.1.23.20676 ->
x.x.x.x.https 54 30136 CON
using a local file, written by rastream:
ra -r ./argus.2009_11_16_1640.out host 10.192.1.23
just dumps out the entire .out file.
Thanks for your help!
Matt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20091116/7c0cdfbe/attachment.html>
More information about the argus
mailing list