Re: syslogd core

Barry Suskind (bsuskind@is.ge.com)
Wed, 15 Jan 1997 08:09:39 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: crumrig@us-state.gov: "Re: Update on mail bombing threats--not so funny"
Previous message: proff@suburbia.net: "Re: Potential for more internet attacks"
Maybe in reply to: Ivan Pulleyn: "syslogd core"
Next in thread: Barry Suskind: "Re: syslogd core"

Ivan Pulleyn wrote:
> 
> Hi,
>   I found a core from syslogd the other day on my Solaris 2.5.1 based firewall.
> We are running the FW-1 firewall that comes with Sun's Netra.  The question
> is, what can I do with this core to determine if it was the result of any
> foul play? gdb tells me little, same thing with strings -a.
> 
> Thanks,
> Ivan...
> 
> --
> Ivan Pulleyn       Magnify, Inc.         home:
> ivan@magnify.com   815 Garfield Street   1401 North Bosworth Avenue
>                    Oak Park, IL  60304   Chicago, IL 60622
>                    708 383-7002          773-278-5902

Try running the strings command against the core file.
you might find the last message sent to syslog there as
the core file is the memory image when syslog went down.

-- 
barry

|======================================================================
|Barry A. Suskind          |"If it weren't for change, your job would 
|GE Information Services   |consist of making sure the corporate abacus
|Email: bsuskind@is.ge.com |rods were adequately greased" - John Cleese
|Phone: (301)-340-4667     |===========================================
|SnailMail: 401 N Washington St, Mail Stop: MC07D, Rockville MD, 20850

Next message: crumrig@us-state.gov: "Re: Update on mail bombing threats--not so funny"
Previous message: proff@suburbia.net: "Re: Potential for more internet attacks"
Maybe in reply to: Ivan Pulleyn: "syslogd core"
Next in thread: Barry Suskind: "Re: syslogd core"