Security Basics: Re: System Monitor

[DMORROW5 () satx rr com]

How about NTOP?

Dana Morrow

----- Original Message -----
From: Dharmendra <dbavale () gmail com>
Date: Sunday, January 29, 2006 10:26 pm
Subject: Re: System Monitor

> Hi,
>
> I feel the best way to find out is
>
> * stop all the processes see the top output
> * start one service at a time and see the top output
> * If you find that a particular service is using more system 
resources
> start monitoring the services.
>
> Regards,
> Dharmendra T.
>
> On 26/01/06, Gabriel Orozco <gabriel_orozco () mx sumida com> wrote:
> > Hello Every buddy
> >
> > I'm checking another computer on the network. thats has an stranger
> > behavior. Let me explain
> >
> > This is a Linux/Debian computer installed some 9 days ago. 
> Assigned user
> > want to run Moodle on it.
> > But they called me asking why with 40 users the server went to top
> > processor and memory.
> > Hardware is a Sun-Ultra, with 2GB of RAM, and plenty of scsi 
> disk space...
> > The problem:
> > when I run "top" I have between 43% to 52% of processor used by 
> "Sys"> (System Tasks)
> > and I cannot identify what is taking these process power.
> > top does not give anything using the system
> > nothing is being transfered (checked with iptraf)
> > no disk usage (using iostat)
> > no root kits, checked with ckrootkit some minutes ago
> > no programs listening, checked with netstat
> >
> > I don't know which tool can help me to find the problem.
> > I know there should be one and am surfing freshmeat.net, but I can
> > happily accept any help you can give
> >
> > Thanks in advance
> >
> > Gabriel Orozco
> >
> >
> >
> > -----------------------------------------------------------------
> ----------
> > EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
> > The Norwich University program offers unparalleled Infosec 
> management> education and the case study affords you unmatched 
> consulting experience.
> > Tailor your education to your own professional goals with degree
> > customizations including Emergency Management, Business 
> Continuity Planning,
> > Computer Emergency Response Teams, and Digital Investigations.
> >
> > http://www.msia.norwich.edu/secfocus
> > -----------------------------------------------------------------
> ----------
> >
>
> --
> Regards,
> Dharmendra T.
>
> -------------------------------------------------------------------
> --------
> EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
> The Norwich University program offers unparalleled Infosec 
> management 
> education and the case study affords you unmatched consulting 
> experience. 
> Tailor your education to your own professional goals with degree 
> customizations including Emergency Management, Business Continuity 
> Planning, 
> Computer Emergency Response Teams, and Digital Investigations. 
>
> http://www.msia.norwich.edu/secfocus
> -------------------------------------------------------------------
> --------
---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------