18 Apr
2009
18 Apr
'09
5:33 a.m.
On Saturday 18 April 2009 10:54:30 jtd wrote:
How do I find out what is being downloaded ? or what program is the guilty one ?
assuming you have one nic connected to the modem
tcpdump -vv -i eth0 will dump all packets passing thru eth0
maybe somewhere he has told some package to automatically update itself? Or is someone trying a brute force attempt to ssh into the system? shutting down sshd - if it is running - may help. /var/log/messages would normally show attempts at ssh login.
--
regards
Kenneth Gonsalves
Associate
NRC-FOSS
http://nrcfosshelpline.in/web/