Rwhois testing
Jeremy Kister
argus-01 at jeremykister.com
Tue Apr 27 15:41:20 EDT 2004
for rwhois testing, I've been using the method i suggested (in the
archives).
Recently, i became aware that under corrupt conditions, the rwhois server
will display it's banner, but fail to produce any results when quering for
an ip. I altered the method to readhow => "toeof", and i changed my config
to:
Service TCP/Rwhois {
hostname: a.rwhois.broadviewnet.net
send: 172.16.35.2\r\n
expect: %ok
}
this seems to be working well; my question is: how can i merge these two
together ?
i.e. when my config reads:
Service TCP/Rwhois {
hostname: a.rwhois.broadviewnet.net
}
Argus shows the object down ...because TCP timeout: expecting
tcp::rbuffer clearly has the banner -- can i do something in the Rwhois
method to make the socket close while not impacting my new functionality?
Jeremy Kister
http://jeremy.kister.com/
More information about the Arguslist
mailing list