[ale] hacker problems.
Russell Enderby
Russell.Enderby at arris-i.com
Thu Oct 14 09:58:24 EDT 1999
Actually I used to get this often. It is usually due to a syn flood. I
recommend shutting down incoming ICMP. I still use 2.0.36 so my firewall
rule in ipfwadm is:
ipfwadm -I -a de -P icmp
This shuts down in and out. You might want to just shut off incoming only.
Hope this helps,
Russell
jj at spiderentertainment.com wrote:
> That is correct, not freaking messages, except for some syn flooding
> message, but not alot about 50 or so, anyhow I changed few things around,
> and I'm staying up all night to see what the h** is going on.
>
> Thx.
>
> On Wed, 13 Oct 1999, Joe Steele wrote:
>
> > So it crashed without leaving any messages in the logs?
> >
> > (By the way -- your clock is about 3 days fast.)
> >
> > -Joe
> >
> > -----Original Message-----
> > From: jj at spiderentertainment.com [SMTP:jj at spiderentertainment.com]
> > Sent: Saturday, October 16, 1999 1:51 PM
> > To: ale at ale.org
> > Subject: [ale] hacker problems.
> >
> >
> > Folks, I need some help with this issue.
> >
> > I have a 2.0.36 kernel and hosting about 60 sites, on a wicked machine.
> > But recently I have been getting opps messages, and then(few days later,
> > after opps messages disappear) the machine went down.
> > What happened is that CPU load average was well above 300%, I couldn't
> > telnet into it or anything.
> > I checked for syn flood but that is not the case. How can I debug this ?
> >
> >
--
Russell T. Enderby Arris Interactive
Software Engineer 3871 Lakefield Dr,
Suite 300
Cornerstone Software Development Group Suwanee, GA 30024-1242
Email: Russell.Enderby at arris-i.com
More information about the Ale
mailing list