[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] RaQ3 Automatic Reboot?

Subject: Re: [cobalt-users] RaQ3 Automatic Reboot?
From: Wayne Sagar <wsagar@xxxxxxxx>
Date: Sun Apr 22 20:18:54 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

At 05:27 AM 4/23/01 -0400, you wrote:
>Gotta love good tech support ;)

God, ain't that the truth! These guys have been really good to me,
including doing the rebuild from disk for nothing *WHEN* I specified (time
frame) when the machine got comprised.. Very nice. They even mounted the
disk on another machine to check for a full var partition when everone here
thought that might be the cause of the problems.. again n/c I really do try
not to bother them unless it is desparate... I think the cooperation is
appreciated both ways.

>I actually don't know offhand if the raq3 has the watchdog enabled or
>not...

I expect not, since man watchdog brought nothing nor did watchdog --help..
Though from what you describe below.. seems like a darn good thing to have
around! 

>       Watchdog  is  a daemon that checks if your system is still
>       working. If programs in user space are not longer executed
>       it will hard reset the system

Assuming you mean, you activate it when you are working on the box remotely? 

>       The kernel provides /dev/watchdog, which when open must be
>       written to within a minute or  the  machine  will  reboot.

This would be not so good if the box were idle and above were not true..
What a lifesaver this would be if you <ahem> mess something up... (knocking
on the only wood around... my head:)

Thank you for the information... now... if I can just get that stupid
firewall rules script setup for ipchains.. I'll be a very happy camper.. I
had it working to where everything was peachy for normal access.. SSH....
normal web access... checked mail like a banshee.... but If I pinged or
tracrouted.. it was like it was not there.. but.. SMPT was not seeming to
work, either from outside or inside.... When I did the flush command for
ipchains.. the machine locked up and away we went... scary stuff! (err...
or maybe ipchains does not look at hosts.allow? <oops> pinged myself out?
err.. nope.. it blocked all machines... twas a lockup fer sure.. I should
not write these messages at 4:00am!)

Truly wish Cobalt would put ipchains and a firewall rule script on the
boxes, out of the box, with a control panel on the GUI. The boxes would be
1000% more secure, especially if they set them up with a basic "works
anywhere" ruleset and gave adequate directions in the manual for "howto"
make it tighter, looser or whatever you wanted/needed..

I'm simply amazed at how many port scans go on daily. Little buggers even
sniffed out a windows box here that has a linux partition on it
the firewall for that machine rejected hits on every port tonight, over and
over... 

Quick question, I've asked it before but was unsure of the answer so did
not act.. my box gets hit CONSTANTLY on port 137... is it safe to remove
that one from portsentry/ipchains? I'm absolutely filling up my hosts.deny
file with the average of 3-4 an hour... 

Are any of the hits on that port ligit? I've even seen mail servers hit it... 

Thanks again!
Wayne

Prev by Date: Re[2]: [cobalt-users] Time gap
Next by Date: Re: [cobalt-users] Perl 5.6 on RAQ3
Previous by thread: Re: [cobalt-users] RaQ3 Automatic Reboot?
Next by thread: [cobalt-users] Chilli ASP & Coldfusion problem.

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index