[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] RE: RE: Kernel: Oops (raqr4)

Subject: [cobalt-users] RE: RE: Kernel: Oops (raqr4)
From: "Jon" <jjma100@xxxxxxxxxxx>
Date: Sat Jan 10 05:47:02 2004
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

Dan,

> > I had to reboot the cobalt via our apc switch today as the
> > connection to the server hung and on investigation I have
> > noticed alot of
> >
> > "possible SYN flooding on port 80. Sending cookies."
> in the kernel log
> >
>
> Can you get a quick look at /var/log/httpd/access and
> see what IP may be
> hitting you? Do you use robots.txt in your sites to
> block script
> directories? If you have a script that gets hit by an
> outfit called Web
> Clipping http://www.webclipping.com/ you could have
> problems. They hit
> my dmoz.org interface script once ignoring robots.txt.
> I recorded over
> 50,000 hits from them in a short period of time.

Our access log stopped at the time the logrotate script ran
(having problems with logrotate) so I couldn't check to see if we
were being blasted by outside sites. Reboot seems to have solved
the problem however I think it is related back to the old problem
of logrotate being unable to rotate the access log. Am keeping
eye on the server for potential problem recurring and have
written simple script to grep, then mail results, kernel log for
SYN flooding so that I can act.

Thanks

Jon

Prev by Date: Re: [cobalt-users] RaQ550 FTP Server
Next by Date: Re: [cobalt-users] RaQ550 FTP Server
Previous by thread: NetBSD and web gui (Re: [cobalt-users] Qube 2- thanks for help!)
Next by thread: [cobalt-users] Mapping Username to UID

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index