[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] sendmail and yay i got a r00t

Subject: Re: [cobalt-security] sendmail and yay i got a r00t
From: "Michael Zimmermann" <zim@xxxxxxxx>
Date: Tue, 20 Jun 2000 23:35:05 +0200

From: dylan <dylan@xxxxxxxxxxxxxx>
> Anyone have any tips for upgrading Sendmail? 
> There doesnt seem to be an official patch. This is for a raq2. 

Just curious - why not use the new sendmail compiling it from
the sources? Is this not possible on a RaQ2?

> [...] I couldnt get root because the /var/ partition was full 
> (thats /dev/hd*c ) so I had to mount it in a Mandrake box and 
> remove the file - analog.dns which was .. well.. it was massive.
>
> Yup, an official bug. Edit analog.cfg and use /tmp instead of /var 

It's normal behaviour for analog to let its dns-resolution 
cache-file grow and grow and grow. I'd think it would
be better to install a (say) weekly cron-job, which keeps
only the last (say) 10000 records of analog.dns. 
Depending of course on the span your analyzed 
http-logs are going to cover (and the time-intervall 
after which analog is asked to do fresh dns-lookups - 
DNSGOODHOURS and DNSBADHOURS)


Michael

References:
- [cobalt-security] sendmail and yay i got a r00t
  - From: dylan

Prev by Date: RE: [cobalt-security] Re: Cron
Next by Date: [cobalt-security] How do I reset web statisitc on my Raq3
Previous by thread: [cobalt-security] sendmail and yay i got a r00t
Next by thread: [cobalt-security] How do I reset web statisitc on my Raq3

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index