[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] RaQ3 and Apache DoS
- Subject: Re: [cobalt-security] RaQ3 and Apache DoS
- From: "Rick Ewart" <cobalt@xxxxxxxxx>
- Date: Thu, 20 Jun 2002 11:34:08 -0400
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Chad wrote:
> We have a few RaQ3's running the standard fare Apache
> 1.3.6 (shame, shame) in our racks.. One has been hit
> by two DoS attacks in the last 72 hours... First HTTP
>stops responding, then followed a few mins later by
> other services starting to fail as well... Within
> about 5-10 mins everything goes tits-up...
>
> The solution, reboot the box..
>
> No entries in the logs except the one that Michael
> noted which shows up in the error log as a "child pid
> exit signal Segmentation fault"
I was thinking - if you are running logcheck, it might be a good idea to add
the phrase:
exit signal Segmentation fault
to your logcheck.violations section to help identify if anyone gives it a
shot... Early warning, possibly.
Also, any idea of you can still console into them if they die?
Thanks.
Rick