Re: FC4, named & system hang

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Mike McMullen wrote:

----- Original Message ----- From: "Mike McMullen" <mlm@xxxxxxxxxxxxxxxxxx>



Hi All,

I am experiencing occasional hangs on an FC4 web server that is
also a name server. After rebooting the only thing I see in the logs
are about a zillion messages from named stating "RCODE (SERVFAIL)".

Here is an example:

Jul 14 02:03:37 www named[1652]: unexpected RCODE (SERVFAIL) resolving '52.134.78.140.in-addr.arpa/PTR/IN': 140.78.2.62#53

These messages go on for about 15-18 minutes and then the system hangs.

I'm assuming it's some type of hacking attempt.

Can anyone give me some insight on what might be happening here and better
yet how to prevent it?

Thanks,

Mike

Reviewing the logs more closely I also see brute force attempts on sshd. I have a rule set up in iptables to disable login attempts for 1 minute if there are 3 attempts a minute.

The logs show the same site being blocked and then trying again about 5 minutes later.

However, the system hang occurs about 7-8 minutes after the last ssh attempt and about
a 100-200 RCODE errors later.

Any help appreciated!

Mike


Maybe you should look into denyhosts. I believe it's in the Extras repository, and you can configure it to deny access to sshd from any IP address that repeatedly fails logins (brute force attacks). There's also a configuration option that allows you to block all internet services to that IP address.

Sorry I can't help you with why your system is hanging, but if you're not being brute force attacked, maybe your system won't hang anymore.

Hope this helps,
Justin Willmert

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux