Good advice!
Thanks for helping without the "corrective elitist attitude"!
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Glenn Sent: Thursday, November 20, 2008 5:16 PM To: CentOS mailing list Subject: Re: [CentOS] Re: SYD flood dropped on Sendmail (centos 4.x)
At 07:03 PM 11/20/2008, you wrote:
on 11-20-2008 3:31 PM Kai Schaetzl spake the following:
Chris Heiner wrote on Thu, 20 Nov 2008 13:43:44 -0800:
I get complaints about "the servers asking for username and password".
from your users or what? Of course, they may complain. A big dictionary attack can take almost all the bandwidth for some time or leave a
backlog
of dovecot instances. Please, as I understand you are a server adminstrator for quite a few machines, correct? Yet, you are answering in a way as if you just
brought
your first server online.
Btw, it's a *SYN* flood, not a SYD flood and that won't change even if
you
repeat it again and again.
I
started test@ accounts all many servers to try and track it down.
Pardon, you did what?
I have tried restarting POP and SMTP in the past
You may want to kill all dovecot instances, in case you *are* running dovecot (if not, then of what you use, but I know that dovecot likes to hang in this way if hammered). Just restarting it may not kill the
backlog
of hanging connections. A "ps ax|grep login" would help to see if instances are still running. Restarting SMTP: again, this has nothing to do with SMTP!
Kai
CentOS 4 comes with a very OLD version of dovecot. If you are using dovecot, you can get a much newer version at atrpms.net. The upgrade might be all you need to fix it.
Watch out for this gotcha! The Dovecot version 1.0.x that comes with CentOS 5.x is much better and I run it and would recommend it, but the configs for 0.99.x (Came with CentOS 4.x) are incompatible with the previous version.
Cheers, Glenn
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
---------------------------------------------- Gateway Anti-Spam Anti-Virus Protection by Network Designs Inc. 949-727-3393 For a complete list of services go to www.networkdesignsinc.com ----------------------------------------------