similar to: way to duplicate logs?

We're supposed to provide redundant firewall service. I'm wondering if anyone has ever tried to do this and if it's realistic. Basically 2 firewall machines hooked up so if one fails the other will transparently step in. I've googled it to death without much luck. The security issue here lies in that the 2 firewalls can't talk to each other. So if I'm keeping state on

Hello, I've been playing a bit with the "noexec" flag for filesystems. It can represent a substantial obstacle against the exploitation of security holes. However, I think it's not perfect yet. First thing, an attempt to execute a program from a noexec-mounted filesystem should be logged. It is either a very significant security event, or it can drive nuts an

Hello- What is the best way to deal with getting logs for someone attacking my box? I am not really sure, but I think it may involve tcpdump. Is there any way to implement this so that it can be running before an attack happens?.....see the problem is, that I do not have physical access to the box and if it is taken down(unaccessible by remote means), I cannot log in to start a dump. What

Hi, this was originally reported on ports@. [1] Someone noticed that after after running sudo their session disappeared when running `w` afterwards. I've done a little experimenting and this is caused when pam_lastlog.so is included in sudo's pam file. This results in the user still being logged in though according to the system logs the user has logged out. Here's an example:

I am experiencing poor network performance on Dom0. When i ping other hosts on the same LAN, packets are out of order, and they show response times ranging from < 1 ms to several seconds, and some packets get lost. For example, a typical ping result looks like this: 87 packets transmitted, 80 received, +3 errors, 8% packet loss, time 86038ms rtt min/avg/max/mdev =

Hi all, I think I'm experiencing a bad mbuf leak or something of the sort and I don't know how to diagnose this further. I have a machine at home that is mostly used for transcoding video for viewing on my TV via the multimedia/plexmediaserver port. This software runs in a jail and gets the actual files from my NAS via NFSv4. It's a pretty simple setup and sits idle unless I am

Hi, Sorry for cross posting. I have with FreeBSD 5.3-stable server which serves as a public shell server. FreeBSD public.ub.mng.net 5.3-STABLE FreeBSD 5.3-STABLE #6: Wed Nov 24 15:55:36 ULAT 2004 tsgan@public.ub.mng.net:/usr/obj/usr/src/sys/PSH i386 It has ssh and proftp-1.2.10 daemons. However it was hacked and I'm trying to analyze it and having some difficulties. Machine is

Ive been googling quite a bit now for problems with running out of mbuf clusters. Im basically sending a 30k datachunk down 1000-4000 connections, but 1000 is more than enough to quickly fill upp 8192 mbuf clusters. I also tried setting maximum amount of mbuf clusters to 65536, but that only made the box hard-wire 86MB of 96MB RAM, making it just as unsuable as a dead machine. Of course, when the

Hi, Anyone else noticing any TCP Stack requests for information under a useraccount with mild to moderate TCP activity on HTTP and other sorts of ports returns zero results back unless you are root. [site@Eden ~]$ netstat -i reports netstat: kvm not available: /dev/mem: Permission denied ifnet: symbol not defined [site@Eden ~]$ netstat -an [site@Eden ~]$ netstat -m 377/823/1200 mbufs in use

Hi All, Mysql service is going down continously in my system due to lack of memory space. I checked the messages log and found the following error message. All mbuf clusters exhausted, please see tuning(7). I have no idea about mbuf cluster. Can anyone please help me to fix the issue. I hope the information below will help you. Following is the output of top. last pid: 84718; load

Hi there, I have some DDOS(?) attack on my router going where my apache HTTP server is flooded with short-timed connections from some host. This results in LOTS of sockets in TIME_WAIT/LAST_ACK/CLOSING states and eventually I'm out of mbufs, which, consequently means I can't even connect to the router from LAN. The kern.ipc.nmbclusters is 2560, (I guess high enough for router with

http://bugzilla.mindrot.org/show_bug.cgi?id=1152 Summary: Bogus data in wtmp Product: Portable OpenSSH Version: 4.3p1 Platform: ix86 OS/Version: FreeBSD Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org ReportedBy: bugzilla at goetz.co.uk

Dear SIR's On Tru64 4.0F i get do you know how I can avoid it? Rgds Henrik PS. What should I expect on LDAP (got an error using --with-ldap): ============================================================================ ==== Compiling nmbd/nmbd_nameregister.c In file included from include/includes.h:258, from nmbd/nmbd_nameregister.c:25: /usr/include/net/if.h:182:

Dear List, the attached patch makes rsync of local folders almost as fast as cp. when rsync client and server has detected that they are working in local_server mode, they use local_socket, a unix domain socket pair, to pass the file descriptors of the synced files. the server uses the file descriptor it receives from the client to fast copy from src to dst file. on completion of every file fast

Also, try doing 'who /etc' or any other directory. -----Original Message----- From: Mike Jakubik [mailto:mikej@trigger.net] Sent: Friday, July 04, 2003 1:23 PM To: Stable Subject: RE: who am i root@ns1:~# who am i root ttyp1 Jul 4 13:20 (wettoast.org) root@ns1:~# login login: wettoast Password: Last login: Fri Jul 4 09:48:25 on ttyp1 Copyright (c) 1980, 1983, 1986,

On 9/8/2015 11:54 PM, Xie, Huawei wrote: > On 9/8/2015 11:39 PM, Stephen Hemminger wrote: >> On Fri, 4 Sep 2015 08:25:05 +0000 >> "Xie, Huawei" <huawei.xie at intel.com> wrote: >> >>> Hi: >>> >>> Recently I have done one virtio optimization proof of concept. The >>> optimization includes two parts: >>> 1) avail ring

On 9/8/2015 11:54 PM, Xie, Huawei wrote: > On 9/8/2015 11:39 PM, Stephen Hemminger wrote: >> On Fri, 4 Sep 2015 08:25:05 +0000 >> "Xie, Huawei" <huawei.xie at intel.com> wrote: >> >>> Hi: >>> >>> Recently I have done one virtio optimization proof of concept. The >>> optimization includes two parts: >>> 1) avail ring

Dear R users, I am using Sweave. I would like to use the width option for the graphics : \begin{figure}[h!] \centering \includegraphics[width=0.7\textwidth]{x} \end{figure} How do I get this ? Thank you very much, Randall [[alternative HTML version deleted]]

I have no excludes in yum.conf. But I noticed something odd in the CentOS-Base.repo file. The [updates] section didn't have an explicit 'enabled=1' in it. Though, when I added it in, it made no difference. I have noticed that I do have some updated packages (like httpd) that are from February and appear to be the most recent based on the mirrors, but every mirror I hit I see no

Dear R users, I want to count the number of ones in a vector x. That's what I did : length( x[x==1] ) Is that a good solution ? Thank you very much, Randall [[alternative HTML version deleted]]