similar to: database node / possible SYN flooding on port 3306

> Am 20.07.2018 um 18:52 schrieb Nataraj <incoming-centos at rjl.com>: > > On 07/20/2018 03:56 AM, Leon Fauster via CentOS wrote: >> Hi folks, >> >> I have here a database node running >> >> # rpm -qa | grep mysql-server >> mysql55-mysql-server-5.5.52-1.el6.x86_64 >> >> on >> >> # virt-what >> vmware >>

On 07/20/2018 03:56 AM, Leon Fauster via CentOS wrote: > Hi folks, > > I have here a database node running > > # rpm -qa | grep mysql-server > mysql55-mysql-server-5.5.52-1.el6.x86_64 > > on > > # virt-what > vmware > > > that seems to have a connection problem: > > # dmesg |grep SYN |tail -5 > possible SYN flooding on port 3306. Sending cookies.

Hi *Problem *- I'm running Icecast in a VM container on OpenVZ. Syslog on the hardware node (HN) shows these error messages: Jan 23 18:43:05 HN kernel: [27469893.430615] possible SYN flooding on port 8000. Sending cookies. Jan 23 21:37:40 HN kernel: [27480362.817944] possible SYN flooding on port 8000. Sending cookies. Jan 23 23:43:50 HN kernel: [27487929.582025] possible SYN flooding on

On a Linux Server running tincd I noticed the following log message in /var/log/messages kernel: possible SYN flooding on port 655. Sending cookies. I found this on the web: If SYN cookies are enabled, then the kernel doesn't track half open connections at all. Instead it knows from the sequence number in the following ACK datagram that the ACK very probably follows a SYN and a SYN-ACK.

Anyone seen this problem? server Apr 16 14:34:28 nas1 kernel: [7506182.154332] TCP: TCP: Possible SYN flooding on port 49156. Sending cookies. Check SNMP counters. Apr 16 14:34:31 nas1 kernel: [7506185.142589] TCP: TCP: Possible SYN flooding on port 49157. Sending cookies. Check SNMP counters. Apr 16 14:34:53 nas1 kernel: [7506207.126193] TCP: TCP: Possible SYN flooding on port 49159. Sending

I have just finished a patch to linux 2.0.29 that provides the SYN cookies protection against SYN flood attacks. You can grab it from my home page at: http://www.dna.lth.se/~erics/software/tcp-syncookies-patch-1.gz You can also follow the pointers from my home page (see the signature) to get a very short blurb about this patch. Quick synopsys: This implements the SYN cookie defense against SYN

Hello *, I've the following problem with dovecot 1.0.7: /var/log/messages shows | Dec 13 13:48:27 mailbox kernel: possible SYN flooding on port 143. Sending cookies. and /var/log/maillog shows (Please note: nearly the same time): | Dec 13 13:48:28 mailbox dovecot: pipe() failed: Too many open files This leads to an unresponsive mail service and requires a dovecot restart. What

Hello, I current have a FreeBSD 4.8 bridge firewall that sits between 7 servers and the internet. The servers are being attacked with syn floods and go down multiple times a day. The 7 servers belong to a client, who runs redhat. I am trying to find a way to do some kind of syn flood protection inside the firewall. Any suggestions would be greatly appreciated. -- Ryan James ryan@mac2.net

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= CERT(sm) Advisory CA-96.21 Original issue date: September 19, 1996 Last revised: -- Topic: TCP SYN Flooding and IP Spoofing Attacks - ----------------------------------------------------------------------------- *** This advisory supersedes CA-95:01. *** Two

Hello, after some days running without problems, my riello idialog 800 ups get disconnected, and usbfs started flooding syslog with messages like: usb 1-1.2: usbfs: process 57342 (riello_usb) did not claim interface 0 before use Version is 2.7.1-1 debian packages, which I backported from sid to wheezy. Any hint? rob

On 22 febbraio 2014 17:28:16 CET, Roberto Resoli <roberto at resolutions.it> wrote: >Hello, > >after some days running without problems, my riello idialog 800 ups >get disconnected, and usbfs started flooding syslog with messages like: > >usb 1-1.2: usbfs: process 57342 (riello_usb) did not claim interface 0 >before use > >Version is 2.7.1-1 debian packages, which

Hi, We are trying to track some specific rules using LOG as target. Everything is working well but the problem is that iptables is flooding the console with LOG messages. We tried --log level 4 on iptables rules but it didn't work. We fixed the problem changing KLOGD_OPTIONS value in /etc/sysconfig/syslog to: KLOG_OPTIONS="-c 4" Is it the best option or we are missing something?

Hi, my zaphfc is flooding my syslog with two messages (even without asterisk running). Is this "normal"?: -------------------------------------------------- zaphfc: bchan rx fifo not enough bytes to receive! (z1=1360, z2=1353, wanted 8 got 7), probably a buffer overrun. zaphfc: dropped audio (z1=2712, z2=2695, wanted 8 got 17, dropped 9). With Asterisk running (asterisk -vvvvvgc)

Hey guys, OK so I'm pretty familiar with how to edit an init script for memcached so that I can get multiple memcached 'buckets' when starting up the service. The init script would ususally have multiple lines such as these under the start function: # cache_block /usr/local/bin/memcached -d -m 128 -l `hostname -i` -p 11318 -u daemon -c 8172 -v 2>> /tmp/memcached.log

Il 22/02/2014 23:11, Roberto Resoli ha scritto: > On 22 febbraio 2014 17:28:16 CET, Roberto Resoli <roberto at resolutions.it> wrote: >> Hello, >> >> after some days running without problems, my riello idialog 800 ups >> get disconnected, and usbfs started flooding syslog with messages like: >> >> usb 1-1.2: usbfs: process 57342 (riello_usb) did not

Bryan -- I''m using the puppet augeas plugin at http://git.et.redhat.com/?p=ace.git;a=blob;f=modules/augeas/plugins/puppet/type/augeas.rb;h=2346c37d724d7607ed4e09b0413700bec2b7cbed;hb=HEAD I''m running into a behavior that I wouldn''t expect. I''d like to confirm an entry in sysctl.conf by changing the value if necessary or appending the key/value if it

Elio, please see below as well. On Feb 22, 2014, at 5:11 PM, Roberto Resoli wrote: > On 22 febbraio 2014 17:28:16 CET, Roberto Resoli <roberto at resolutions.it> wrote: >> Hello, >> >> after some days running without problems, my riello idialog 800 ups >> get disconnected, and usbfs started flooding syslog with messages like: >> >> usb 1-1.2: usbfs:

Hi, yesterday we experienced a heavy request flooding from multiple servers being a domain member against our Samba Sernet DCs. All those servers are domain members and allow login using PAM (Samba+Winbind). Running TCPDump we had like 400 Requests per 5 seconds like this: tcpdump -i eth0 dst port 389 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0,

Hi Alberto, With systemd it will be as easy as creating additional unit files ( one for > each memcached instance) with its corresponding config file. That should > allow to stop / start / restart each memcache instance individually while > also being systemd compliant. Thanks for the info and for the examples. It really does make sense the way you explain it. Thanks for letting me

On 03/24/2016 03:54 AM, Leon Fauster wrote: > Am 24.03.2016 um 04:21 schrieb Always Learning <centos at u64.u22.net>: >> mysql Ver 14.12 Distrib 5.0.95, for redhat-linux-gnu (x86_64) using >> readline 5.1 > > > > Current version on C5 is mysql55, 5.0 does not get any updates anymore! > Let me reiterate this: the mysql-5.0.95* packages are not supported.