Le 01/06/2016 à 11:14, Renaud Allard a écrit :
On 05/31/2016 07:44 PM, Samuel wrote:
Hi,
Last night, Exim stoped working for few seconds (no response) and I see
a strange things in my logs :
/var/log/exim4/mainlog :
2016-05-31 05:55:44 TLS error on connection from
researchscan258.eecs.XXXX.edu (eecs.XXXX.edu) [1XX.212.XXX.3]
(gnutls_handshake): Could not negotiate a supported cipher suite.
2016-05-31 05:55:44 H=researchscan258.eecs.XXXX.edu (eecs.XXXX.edu)
[1XX.212.XXX.3] Warning: erreur : tls-failed
So if I understand well, A special craft ssl request can cause DOS on
Exim on Grsecurity kernel ?
This is the first time I see this logs.
What can I do to stop this ?
Easy way: disable CONFIG_GRKERNSEC_BRUTE in your kernel
I would like to avoid disable it if possible ...
Harder way: enable signal logging to see what triggers the bruteforce
prevention.
It seems to be yet enable, but can't find where logs are ...
cat /proc/sys/kernel/grsecurity/signal_logging
1
Thanks for your help.
Samuel.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
