On Wednesday 15 January 2003 11:30 am, Tibbetts, Ric scribbled nervously: > Mark Weaver wrote: > > On Wednesday 15 January 2003 10:57 am, Tibbetts, Ric scribbled > > > > nervously: > >>Sheesh! > >>NOW, the server (firewall side) is just bulk rejecting ALL connections > >>(again!). It considers any incoming mail as a SYN attack, and rejects > >>it! (egads! I'm getting tired of this chase!). I thought I had this > >>sorted out... > >> > >>/var/log/messages is bing filled with messages like: > > > > [snip] > > > >>It's all incoming mail, that is not coming in! > >> > >>Any thoughts on WHY it would interpret all incoming connections as an > >>attack? Anything not already blocked is interpreted as a SYN attack, > > > > and > > > >>is rejected, and added to the list.... > >> > >>Thanks ! > >> > >>Ric > > > > Ric, > > > > do yourself a huge favor and turnoff and uninstall PortSentry. He's a > > tired > > old man with a serious bladder control problem. he sh*ts himself from > > time to > > time as well. do that and you should be feeling a lot better. > > I shut it off when it started puking like that. THen I cleaned out > /etc/hosts/deny. > > But it's still not accepting any connections, it's just quieter about > it. It's just not receiving anything. When it did this the other day, > xinetd was down. I checked that... alls well there. It's running. > > this is really getting frustrating! If I were 3000 miles closer, I'd > shoot the thing between it's transistors, and rebuild it. But I'm just a > bit to far away for that. > > I can still ssh in, so at least I can work on it. But I'm lost as to why > it started doing this again... It was fine, up until about a half hour > ago.. Then it just stopped receiving connections. There's nothing in the > logs.. > I even tried the M$ method: Reboot.. no joy. It didn't help. > > And stopping portsentry doesn't make any difference. > It's not the mail system either. I reverted back to the pre-spam filter > version. That didn't make any difference. > It's just started rejecting all connections. > > gotta be a reason.... > > Ric
well...this sounds horribly familiar, so I'll set to work trying to recall what it was I was doing when this happened to me, and how I handled the situation. damned thing of it I should have kept up my journal of that period. there was a time when everything I touched on that machine turned to crap! it's not so bad now cause I've had a lot of practice. :) don't worry though...it'll come to me...eventually. -- Mark ------------------------------------------------------------------------------------------ Powered By Mandrake Liinux 9.0 || Toshiba Portege ICQ# 27816299 ------------------------------------------------------------------------------------------ Saying Open Source DRM is the same as saying Military Intelligence. Repeating it makes my brain hurt! author Unknown...
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
