Scott C. Best, 2001-04-26 22:45 -0700
> So, I ran the Nessus scan on an Eigerstein 2.2.16
>running echowall. The report, as with Steven's experience,
>isn't very interesting: nothing found since I left nothing
>active (I commented out the WANTED_SERVICES line before
>restarting the firewall and testing). Report attached at
>the end of the email.
Scott,
Thanks for running the test.
> What *is* interesting though is the packet logging.
>Oh my. Filled my ramdisk, preventing echowall from re-
>running, as "echo test > file" won't work if the disk is
>full. So...be cautious turning Nessus loose on your own
>LRP box. :)
I think this is a problem. I believe the ramdisk shouldn't fill up under
any circumstances. Can we change log rotate to trigger on file size in
addition to periodically?
> Makes me wonder though. At the start of the scan,
>/var/log/syslog, messages and kern.log were 15k, 13k, and
>13k respectively. After the scan...all *three* of them were
>over 980k before I ran out of disk space.
> Sure, a brute-force DOS attack but...what am I doing
>wrong where each packet log gets recorded in 3 places?
>
> Also...I noticed my cable-modem connect thru the LRP
>was sluggish after the disk was filled. I checked with
>www.bandwidthplace.com/speedtest and it confirmed: 671 kpbs
>with a full disk, and 1293 kbps immediately after a reboot.
>Perhaps the next time someone on the LRP lists mentions
>that their LRP box is "acting slow" we should ask if they
>recently unleased Nessus on it.
That's strange.
--
Mike Noyes <[EMAIL PROTECTED]>
http://leaf.sourceforge.net/
_______________________________________________
Leaf-devel mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/leaf-devel
