Eric, I haven't posted that information because we haven't ascertained yet that the problem lies with my system.
The first rule of troubleshooting, when something has worked flawlessly for a long time, is to ask yourself "what changed?" My system ran a year without a hiccup. Suddenly this problems starts and nothing has changed in my configuration. I more or less assumed there was probably some kind of DOS attack happening. The reason I tried a few versions of BSD as a solution is because I can install a version and have it running in about 30 minutes. There was a very good chance that something in one version might be different enough than another version that it might take care of the problem without a lot of research and debugging. I also tried some changes to my packet filter but later discovered that I could turn packet filtering off and the problem still happened. So its not the ruleset. However, if it's a DOS issue adding a rule might solve the problem too. So before I spend any more time trying to "fix" something which might not be broken I wanted to find out if anyone had heard anything or experienced anything which might confirm the problem is originating outside my network. Make sense? I once spent 2 days trying to fix a windows server and I was so intent on fixing it that I never looked around elsewhere. Turns out a worm was attacking SQL servers and a patch from Microsoft that took 5 minutes to apply fixed it. How did I hear about the worm? A friend called me. Had I been smart and started with the simple things first, like a question or reading about current security issues, I'd not have wasted those two days. If everyone else is good and there are no bulletins or similar problems happening elsewhere and the problem starts looking like my system I will continue working on it. I just thought it wise to poke my head out of the box for a minute and look around. :) > -----Original Message----- > From: eric [mailto:[EMAIL PROTECTED] > Sent: Thursday, June 30, 2005 12:54 PM > To: Dave Beckstrom > Cc: 'Jason Crawford'; misc@openbsd.org > Subject: Re: DOS Attacks? > > On Thu, 2005-06-30 at 12:24:46 -0500, Dave Beckstrom proclaimed... > > > Jason, > > > > Uh...your inexperience is showing. :) The title of the post is "DOS > > attacks?" My question was, "Has anyone heard anything about any worms > or > > DOS attacks happening which might account for this?" > > > > Of course I expect useful information such as confirmation that someone > else > > is experiencing attacks that result in similar symptoms on the server or > > perhaps there was a security bulletin released for OBSD that I have > missed. > > > > There was a bulletin just released for FreeBSD's TCP stack which talked > > about an exposure to DOS attacks that could cause TCP to stop working. > > > > Seems reasonable to inquire about OBSD when I'm having a problem that > sounds > > like it might possibly be related, doesn't it? > > > Post some details of your problems. We're certain you have the > skill the investigate, so show us facts. How about just a dmesg for > starters? How about your pf.conf? How about some netstat(8) info? How > about > vmstat info? > > Please quit wasting people's time.
