Re: [freenet-support] DoS
Hi all, excuse me, but I am not willing to run freenet again, until one has answered my question for my security. This is an urgent question about running it, not how to get it run, so plz answer my question. As the whole thing is lacking of documentation, I do expect my question to be answered. Expect me to deny using freenet if you are not willing to do so! Because freenet needs people using it to be capable to run, every user is worthful and so I need to feel to be noticed with my question at least. Thank you for understanding my position. cheers, Sascha -- GNU Linux | The politician is someone who deals in man's problems of 2.4.19-cr | adjustment. To ask a politician to lead us is to ask the on a | tail of a dog to lead the dog. -- Buckminster Fuller i586 | | | ___ support mailing list [EMAIL PROTECTED] http://hawk.freenetproject.org/cgi-bin/mailman/listinfo/support
Re: [freenet-support] DoS
Sascha The way freenet is built noone can do a direct DoS attack within freenet. Whenever anyone is DosS:ing all of the nodes in freenet will share to load. I personally think that your log file looks just fine, it is completely normal for some connections to die now and then, it is also quite normal to see some errors like 'Unkown control byte' and such since development is ongoing the whole time and since internet is not always doing good things to the data transmitted over it. As for the load issue, probably your node has become quite popular amongst the other nodes. This happens when you have a large datastore with popular data in it. The 'Too many ongoing connections' is a good sign of popularity, if you have the hardware for it you can increase the maximum number of threads your node is allowed to use, this will make your node able to handle (and make positive use of) more of the incoming connections. If you want to get rid of the load, you can try to shut down your node for a day or so. When you restart it again it will be quite a bit less popular due to its outage. Another possible reason for the overload might be that frost is trying to upload much of your shared files into freenet (because of the flood you mentioned). Will your load decrease if you shut down Frost for an hour or two? Btw, are you running the node properly nice:d? /N ___ support mailing list [EMAIL PROTECTED] http://hawk.freenetproject.org/cgi-bin/mailman/listinfo/support
Re: [freenet-support] DoS
Hi, thank you so much for answering my questions! I really do feel better now and will continue sharing my computer for freenet, which I am convinced of, is a pretty much good invention! mentioned). Will your load decrease if you shut down Frost for an hour or two? Load immediately decreases, when shutting down frost/freenet. After restarting, my current experience is this: A few minutes like 10 or 30 I have 10 to 20 connections, then it explodes to more than 30. This seems to consumes my load. Sometimes, like the log says, they decrease which I haven't monitored, yet, but do explode again suddenly. If I refuse to start frost, freenet is using cpu time that leads to load about 6 which is accepteable. So frost is the bad guy... As I have old and small harddisks, the amount freenet is capable to use is about 350 MBytes, so I hardly believe that this is the cause for my heavy load, but frost's communication, because there are only 2 up to 8 connections to my freenet port I have monitored ever. Btw, are you running the node properly nice:d? The java is at place one consuming 9x% of cpu time when watched by top. I haven't reniced it, because I think it consumes it's cpu time it needs, so if fiddling with it, I would loose contact, right? Would using a different freenet file system decrease cpu usage leading to less load? ...as the linuxbox should be capable to do other things, I am planning to build another one just for running freenet/frost, which costs more power/money, but increases my security and keeps my first linux-box useable. The linux box has an AMD-3D cpu at 300 MHz and the new box will have a similar one, when finished. Is there a floppy distribution which can do java to run freenet/frost? I'd like to save using a harddisk to run the second linux box, if possible. In the end, I am happy to have joined this mailing list. Thanx again for your fine help. I don't understand, why there is so less docs and, as far as I have noticed at the frost message board, there is lack of developers, too. Why is that? There is really an urgent need of a common and and a more technical FAQ... cheers, Sascha -- GNU Linux | The early bird who catches the worm works for someone who 2.4.19-cr | comes in late and owns the worm farm. -- Travis McGee on a | i586 | | | ___ support mailing list [EMAIL PROTECTED] http://hawk.freenetproject.org/cgi-bin/mailman/listinfo/support
Re: [freenet-support] DoS
Sascha Wüstemann ([EMAIL PROTECTED]) wrote: I haven't reniced it, because I think it consumes it's cpu time it needs, so if fiddling with it, I would loose contact, right? Would using a different freenet file system decrease cpu usage leading to less load? If you only have a 350 MB data store, it seems unlikely that you could have a large enough number of files in any given subdirectory to cause O(n^2) directory-search issues with ext2 file systems. But this is largely a guess on my part -- if you want to benchmark reiserfs vs. ext2 and document your results, I'm sure many people would find them quite interesting. For larger data stores on Linux, reiserfs is the recommended choice of host file systems. *BSD file systems are generally good for this as well (but the lack of a top-quality Java runtime for BSD systems hurts immensely). The linux box has an AMD-3D cpu at 300 MHz and the new box will have a similar one, when finished. This is a slow CPU by Freenet standards. The Freenet node performs massively heavy math/crypto work. I have a K6-2 333 MHz CPU in the box on which I run a transient node (and my web browser). If I load The Freedom Engine on this machine, the load average easily reaches 25-30, and the system isn't usable for much else until it settles down. (This box also runs Linux 2.2.21, which is not known to handle massively multithreaded Java applications particularly well; it might do better under Linux 2.4.) If you're going to run a permanent node on such an old machine, either let the machine be dedicated to Freenet and nothing else, or use nice and lower the maximumThreads value to something that will keep the system usable for other jobs. You'll have to experiment to find what works best for you. Is there a floppy distribution which can do java to run freenet/frost? I'd like to save using a harddisk to run the second linux box, if possible. -rw-rw-r--1 freenet 1007 22839295 Oct 30 21:58 /freenet/j2re-1_4_1_01-linux-i586.bin You'd need a very large floppy disk to hold a Java runtime! (LS-120) Maybe a bootable Linux+Java+Freenet CD, using RAM disk for the data store, would be a feasible project. With ARKs and a sufficiently clever boot script, I really do believe it's possible to roll out cookie cutter Freenet nodes in this manner. (You could even fit it all on one of those miniature CDs.) The obvious problem with this (diskless nodes) is that if one of them crashes, it loses the whole data store. Freenet is designed to work best with permanent nodes that retain their data for as long as it remains popular. I don't know how big an impact the loss of a single permanent node's data store makes, but obviously it can't be a good thing. On the other hand, the ability to erase your data store completely, simply by hitting the power button, may be a useful feature in some environments (running a node in a country like China, etc.). -- Greg Wooledge | Truth belongs to everybody. [EMAIL PROTECTED] |- The Red Hot Chili Peppers http://wooledge.org/~greg/ | msg02747/pgp0.pgp Description: PGP signature
[freenet-support] DoS
Hi all, running freenet for the comunity, is primarily used for frost, here. Frost is currently at a Denial of Service attack and since then, I am watching a lot of more connections to my node than before and downloads have totally stopped, but that might belong to other reasons. plz have a look at the freenet.log.snippet encluded to tell me, if evertything seems just normal and that I can continue running freenet. at the time I have stopped it, because it causes a load from 10 to 18 (!) on my linux machine, which I can't use anymore because of that high load. cu, Sascha Jan 29, 2003 1:04:00 AM (freenet.node.Node, main): Starting interfaces.. Jan 29, 2003 4:06:55 AM (freenet.session.FnpLinkManager, QThread-1129): Too many ongoing negotiations! (31/30) Jan 29, 2003 4:07:07 AM (freenet.session.FnpLinkManager, QThread-1149): Too many ongoing negotiations! (30/30) Jan 29, 2003 4:07:12 AM (freenet.session.FnpLinkManager, QThread-1134): Too many ongoing negotiations! (32/30) Jan 29, 2003 4:47:19 AM (freenet.node.states.request.TransferReply, QThread-1215): Failed to send data with CB 0x83 (CB_RECV_CONN_DIED), on chain 6aa5a52b41de6f93 Jan 29, 2003 4:50:55 AM (freenet.node.states.request.TransferReply, QThread-786): Failed to send data with CB 0x83 (CB_RECV_CONN_DIED), on chain 6479cae25e70e0ad Jan 29, 2003 5:21:26 AM (freenet.node.states.request.TransferReply, QThread-1487): Failed to send data with CB 0x7a (Unknown control byte), on chain 8d704013588c2ae6 Jan 29, 2003 9:26:24 AM (freenet.session.FnpLinkManager, QThread-2723): Too many ongoing negotiations! (32/30) Jan 29, 2003 9:26:26 AM (freenet.session.FnpLinkManager, QThread-2750): Too many ongoing negotiations! (30/30) Jan 29, 2003 9:26:41 AM (freenet.session.FnpLinkManager, QThread-2703): Too many ongoing negotiations! (40/30)