flyinweb's blog

There are few commands I usually use to track if my server is possibly under a Denial of Service attack or under Distributed Denial of Service

Sys Admins who still have not experienced the terrible times of being under a DoS attack are happy people for sure …

Recently has become publicly known for the serious hole found in all Apache webserver versions 1.3.x and 2.0.x and 2.2.x. The info is to be found inside the security CVE-2011-3192 – https://issues.apache.org/bugzilla/show_bug.cgi?id=51714

Apache remote denial of service is already publicly cirtuculating, since about a week and is probably to be used even more heavily in the 3 months to come. The exploit can be obtained from exploit-db.com a mirror copy of #Apache httpd Remote Denial of Service (memory exhaustion) is for download here

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

          Apache HTTPD Security ADVISORY
          ==============================
                    UPDATE 2

Title:       Range header DoS vulnerability Apache HTTPD 1.3/2.x

CVE:         CVE-2011-3192
Last Change: 20110826 1030Z
Date:        20110824 1600Z
Product:     Apache HTTPD Web Server
Versions:    Apache 1.3 all versions, Apache 2 all versions

Changes since last update
=========================
In addition to the 'Range' header - the 'Range-Request' header is equally
affected. Furthermore various vendor updates, improved regexes (speed and
accommodating a different and new attack pattern).

Description:
============

A denial of service vulnerability has been found in the way the multiple
overlapping ranges are handled by the Apache HTTPD server:

     http://seclists.org/fulldisclosure/2011/Aug/175

An attack tool is circulating in the wild. Active use of this tool has
been observed.

The attack can be done remotely and with a modest number of requests can
cause very significant memory and CPU usage on the server.

The default Apache HTTPD installation is vulnerable.

There is currently no patch/new version of Apache HTTPD which fixes this
vulnerability. This advisory will be updated when a long term fix
is available.

Linux I/O多路复用技术在比较多的TCP网络服务器中有使用，即比较多的用到select函数。Linux 2.6内核中有提高网络I/O性能的新方法，即epoll 。

One of the common complaints we've received over the years about BIND 9 is that large authoritative servers, particularly those with a very large number of small zones, are slow to launch. I've met some DNS operators who expressed a powerful aversion to upgrading their systems, because a shutdown and restart can literally take all day.

If that describes you, I have some good news. There is a simple optimization for BIND 9 that can dramatically improve your startup performance. New versions of BIND are being released soon to take advantage of it.

问题：

配置ISM时出错：
[root@idsserver ~]# ism_op -label /usr/backup/ptape -pool ISMDiskData -volume ISMData.0001
nsrmm: Invalid pool name `ISMDiskData'.
[root@idsserver ~]# ism_op -label /usr/backup/ltape -pool ISMDiskLogs -volume ISMLogs.0001
nsrmm: Invalid pool name `ISMDiskLogs'.

Linux AS4U8,
InformixDynamic Server Version 9.40.UC1E1
虚拟机环境

解决：

重启了一下虚拟机，重头做起，正常了，不过仍然不知道问题出在哪里?

第 1 部分: 基本原理

使用 GParted 调整传统分区

简介： Linux® 系统经常安装在多个分区上，每个分区有一个固定的大小。如果您的需求发生变化，那么就需要经常调整分区大小来适应您的需求变化。在 Linux 中有一些工具可以处理这类操作，但是也有一些潜在的陷阱和限制，使任务执行比看上去更为困难。这篇文章将引导您完成调整 Linux 分区大小的任务，从基本准备开始，使用图形化用户界面（GUI）工具移动到普通可调整大小的场景中。

如果您使用的是普通分区设备，那么很可能您的磁盘使用几个分区。如果您没有正确的设置分区大小或者您的需求发生了变化，您将发现需要重新设置分区大小。要做到这一点，您必须很清楚自己调整分区大小的需求，而且要熟悉完成这一任务的工具。很多情况下，调整操作一般都很顺利，然而，许多障碍都是粗心大意引起的，甚至对那些已经做了充分准备的人也不能避免。

本文首先介绍调整工具的一些潜在功能和限制，以及在开始调整操作之间要进行的一些准备工作。然后介绍了 GParted 分区大小调整工具（也可称为 Gnome Partition Editor）。

注：为了简便起见，我用调整（resizing）一词涉及几种操作，包括增加分区大小，减少分区大小和移动分区。有时候，只有一个操作是可行的，而其他的不可行。有时候这些操作本身比其他操作风险更大，这些差别很重要，我注意到了这个事实。