Amanda-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Still getting timeout, is there ANYTHING else I should look at?

2003-05-19 14:43:40
Subject: RE: Still getting timeout, is there ANYTHING else I should look at?
From: "Rebecca Pakish Crum" <rebecca AT unterlaw DOT com>
To: <gene.heskett AT verizon DOT net>, <amanda-users AT amanda DOT org>
Date: Mon, 19 May 2003 13:39:36 -0500 
> You might have to reverse that rule too.  If there is a timeout in 
> the firewall, then the client is blocked from making its reply as 
> that socket has been torn down.  The client should be able to 
> re-open it in that case.

Yeah, I did...just in case, forgot to mention it, tho...

> Then you go back to the debug logs as someone else suggested and see 
> how long it takes, then give it another 50% in time cushion for all 
> conditions.

My /tmp dir has apparently cleared since my last good backup of this
client. The only thing I have are all of my debug files from failed
attempts. ?? All I have is several amandad.*.debug files that don't last
any more than a minute or so. I can see my dumper/taper stats from
previous successful backups...but that's about it.
> 
> As far as "not being big enough to worry about that", scuse me, but 
> is it exposed to the internet at all?  If so, you need that stuff.  
> I'd much rather read about failed attempts in the logs than have to 
> clean up after some script kiddie by doing a fresh install.  Who 
> knows, maybe the problem is that you've already been rooted, and 
> amanda is the only visible casualty.  However, I do tend to let the 
> router and the firewall have all the responsibility in that 
> somebody has to get thru both to get into things here, but these 
> two machines have carte blanche with each other, with iptables 
> doing the connections between 2 seperate ethernet cards, and  a dsl 
> router between that and the dsl modem.

When I say "not big enough" I mean that we don't have these big huge
departments where only certain people at certain workstations have
rights to certain servers and whatnot. These two servers do have carte
blanche to each other...as far as the firewall routing goes, one as the
web server...one as the backup server. We harden these boxes pursuant to
their jobs, so there aren't any more services than necessary available
and we kill everyone else at the firewall. My fw logs and server logs
are clean of any signs of compromise. 
> 
> However that sol6 install might be Jon's area of expertise too.

Hate that this box is running sol6, hate that's it's running outdated
NGfw...we technically sold this company last year so my hands are tied
until the new owners take this dinosaur off of my hands. Just trying to
keep it backed up.
> 
> -- 
> Cheers, Gene
> AMD K6-III@500mhz 320M
> Athlon1600XP@1400mhz  512M
> 99.26% setiathome rank, not too shabby for a WV hillbilly 
> Yahoo.com attornies please note, additions to this message by 
> Gene Heskett are: Copyright 2003 by Maurice Eugene Heskett, 
> all rights reserved.
> 
>
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: disklist problems, Mats Blomstrand
Next by Date:  Re: disklist problems, Joshua Baker-LePain
Previous by Thread:  RE: Still getting timeout, is there ANYTHING else I should look at?, Rebecca Pakish Crum
Next by Thread:  Re: Still getting timeout, is there ANYTHING else I should look at?, Gene Heskett
Indexes:  [Date] [Thread] [Top] [All Lists]