I have a single FreeBSD server (5.1) that I run at home behind a firewall with ports open for ssh, dns, and http. I began having trouble with my DNS not responding, then noticed that ssh was not responding either. Upon logging in at the server, I noticed error messages about my /tmp filesystem being full. Issuing df revealed the following:
Filesystem 1K-blocks Used Avail Capacity Mounted on /dev/ad0s1a 253678 72770 160614 31% / devfs 1 1 0 100% /dev /dev/ad0s1e 253678 542 232842 0% /tmp /dev/ad0s1f 8209710 3440818 4112116 46% /usr /dev/ad0s1d 253678 253106 -19722 108% /var
Upon further investigation, I noticed a series of grossly bloated messages logs:
-rw-r--r-- 1 root wheel 43001 Oct 13 22:37 messages -rw-r--r-- 1 root wheel 196001815 Oct 13 17:00 messages.0 -rw-r--r-- 1 root wheel 87398 Oct 13 16:00 messages.1.bz2 -rw-r--r-- 1 root wheel 87096 Oct 13 15:00 messages.2.bz2 -rw-r--r-- 1 root wheel 109446 Oct 13 14:00 messages.3.bz2 -rw-r--r-- 1 root wheel 184596 Oct 13 13:00 messages.4.bz2 -rw-r--r-- 1 root wheel 36822 Oct 13 12:00 messages.5.bz2
This is the first BSD box that I have had that allows DNS queries, and this is the first time I have experienced something like this. Is it some sort of DOS attack? I am sure there are a hundred variables that I am unaware of, but if some of the list sages could be so kind as to prod me in the right direction(s) I would be most appreciative.
Thanks, -- Barry C. Hawkins All Things Computed site: www.allthingscomputed.com/ weblog: www.allthingscomputed.com/blog/
_______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
