Date: Fri, 27 May 2005 13:16:03 -0400 From: "Jovan Ross" <jovanross@msn.com> To: freebsd-stable@freebsd.org Subject: FreeBSD 5.4 Dropping off Network Message-ID: <BAY107-F866C0BE7F335BA21587C9A4000@phx.gbl>
next in thread | raw e-mail | index | archive | help
I am experiencing problems keeping FreeBSD 5.4 connected. I have uptimes of 5 or 6 days - sometimes 10 or 11, then, without freezing the machine totally, it stops responding to network traffic. I get DOS attacked every once and a while and my logs are also filled with failed auths from password crackers but it seems that I have the worst effects from it. I don't have any web traffic yet b/c this is my development machine. I have portsentry with a default open firewall config running. I even took the firewall & portsentry off and I get the same problem. I am new to FreeBSD and have done the standard security procedures that new ones are advised to do: enabled secure level 1 syslogd -ss no portmap ssh protocol 2 no inetd (could this help my server get up again if it loses connectivity or a service fails?) no ftpd no ntpd sysctl: log in vain tcp/udp blackhole 2 tcp blackhole 1 udp ip rtexpire 2 ip rtminexpire 2 nmbclusters 81920 maxfiles 32768 maxfilesperproc 32768 maxusers 512 somaxconn 1024 tcp sendspace 8192 tcp recvspace 16384 tcp always_keepalive 1 maxsockets 163840 maxsockbuf 2097152 Am I missing something? I want to experience the stability that I've been hearing from FreeBSD users but have not been able to achieve it. Could there possibly be a setting that says basically: "In case of attack deny all connections?" I know I may be stretching it but I've exhausted all my other ideas. Please let me know if you need any information - I will gladly send anything.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BAY107-F866C0BE7F335BA21587C9A4000>