Mysterious reboot
Mike Loiterman
mike at ascendency.net
Thu Feb 16 00:42:26 PST 2006
Olivier Nicole <mailto:on at cs.ait.ac.th> wrote:
>> /var/log/messages just shows a user connectig via pop, and then the
>> next line is the machine booting.
>
> Does the reboot correspond to the rainstorm?
>
> Do you have UPS?
>
> If time matches and no UPS I'd highly suspect a micro power faillure,
> that other machines could over go, but that this specific machine
> could not handle. It could be enough that a capacitor in the power
> supply of the machine is drying out and the micro cut could not be
> filtered as well as it used to be.
>
> I'd not expect laptopn of TV to be affected by such micro shortage.
>
> Olivier
I suppose the power could be an issue, but there is another machine plugged
into the same surgeprotector that is EXTERMELY sensitive to power
flucuations and it didn't go down and neither did anything else in my whole
house. I don't think it was a power issue, but could be wrong.
Looking through debug.log, it looks like right before the machine rebooted,
I was hit with some sort of mini-DOS mail attack. At 23:27:54 my grey-list
milter processed exactly 801 messages fom a variety of different ips, by
23:28:09 the machine had rebooted. Something similar happened around
01:34:46 when I got 796 messages from a variety of ips.
I have throttling enabled in my mail config, and the machine is quite robust
in terms of memory and specs, so I'm not sure why this happened. I also use
a milter-greylist. I think the milter kicks in before the sendmail
throttling, so that maybe why it crashed.
Any ideas how to harden against more attacks?
------------------------------
Mike Loiterman
grantADLER
Tel: 630-302-4944
Fax: 773-442-0992
Email: mike at ascendency.net
PGP Key: 0xD1B9D18E
More information about the freebsd-questions
mailing list