[tech] hydra
Grahame Bowland
grahame at ucc.gu.uwa.edu.au
Thu Aug 30 17:46:02 WST 2001
On Thu, Aug 30, 2001 at 05:26:05PM +0800, Duncan Sargeant wrote:
> James Andrewartha wrote on Thu August 30, at 16:05 +0800:
> > On Thu, 30 Aug 2001, James Andrewartha wrote:
> >
> > > Hydra has been coming up with "ip_conntrack: maximum limit of 1024 entries
> > > exceeded" all day. I tried quadrupling the maximum, but they were all used
> > > up in about 5 seconds. I couldn't find any reason why it was doing this,
> > > so I've put it down to a kernel bug and compiled a new kernel
> > > (2.4.9-ac3). I am just about to install the new kernel and reboot hydra.
> >
> > Well, that didn't fix the problem. It might be caused by someone flooding,
> > but Grahame had a look and couldn't see anything unusual
> > happening. Anybody got any ideas?
>
> Bryden was running a DNS bomb.
>
> Bryden - stop it or we will tell on you.
access-list 144 deny ip any host 130.95.3.3
access-list 144 deny ip any host 130.95.3.87
access-list 144 deny ip any host 130.95.3.144
access-list 144 deny ip host 130.95.3.3 any
access-list 144 deny ip host 130.95.3.87 any
access-list 144 deny ip host 130.95.3.144 any
access-list 144 permit ip any any
int fa 0/0/0.1
ip access-group 144 out
;-)
More information about the tech
mailing list