From owner-freebsd-questions@FreeBSD.ORG Thu Feb 16 08:42:26 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0D97C16A420 for ; Thu, 16 Feb 2006 08:42:26 +0000 (GMT) (envelope-from mike@ascendency.net) Received: from rwcrmhc11.comcast.net (rwcrmhc11.comcast.net [216.148.227.151]) by mx1.FreeBSD.org (Postfix) with ESMTP id B351343D48 for ; Thu, 16 Feb 2006 08:42:25 +0000 (GMT) (envelope-from mike@ascendency.net) Received: from eisenhower.ascendency.net ([67.173.128.145]) by comcast.net (rwcrmhc11) with ESMTP id <20060216084224m1100pk90ue>; Thu, 16 Feb 2006 08:42:25 +0000 Received: from Mike8500 (ipcop.localdomain [192.168.1.1]) (authenticated bits=0) by eisenhower.ascendency.net (8.13.4/8.13.4) with ESMTP id k1G8gNnj001408 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NO); Thu, 16 Feb 2006 02:42:23 -0600 (CST) (envelope-from mike@ascendency.net) From: "Mike Loiterman" To: "'Olivier Nicole'" Date: Thu, 16 Feb 2006 02:42:23 -0600 Message-ID: <01ec01c632d4$e83f83d0$0401a8c0@Mike8500> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook 11 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670 Thread-Index: AcYy0Imd98CUoPcmTrq31aJALVbMzAAABCWQ In-Reply-To: <200602160755.k1G7tFTE006409@banyan.cs.ait.ac.th> X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-2.0.2 (eisenhower.ascendency.net [192.168.1.22]); Thu, 16 Feb 2006 02:42:23 -0600 (CST) Cc: freebsd-questions@freebsd.org Subject: RE: Mysterious reboot X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: mike@ascendency.net List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Feb 2006 08:42:26 -0000 Olivier Nicole wrote: >> /var/log/messages just shows a user connectig via pop, and then the >> next line is the machine booting. > > Does the reboot correspond to the rainstorm? > > Do you have UPS? > > If time matches and no UPS I'd highly suspect a micro power faillure, > that other machines could over go, but that this specific machine > could not handle. It could be enough that a capacitor in the power > supply of the machine is drying out and the micro cut could not be > filtered as well as it used to be. > > I'd not expect laptopn of TV to be affected by such micro shortage. > > Olivier I suppose the power could be an issue, but there is another machine plugged into the same surgeprotector that is EXTERMELY sensitive to power flucuations and it didn't go down and neither did anything else in my whole house. I don't think it was a power issue, but could be wrong. Looking through debug.log, it looks like right before the machine rebooted, I was hit with some sort of mini-DOS mail attack. At 23:27:54 my grey-list milter processed exactly 801 messages fom a variety of different ips, by 23:28:09 the machine had rebooted. Something similar happened around 01:34:46 when I got 796 messages from a variety of ips. I have throttling enabled in my mail config, and the machine is quite robust in terms of memory and specs, so I'm not sure why this happened. I also use a milter-greylist. I think the milter kicks in before the sendmail throttling, so that maybe why it crashed. Any ideas how to harden against more attacks? ------------------------------ Mike Loiterman grantADLER Tel: 630-302-4944 Fax: 773-442-0992 Email: mike@ascendency.net PGP Key: 0xD1B9D18E