From owner-freebsd-questions Tue Mar 14 7:25:48 2000 Delivered-To: freebsd-questions@freebsd.org Received: from cytosine.dhs.org (cx272244-a.orng1.occa.home.com [24.1.177.149]) by hub.freebsd.org (Postfix) with ESMTP id C7C3137B7D4 for ; Tue, 14 Mar 2000 07:25:45 -0800 (PST) (envelope-from bhishan@cytosine.dhs.org) Received: (from bhishan@localhost) by cytosine.dhs.org (8.9.3/8.9.3) id HAA36430; Tue, 14 Mar 2000 07:25:33 -0800 (PST) (envelope-from bhishan) From: Bhishan Hemrajani Message-Id: <200003141525.HAA36430@cytosine.dhs.org> Subject: Re: DoS attack, Mail errors on new account In-Reply-To: <97077.953029254@axl.ops.uunet.co.za> from Sheldon Hearn at "Mar 14, 2000 12:20:54 pm" To: Sheldon Hearn Date: Tue, 14 Mar 2000 07:25:32 -0800 (PST) Cc: freebsd-questions@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL68 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I'm pretty new at freebsd, could you help me with what you said? Also, /var/mail is writeable by the group mail, I think: drwxrwxr-x 2 root mail 512 Mar 14 07:24 mail Thank you. --bhishan > > > On Fri, 10 Mar 2000 17:51:47 PST, Bhishan Hemrajani wrote: > > > 1. I have experienced a DoS attack by one of my users > > who has used 100% of the cpu. > > I'm not saying it wasn't a DoS attack, but you should be aware that a > process listed as using 100% CPU isn't always denying service. If > nothing else requires much CPU, any relatively CPU-intensive process is > going to get 100% CPU. > > > I do have limits, and the > > process was killed after consuming 1h of CPU time. > > is there any way to limit the process to CPU usage? > > Not in the way I think you want. It sounds like you want to throttle > CPU usage, so that a given user or class of users isn't allowed to use > more than a certain percentage of the available CPU at a given time. > You can't do that. > > What you _can_ do is add the users to a login class (see the > login.conf(5) manual page) which has a high "priority". This is a > confusing name for the capability; it represents the initial _nice_ > level at which to run processes for these users. This will be very > effective in controlling CPU-bound processes, but pretty ineffective > against controlling IO-bound processes. > > > 2. After I create a user, the mail box doesn't seem to work > > correctly. I try to run elm as a new user that I created > > and it is exiting with a signal 6 because it cannot read > > /var/mail/user. > > > > This is a printout of ll in that dir after that command has run: > > -r-------- 1 test mail 5 Mar 10 17:36 test.lock > > Hmmm. What ownerships and permissions to you have on the /var/mail > directory? If they're writable by group mail, you can probably make the > elm binary sgid (2555) to group mail. That should allow this type of > mailbox locking. > > Ciao, > Sheldon. > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message