[VANILLA-L:740] Re: [VANILLA-L:735] Automatic restart of the server?

[James Cameron <cameron@stl.dec.com>]

Bob Tanner wrote:
> The continuum has been the receiving side of several SMURF attacks,
> which of course makes the machine unusable. I believe the netrek
> server is the intended target. Because several minutes after I kill
> the server the SMURF attack stops. If I restart the server the SMURF
> attack starts.

I'd love to see a network trace of this.  There has to be some way for
the attacker to work out if the server is up.  Have you yet taken action
against the third-party site that has their broadcast mask set up to
allow the SMURF attack?

> Anyone remember this posting?
> Anyone got some scripts?

Yes, yes.

Here is my "% crontab -l | grep nightly"

00 05 * * * csh -t%~/nightly>&nightly.log
50 11 * * 1-5 csh -t%~/nightly>&nightly.log

and attached is my nightly script and the "getpid" script from Digital
UNIX that I also use.

-- 
James Cameron                                    (cameron@stl.dec.com)
Digital Equipment Corporation (Australia) Pty. Ltd. A.C.N. 000 446 800
#!/bin/sh
# *****************************************************************
# *                                                               *
# *    Copyright (c) Digital Equipment Corporation, 1991, 1995    *
# *                                                               *
# *   All Rights Reserved.  Unpublished rights  reserved  under   *
# *   the copyright laws of the United States.                    *
# *                                                               *
# *   The software contained on this media  is  proprietary  to   *
# *   and  embodies  the  confidential  technology  of  Digital   *
# *   Equipment Corporation.  Possession, use,  duplication  or   *
# *   dissemination of the software and media is authorized only  *
# *   pursuant to a valid written license from Digital Equipment  *
# *   Corporation.                                                *
# *                                                               *
# *   RESTRICTED RIGHTS LEGEND   Use, duplication, or disclosure  *
# *   by the U.S. Government is subject to restrictions  as  set  *
# *   forth in Subparagraph (c)(1)(ii)  of  DFARS  252.227-7013,  *
# *   or  in  FAR 52.227-19, as applicable.                       *
# *                                                               *
# *****************************************************************
# @(#)$RCSfile: getpid.sh,v $ $Revision: 1.1.2.2 $ (DEC) $Date: 1994/08/29 19:19:18 $

if [ -n "$1" ]
then
	GETMYPID=$1
	shift 
	/bin/ps -e -o pid,command $* | awk -v Prog=$GETMYPID '{ if ($2 == Prog) {
								  print $1
								  exit
								}
							      }'
fi

#!/bin/csh
set pid=`getpid newstartd -ucameron`
if ( "X$pid" == "X" ) then
    cd ~/nt/server/alpha
    newstartd>&newstartd.log &
    echo Restarted newstartd
    psst irc 6667 Nightly "ogg:~cameron/nightly" James "Restarted newstartd on `hostname`"
endif
set pid=`getpid thttpd -ucameron`
if ( "X$pid" == "X" ) then
    cd ~/nt/server/alpha
    thttpd -p 2595 -c cgi-bin >& thttpd.log &
    echo Restarted thttpd
    psst irc 6667 Nightly "ogg:~cameron/nightly" James "Restarted thttpd on `hostname`"
endif
set pid=`getpid metaserverII -ucameron`
if ( "X$pid" == "X" ) then
    cd ~/nt/metaserver
    metaserverII>&metaserverII.log &
    psst irc 6667 Nightly "ogg:~cameron/nightly" James "Restarted metaserver"
endif

---

References:

• [VANILLA-L:735] Automatic restart of the server?
• From: Bob Tanner <tanner@real-time.com>

---

• Prev by Date: [VANILLA-L:741] [VANILLA-L:736] Patches to patches
• Next by Date: [VANILLA-L:739] Re: [VANILLA-L:736] RE: Eject/Eject patchs
• Prev by thread: [VANILLA-L:735] Automatic restart of the server?
• Next by thread: [VANILLA-L:737] CVS and netrek
• Index(es):
  • Main
  • Thread