Re: Is this an attack?
On Tuesday 07 December 2010 13:40:54 Rodolfo Barbosa wrote:
> One of my servers, that's still running the old Debian Etch,
> is been the responsible for de crash of my entire internet
What do you mean, your "entire internet access"? Is it consuming bandwith? is
it managing to alter some other systems?
> Every time that my internet access gets down, I see an weird
> process called 'std' or 'S' always running by www-data user
> that consumes all the machine process and network resources.
So it's probably someone found a bug on some app you are offering through your
web server which is serving data on your back. It might pose further dangers
like gaining root privileges through known bugs in Etch's kernel.
> Is this any know attack?
Yes. It is plently known that you *never* *ever* should abandon an
Internet-facing server on an EOL-ed operative system or app.
> I need to get good arguments to
> convince the users of this server to allow me to get it
You don't need any argument to upgrade a system prior to become EOL-ed: you
stablish it as your working policy and act accordingly.