[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: klecker mirror checker

On Fri, Jul 11, 2008 at 09:37:49AM -0400, Ricardo Yanez wrote:
> > On Wed, Jul 09, 2008 at 07:27:46PM -0400, Ricardo Yanez wrote:
> >> We were recently forced to password protect
> >> rsync://ftp.cl.debian.org/debian after two exploits to the pool/ that
> >> infuriated our sponsor.
> >
> > Erh, you had exploits to the pool? Of what kind?
> >
> of the most simple kind; an unknown IP downloading the entire pool,
> clogging  a switch managed by the computing department. This happened
> twice within the last 30 days, different IPs, no reverse lookup. I'm
> myself not convinced it was a malicious attempt, but the mentioned
> switch, which serves many other servers, got swamped by the intense
> traffic. The computing department (over)reacted strongly. We responded
> by password protecting the rsync port since there were talks about
> shaping the traffic to the server, which would be unfortunate.

Ah, phew. You should look into traffic shaping instead - see
http://lartc.org/howto section about the HTB queuing discipline.

Josip Rodin

Reply to: