Re: Debian Security Host Bandwidth Saturation

To: <debian-security@lists.debian.org>
Subject: Re: Debian Security Host Bandwidth Saturation
From: Edward Tjin Liep Shie <e.tjinliepshie@nl.tiscali.com>
Date: Tue, 20 Sep 2005 21:05:01 +0200
Message-id: <[🔎] BF5629FD.2B78%e.tjinliepshie@nl.tiscali.com>
In-reply-to: <20050920171153.GB1074@finlandia.infodrom.north.de>

Hi,

We are willing to host a mirror of the security site if it's not that big of
a deal to add a second server....
If it's really necessary we can even connect tit at gigabit...

Let me know if we can help

[]

Edward TLS
Tiscali NL


On 9/20/05 7:11 PM, "Martin Schulze" <joey@infodrom.org> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> - ------------------------------------------------------------------------
> The Debian Project                                http://www.debian.org/
> Security Host Bandwidth Saturation                      press@debian.org
> September 20th, 2005            http://www.debian.org/News/2005/20050920
> - ------------------------------------------------------------------------
> 
> Debian Security Host Bandwidth Saturation
> 
> The recently released security update of XFree86 in DSA 816 for sarge
> and woody has caused the host security.debian.org to saturate its
> 100MBit/s network connection entirely.  Due to the large number of X
> packages, the gross size of these packages and the high number of
> users who need to install the update, the server is busy sending out
> updates which exhaust its total outgoing bandwidth.
> 
> This incident happens before new a security infrastructure is in place
> which would have avoided this.  At the moment we ask our users to
> accept delays in their update until the situation is relaxed again.
> 
> Yesterday morning, at about 11 o'clock (CEST, i.e. UCT +0200) the
> files for the security update DSA 816 (XFree86) were installed on the
> public security server.  The result was similar to a distributed
> denial of service since literally thousands of users tried to fetch
> the updates.  Since then the host saturates its network connection
> entirely.
> 
> Independent of this there have been discussions about restructuring
> the security infrastructure in order to provide a more failsafe
> solution, that can also deal with high bandwidth peaks better than a
> single machine.
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.1 (GNU/Linux)
> 
> iD8DBQFDMEKxW5ql+IAeqTIRArhRAKCrWBXrPLxEjI4TaAO0EysV3O8iGQCfTBC1
> AcXjiglPKxS8wGqKzbHAeB0=
> =iLq8
> -----END PGP SIGNATURE-----
> 

-- 

With kind regards,

Edward Tjin Liep Shie
Tiscali NL

Office : +31 30 2483672
Mobile : +31 65 3949063
Fax    : +31 30 2483894

Reply to:

Prev by Date: Re: WTF: Debian security, ex. Linux kernel vulnerabilities
Next by Date: Re: WTF: Debian security, ex. Linux kernel vulnerabilities
Previous by thread: Re: WTF: Debian security, ex. Linux kernel vulnerabilities
Next by thread: Re: Debian Security Host Bandwidth Saturation
Index(es):
- Date
- Thread