[cod] Disapointed
Mike
mike at dbmail.dk
Tue Nov 25 21:08:43 EST 2003
Hmm. Disregard my last messages :D
Looks like you guys solved it for us. I run samba too :)
Thx alot!
Now I might give linux another try..
/Mike
----- Original Message -----
From: "MayDay" <MayDay at Players-Inc.dk>
To: <cod at icculus.org>
Sent: Wednesday, November 26, 2003 1:56 AM
Subject: Re: [cod] Disapointed
> This REALLY helped alot Dave:D
>
> I had no idea samba was that big og a security risc.
> Neither did i know that i could cause lag.
> I has both samba shares AND smbfs mounts.
> Ill remove the crap and use ftp in the future.
>
> server_linux is Teamspeak2, donno why it spawned so many threads, maybe
its
> like apache, thinking it's super important and going to get 1000
connection
> in the next few min :D
>
> named:
> Think it was me messing around, i have problems resolving hostnames ->
ip's
> even ping fails unless i add it to /etc/hosts. i recall that it worked
fine
> in the past, maybe its the dhcp server out her thats wierd, but my windows
> machine works fine.
> Anyways i recall something about named when i was trying to fix it.
> Now that you mention it i did enabled reverse hostname lookup on
something,
> just can't remeber what it was, if it was the samba service it would try
> every time somebody on the network tried to connect, and we are about 2000
> people on the campus net, and my box can resolve hostnames->ip's so that
> sould explain it.
> I donno what package this is in, i could just stop it from starting up
ofc,
> but would rather remove it alltogether.
>
> gateway:
> yeah VPN network, hell to get working under linux, but seems to run great,
> pings return 1-2ms to danish servers.
>
> rpc.statd:
> have no idea what it is and im almost posetive i dident install it, is it
> default in debian maybe?
>
> portmapper:
> path of the rpc package i think, removign this also removed the rpc.statd
if
> im not mistaken.
>
> lpd:
> removed, linux printer deamon i reckon, don't need it :D
>
> pptp:
> used this to get my VPN running, i saw there was a new vpn module in the
2.6
> kernel, but it's experimental.
> it is my 100MB line running on this, so all internet trafficcomes through
> here, windows handled it perfectly. i was surprised to se how poor the
> support in linux was for VPN.
>
> Well it's 02:00 here and i cant get it tested until tomorrow but i think
it
> could be the samba thing.
>
> Thanks alot again for all the help, not only for this problem but for
> explaining linux services in general :D
>
> //MD
>
>
> ----- Original Message -----
> From: "Dave Whitla" <dave.whitla at ocean.net.au>
> To: <cod at icculus.org>
> Sent: Wednesday, November 26, 2003 1:00 AM
> Subject: Re: [cod] Disapointed
>
>
> > MayDay,
> >
> > I'm not even running the server yet - too damn busy to play games lately
> > (despite hanging out for it). However, I note a few things about your
> > process list that could be improved.
> >
> > I don't believe this is a resource issue, in the obvious sense (ie
memory,
> > cpu, disk, swap) or bandwidth of your connection - more likely in the
way
> > your machine is accessing that bandwidth.
> >
> >
> > On Wed, 26 Nov 2003 05:10 am, MayDay wrote:
> > > TOP: Sorted after Memory.
> > >
> > > All the extra services i started like udpb, codbot, uglygs, apache i
> tried
> > > to shut down aswell as server logging, still lags.
> > > PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
> > > 857 clan 15 0 214m 109m 3084 S 0.0 21.7 2:43.96
cod_lnxded
> > > 346 www-data 16 0 72060 3404 69m S 0.0 0.7 0:00.00 apache
> > > 694 www-data 15 0 72068 3404 69m S 0.0 0.7 0:00.00 apache
> > turn this off - you certainly dont need it and (from the rest of this it
> looks
> > like this might be your first linux install - not having a shot here
just
> > noting) your default apache settings might specify non-existent files
that
> > the server keeps looking for for example.
> >
> > > 864 clan 15 0 5216 3380 3896 S 0.0 0.7 0:00.14 python
> > > 315 root 16 0 71932 3124 69m S 0.0 0.6 0:00.03 apache
> > > 1018 root 16 0 7152 2472 5692 S 0.0 0.5 0:00.00 smbd
> > > 134 root 17 0 5280 2232 3636 S 0.0 0.4 0:00.00
mount.smbfs
> > > 1016 root 15 0 5264 2184 3856 S 0.0 0.4 0:00.13 nmbd
> > what the? - never run samba on a net connected box unless you really
know
> what
> > you are doing security wise. do you have a win2k/xp machine on the same
> > subnet. i notice really bad lag accessing smb shares on win2k/xp from
my
> > debian machine in the office - have you mounted an smb share here?
> > Either way ditch samba-server - you can keep the client and common
> packages
> > for manual use to connect to a wintendo machine as required.
> > apt-get purge samba-server
> >
> > > 264 root 34 19 19804 2076 2600 S 0.0 0.4 0:01.86
> server_linux
> > > 265 root 16 0 19804 2076 2600 S 0.0 0.4 0:00.00
> server_linux
> > > 266 root 15 0 19804 2076 2600 S 0.0 0.4 0:02.01
> server_linux
> > > 267 root 15 0 19804 2076 2600 S 0.5 0.4 0:19.16
> server_linux
> > > 268 root 15 0 19804 2076 2600 S 0.5 0.4 0:09.23
> server_linux
> > > 270 root 16 0 19804 2076 2600 S 0.0 0.4 0:00.00
> server_linux
> > > 271 root 15 0 19804 2076 2600 S 0.0 0.4 0:00.05
> server_linux
> > > 272 root 15 0 19804 2076 2600 S 0.0 0.4 0:00.03
> server_linux
> > > 273 root 15 0 19804 2076 2600 S 0.0 0.4 0:01.02
> server_linux
> > what is this? - it's running as root by the way
> >
> > > 244 root 15 0 3024 1964 1820 S 0.0 0.4 0:00.00 named
> > You dont need this - and it may be doing domain reverse-lookups
depending
> on
> > your inetd config below. Unless you really need a DNS server use a DNS
> > caching client instead. Incidentally, if this isnt Bind9 you are asking
> for
> > a root-kit.
> >
> > > 1054 clan 17 0 6164 1892 5592 R 0.0 0.4 0:00.01 sshd
> > > 1052 root 17 0 6008 1780 5592 S 0.0 0.3 0:00.01 sshd
> > > 854 clan 22 0 3400 1628 2524 S 0.0 0.3 0:00.01 perl
> > > 300 root 16 0 3096 1400 2896 S 0.0 0.3 0:00.00 sshd
> > > 1055 clan 16 0 2576 1380 2400 S 0.0 0.3 0:00.00 bash
> > > 849 clan 16 0 2692 1368 2180 S 0.0 0.3 0:00.01 screen
> > > 863 clan 16 0 2692 1368 2180 S 0.0 0.3 0:00.00 screen
> > > 230 root 16 0 2232 1240 1360 S 0.0 0.2 0:00.09 klogd
> > > 853 clan 16 0 2684 1176 2180 S 0.0 0.2 0:00.00 screen
> > > 1056 clan 16 0 2076 1032 1868 R 0.0 0.2 0:00.04 top
> > > 236 root 16 0 2376 1028 2000 S 0.0 0.2 0:00.29 pppd
> > Looks like the server is also your DSL gateway
> >
> > > 123 root 16 0 2088 1016 1752 S 0.0 0.2 0:00.00 dhclient
> > Necessary if you have a dynamically assigned Internet IP from your DSL
> > provider - check the polling interval - unlikely to have anything to do
> with
> > this though.
> >
> > > 858 clan 15 0 1820 1004 592 S 0.0 0.2 0:00.93 codbot
> > > 850 clan 22 0 2296 984 2212 S 0.0 0.2 0:00.00 sh
> > > 303 root 18 0 1692 740 1524 S 0.0 0.1 0:00.00 rpc.statd
> > Remove this NOW.
> >
> > > 311 root 16 0 1780 736 1600 S 0.0 0.1 0:00.00 cron
> > > 227 root 16 0 1576 628 1408 S 0.0 0.1 0:00.30 syslogd
> > > 308 daemon 16 0 1708 628 1544 S 0.0 0.1 0:00.00 atd
> > > 237 root 15 0 1584 608 1396 S 0.0 0.1 0:45.37 pptp
> > > 127 daemon 15 0 1740 600 1572 S 0.0 0.1 0:00.00 portmap
> > Remove this - it is a well known security exploit and is totally
> unnecessary.
> >
> > > 286 root 18 0 1612 588 1432 S 0.0 0.1 0:00.00 lpd
> > Don't need this - potential security hole also - historically there have
> been
> > lots of LPD exploits.
> >
> > > 239 root 16 0 1568 576 1396 S 0.0 0.1 0:00.00 pptp
> > > 282 root 21 0 1556 536 1400 S 0.0 0.1 0:00.00 inetd
> > > 1 root 16 0 1516 512 1364 S 0.0 0.1 0:03.80 init
> > > 340 root 17 0 1516 468 1352 S 0.0 0.1 0:00.00 getty
> > > 341 root 17 0 1516 468 1352 S 0.0 0.1 0:00.00 getty
> > > 342 root 17 0 1516 468 1352 S 0.0 0.1 0:00.00 getty
> > > 343 root 16 0 1516 468 1352 S 0.0 0.1 0:00.00 getty
> > > 344 root 16 0 1516 468 1352 S 0.0 0.1 0:00.00 getty
> > > 345 root 16 0 1516 468 1352 S 0.0 0.1 0:00.00 getty
> > > 860 clan 22 0 1532 456 1364 S 0.0 0.1 0:00.00 rm
> > > 2 root 34 19 0 0 0 S 0.0 0.0 0:00.00
ksoftirqd/0
> > > 3 root 5 -10 0 0 0 S 0.0 0.0 0:00.00 events/0
> > > 4 root 5 -10 0 0 0 S 0.0 0.0 0:00.00 kblockd/0
> > > 5 root 25 0 0 0 0 S 0.0 0.0 0:00.00 pdflush
> > > 6 root 15 0 0 0 0 S 0.0 0.0 0:00.00 pdflush
> >
> > Also PPTP could be having an impact - I don't use it myself so I can't
say
> > with any certainty - I have a separate box acting as
router/firewall/IPSEC
> > gateway because tunnelling is no good to me without encryption. That
> said,
> > PPTP is in the kernel (is it still marked as experimental? I'm not sure)
> but
> > still has a performance overhead as it encapsulates and unencapsulates
> > packets - and here it is tracking several virtual links - do all your
clan
> > connect over PPTP to this box - it will certainly reduce your player
> limit.
> >
> > Before you waste too much time trying to trace the cause it would be
best
> to
> > remove all these unnecessary services.
> >
> > Also, the linux distro isnt so important as the glibc you are using.
> > What debian release are you using (stable/testing/unstable) and are you
> using
> > packages from more than 1 release?
> >
> > If, after you have narrowed the field of potential causes by removing
> stuff,
> > you still have a problem search every file in /var/log for evidence that
> > something exceptional is occuring - like errors/warnings that something
> can't
> > be found etc.
> >
> > You may not get much useful help from guys with big or commercial setups
> > because they most likely arent trying to do so many divergent tasks with
> the
> > one box.
> >
> > I'm sure you'll post if this is all crap - so I'll keep an eye out. I
> want to
> > run this server on one of my Debian servers anyway so if it's specific
to
> the
> > distro I'll be keen to help you track it down.
> >
> > Dave
> >
>
>
More information about the Cod
mailing list