SYN attacks from nagios
Terry
td3201 at gmail.com
Thu Sep 14 18:00:29 CEST 2006
Good morning,
I have 2 nagios servers. One is running 1.2 and the other is running
2.5. Both are running in parallel while I migrate to the 2.5 machine.
Our content switch is detecting that the 2.5 machine is SYN attacking
hosts. Both servers have very similar monitoring sets and similar
configurations. I have gone through the config and nothing stands
out. Obviously, the 2.5 machine is pounding the servers more heavily
but I can't figure out why. Below is my config.
log_file=/var/log/nagios/nagios.log
cfg_file=/etc/nagios/host_templates.cfg
cfg_file=/etc/nagios/hosts.cfg
cfg_file=/etc/nagios/commands.cfg
cfg_file=/etc/nagios/timeperiods.cfg
cfg_file=/etc/nagios/contactgroups.cfg
cfg_file=/etc/nagios/contacts.cfg
cfg_file=/etc/nagios/hostgroups.cfg
cfg_file=/etc/nagios/service_templates.cfg
cfg_file=/etc/nagios/services.cfg
cfg_file=/etc/nagios/servicegroups.cfg
resource_file=/etc/nagios/resources.cfg
cfg_file=/etc/nagios/hostextinfo.cfg
cfg_file=/etc/nagios/serviceextinfo.cfg
cfg_file=/etc/nagios/dependencies.cfg
log_file=/var/log/nagios/nagios.log
temp_file=/var/log/nagios/nagios.tmp
status_file=/var/log/nagios/status.dat
aggregate_status_updates=1
status_update_interval=15
nagios_user=nagios
nagios_group=nagios
enable_notifications=0
execute_service_checks=1
accept_passive_service_checks=1
enable_event_handlers=1
log_rotation_method=d
log_archive_path=/var/log/nagios/archives
check_external_commands=1
command_check_interval=-1
command_file=/var/log/nagios/rw/nagios.cmd
downtime_file=/var/log/nagios/downtime.dat
comment_file=/var/log/nagios/comments.dat
lock_file=/var/run/nagios.pid
p1_file=/usr/bin/p1.pl
retain_state_information=1
state_retention_file=/var/log/nagios/retention.dat
retention_update_interval=60
use_retained_program_state=1
use_syslog=1
log_notifications=1
log_service_retries=1
log_host_retries=1
log_event_handlers=1
log_initial_states=0
log_external_commands=1
log_passive_checks=1
sleep_time=1
service_interleave_factor=4
max_concurrent_checks=20
service_reaper_frequency=10
interval_length=60
use_aggressive_host_checking=0
enable_flap_detection=0
low_service_flap_threshold=5
high_service_flap_threshold=20
low_host_flap_threshold=5
high_host_flap_threshold=20
soft_state_dependencies=0
service_check_timeout=60
host_check_timeout=30
event_handler_timeout=30
notification_timeout=30
ocsp_timeout=5
perfdata_timeout=5
obsess_over_services=0
process_performance_data=1
check_for_orphaned_services=0
check_service_freshness=1
date_format=us
illegal_object_name_chars=`~!$%^&*|'"<>?,()=
illegal_macro_output_chars=`~$&|'"<>
admin_email=nagios
admin_pager=pagenagios
object_cache_file=/var/log/nagios/objects.cache
execute_host_checks=1
service_inter_check_delay_method=s
use_retained_scheduling_info=0
accept_passive_host_checks=1
max_service_check_spread=30
host_inter_check_delay_method=s
max_host_check_spread=30
auto_reschedule_checks=0
auto_rescheduling_interval=30
auto_rescheduling_window=180
check_host_freshness=0
host_freshness_check_interval=60
service_freshness_check_interval=60
use_regexp_matching=0
use_true_regexp_matching=0
event_broker_options=-1
daemon_dumps_core=0
service_perfdata_command=process-service-perfdata
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list