Hey
I have been SSHing into my home server over broadband (28kb upload) and I have noticed a few things that I wanted to ask oyu guys.
The server is P3 800mhz with 256mb RAM. It currently runs an SSH, Apache, FTP and Samba server on it.
Firstly, every now and then the server is very laggy. This could just be connection problems, I guess.
However, I looked at top and found somethings I wanted to ask.
here is the top output
Code:
top - 17:31:29 up 72 days, 23:24, 1 user, load average: 0.00, 0.00, 0.00
Tasks: 60 total, 1 running, 59 sleeping, 0 stopped, 0 zombie
Cpu(s): 0.0% us, 0.3% sy, 0.0% ni, 99.7% id, 0.0% wa, 0.0% hi, 0.0% si
Mem: 255476k total, 252012k used, 3464k free, 84000k buffers
Swap: 498004k total, 20k used, 497984k free, 25056k cached
As you can see, the Mem usage is HUGE. I can't understand why it is so high when I'm not really doing that much with it.
Can anyone comment on why this is? I can print the programmes running if you wish. Also, can anyone comment on other things there. I know that the load average is very low! I need to use it more!!
The other thing concerning me is the number of attacks on my PC. Firstly, there are a LOAD of "access denied " in /var/log/messages. I seem to get an access denied about 30 or 40 times an hour.
My router (a Linksys thing) runs a firewall. But is it normal that I should get so many people/robots trying to gain access?
Here is an example of /var/log/messages from the last 10 mins:
Code:
Nov 13 17:34:47 pi smbd[14951]: [2004/11/13 17:34:47, 0] lib/access.c:check_access(333)
Nov 13 17:34:47 pi smbd[14951]: Denied connection from (81.152.66.12)
Nov 13 17:34:51 pi smbd[14952]: [2004/11/13 17:34:51, 0] lib/access.c:check_access(333)
Nov 13 17:34:51 pi smbd[14952]: Denied connection from (81.152.66.12)
Nov 13 17:35:19 pi smbd[14953]: [2004/11/13 17:35:19, 0] lib/access.c:check_access(333)
Nov 13 17:35:19 pi smbd[14953]: Denied connection from (81.152.66.12)
Nov 13 17:35:21 pi smbd[14954]: [2004/11/13 17:35:21, 0] lib/access.c:check_access(333)
Nov 13 17:35:21 pi smbd[14954]: Denied connection from (81.152.66.12)
Nov 13 17:35:25 pi smbd[14955]: [2004/11/13 17:35:25, 0] lib/access.c:check_access(333)
Nov 13 17:35:25 pi smbd[14955]: Denied connection from (81.152.66.12)
Nov 13 17:35:47 pi smbd[14956]: [2004/11/13 17:35:47, 0] lib/access.c:check_access(333)
Nov 13 17:35:47 pi smbd[14956]: Denied connection from (81.152.66.12)
Nov 13 17:35:49 pi smbd[14957]: [2004/11/13 17:35:49, 0] lib/access.c:check_access(333)
Nov 13 17:35:49 pi smbd[14957]: Denied connection from (81.152.66.12)
Nov 13 17:35:52 pi smbd[14958]: [2004/11/13 17:35:52, 0] lib/access.c:check_access(333)
Nov 13 17:35:52 pi smbd[14958]: Denied connection from (81.152.66.12)
Nov 13 17:36:19 pi smbd[14959]: [2004/11/13 17:36:19, 0] lib/access.c:check_access(333)
Nov 13 17:36:19 pi smbd[14959]: Denied connection from (81.152.66.12)
Nov 13 17:36:21 pi smbd[14960]: [2004/11/13 17:36:21, 0] lib/access.c:check_access(333)
Nov 13 17:36:21 pi smbd[14960]: Denied connection from (81.152.66.12)
Nov 13 17:36:25 pi smbd[14961]: [2004/11/13 17:36:25, 0] lib/access.c:check_access(333)
Nov 13 17:36:25 pi smbd[14961]: Denied connection from (81.152.66.12)
Nov 13 17:36:30 pi su(pam_unix)[14881]: session closed for user db
Nov 13 17:36:34 pi su(pam_unix)[14962]: session opened for user root by hamish(uid=1000)
Nov 13 17:38:28 pi smbd[14968]: [2004/11/13 17:38:28, 0] lib/access.c:check_access(333)
Nov 13 17:38:28 pi smbd[14968]: Denied connection from (81.152.66.12)
Nov 13 17:38:30 pi smbd[14969]: [2004/11/13 17:38:30, 0] lib/access.c:check_access(333)
Nov 13 17:38:30 pi smbd[14969]: Denied connection from (81.152.66.12)
Nov 13 17:38:33 pi smbd[14970]: [2004/11/13 17:38:33, 0] lib/access.c:check_access(333)
Nov 13 17:38:33 pi smbd[14970]: Denied connection from (81.152.66.12)
Nov 13 17:38:49 pi smbd[14971]: [2004/11/13 17:38:49, 0] lib/access.c:check_access(333)
Nov 13 17:38:49 pi smbd[14971]: Denied connection from (81.152.66.12)
Nov 13 17:38:54 pi smbd[14972]: [2004/11/13 17:38:54, 0] lib/access.c:check_access(333)
Nov 13 17:38:54 pi smbd[14972]: Denied connection from (81.152.66.12)
Nov 13 17:39:01 pi smbd[14973]: [2004/11/13 17:39:01, 0] lib/access.c:check_access(333)
Nov 13 17:39:01 pi smbd[14973]: Denied connection from (81.152.66.12)
Nov 13 17:39:16 pi smbd[14974]: [2004/11/13 17:39:16, 0] lib/access.c:check_access(333)
Nov 13 17:39:16 pi smbd[14974]: Denied connection from (81.152.66.12)
Nov 13 17:39:18 pi smbd[14975]: [2004/11/13 17:39:18, 0] lib/access.c:check_access(333)
Nov 13 17:39:18 pi smbd[14975]: Denied connection from (81.152.66.12)
Nov 13 17:39:22 pi smbd[14976]: [2004/11/13 17:39:22, 0] lib/access.c:check_access(333)
Nov 13 17:39:22 pi smbd[14976]: Denied connection from (81.152.66.12)
Nov 13 17:39:35 pi sshd[14977]: Accepted password for hamish from 82.41.11.139 port 1620 ssh2
Nov 13 17:39:38 pi su(pam_unix)[14986]: session opened for user root by hamish(uid=1000)
Thanks for all suggestions you might have for me.
Hamish