1 |
Hi! |
2 |
|
3 |
On Sat, Sep 27, 2008 at 03:42:33PM +0300, Alex Efros wrote: |
4 |
> Can you please explain to me what these records in my logs mean? |
5 |
> |
6 |
> 2008-09-27_11:35:55.93144 kern.alert: grsec: From 78.53.3.223: denied |
7 |
> resource overstep by requesting 180883456 for RLIMIT_STACK against limit |
8 |
> 8388608 for /bin/cat[cat:10111] uid/euid:81/81 gid/egid:81/81, parent |
9 |
> /usr/sbin/apache2[apache2:21930] uid/euid:81/81 gid/egid:81/81 |
10 |
> |
11 |
> 2008-09-27_12:08:17.12634 kern.alert: grsec: denied resource overstep by |
12 |
> requesting 187367424 for RLIMIT_STACK against limit 8388608 for |
13 |
> /var/qmail/bin/qmail-local[qmail-local:22538] uid/euid:1000/1000 |
14 |
> gid/egid:100/100, parent /var/qmail/bin/qmail-local[qmail-local:22535] |
15 |
> uid/euid:1000/1000 gid/egid:100/100 |
16 |
|
17 |
Is my question too complex and nobody know the answer (or even guesses), |
18 |
or it's too stupid and everybody wait until I try google (I've tried it |
19 |
already, without success)? |
20 |
|
21 |
Is last days I also notice new alert type in log: |
22 |
|
23 |
2008-09-29_15:14:14.47478 kern.alert: grsec: From 78.129.196.12: denied |
24 |
resource overstep by requesting 227184640 for RLIMIT_AS against |
25 |
limit 16000000 for /var/qmail/bin/qmail-smtpd[qmail-smtpd:6545] |
26 |
uid/euid:201/201 gid/egid:200/200, parent |
27 |
/usr/bin/tcpserver[tcpserver:17002] uid/euid:201/201 |
28 |
gid/egid:200/200 |
29 |
|
30 |
This type of alerts arise after I added simple perl script, between |
31 |
tcpserver and qmail-smtpd, which do greylisting. And, again, these alerts |
32 |
doesn't affect server - I mean, everything works fine, no mail lost, etc. |
33 |
|
34 |
-- |
35 |
WBR, Alex. |