Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > Java > java server causes complete server shutdown

Reply
Thread Tools

java server causes complete server shutdown

 
 
julia
Guest
Posts: n/a
 
      10-18-2004
Hello,

I am not sure if this is a java problem or a redhat problem.

I am running a chat server written in java called Bribble. I have
java2 1.4 installed under Fedora 1. When a client connects to this
server, at one point or another, several other daemons become
unresponsive. The httpd, named, sshd servers all stop working. Ping,
however, remains up. Thus I know the box is still operational. At
this point, I have to call my ISP to have the box rebooted.

Does anyone know what could be causing this problem? I find it very
strange that such a small chat server program could do such damage.
The chat server is started using: java -server -jar bribble.jar. It
does some mysql work in the background as well. I have read that this
may be related to IPv4/IPv6 issues. But I was hoping someone could
give some insight or pointer to what the problem may be.

Thanks!
julia
 
Reply With Quote
 
 
 
 
Paul Lutus
Guest
Posts: n/a
 
      10-18-2004
julia wrote:

> Hello,
>
> I am not sure if this is a java problem or a redhat problem.
>
> I am running a chat server written in java called Bribble. I have
> java2 1.4 installed under Fedora 1. When a client connects to this
> server, at one point or another, several other daemons become
> unresponsive. The httpd, named, sshd servers all stop working. Ping,
> however, remains up. Thus I know the box is still operational. At
> this point, I have to call my ISP to have the box rebooted.
>
> Does anyone know what could be causing this problem?


Yes, I know exactly. It is a problem with your server machine. But for me to
be more specific, you would have to be more specific.

> I find it very
> strange that such a small chat server program could do such damage.
> The chat server is started using: java -server -jar bribble.jar. It
> does some mysql work in the background as well. I have read that this
> may be related to IPv4/IPv6 issues. But I was hoping someone could
> give some insight or pointer to what the problem may be.


If, as seems likely, you do not have access to the server's source code and
are not yourself the programmer responsible for it, and if you are not in a
position to post the specific server-side error messages, we are not going
to be able (or perhaps willing) to try to sort it out, because it is simply
not a Java programming problem as presented.

--
Paul Lutus
http://www.arachnoid.com

 
Reply With Quote
 
 
 
 
John C. Bollinger
Guest
Posts: n/a
 
      10-18-2004
julia wrote:

> Hello,
>
> I am not sure if this is a java problem or a redhat problem.
>
> I am running a chat server written in java called Bribble. I have
> java2 1.4 installed under Fedora 1. When a client connects to this
> server, at one point or another, several other daemons become
> unresponsive. The httpd, named, sshd servers all stop working. Ping,
> however, remains up. Thus I know the box is still operational. At
> this point, I have to call my ISP to have the box rebooted.
>
> Does anyone know what could be causing this problem?


If your server does not exhibit these symptoms over an extended period
when you are not running the chat server, then very likely your chat
server is buggy. Have you contacted the developers?

> I find it very
> strange that such a small chat server program could do such damage.


I'm sure I could write a much smaller program that could do much more
damage. The nature and size of the program are largely irrelevant; if
it is buggy then it might have all manner of unfortunate effects. One
thing, though: any program has a much greater potential to cause
problems if it runs as root. If you are running your chat server that
way then I strongly recommend that you stop doing so immediately.

> The chat server is started using: java -server -jar bribble.jar. It


That tells us almost nothing, I'm afraid.

> does some mysql work in the background as well. I have read that this
> may be related to IPv4/IPv6 issues. But I was hoping someone could
> give some insight or pointer to what the problem may be.


You haven't given us enough to do more than make wild guesses. Do you
see anything pertinent in any of the system logs? As what user does the
program run? Is it started manually, or in some other manner? How long
does it have to run before problems occur? How much / what kind of
client activity is required before problems occur? Do the developers
offer any support? Does the chat server remain usable when the other
services go down? Indefinitely?


John Bollinger
http://www.velocityreviews.com/forums/(E-Mail Removed)
 
Reply With Quote
 
julia
Guest
Posts: n/a
 
      10-19-2004
Hi Paul,

Thanks so much for taking the time to read my post... It is really
appreciated.

The server is running Fedora 1 with java2 1.4.2 and I have root access
so I can send anything you want. I'm not quite sure where to begin.

I my opinion, the worst part is the fact that this problem causes sshd
to become unresponsive. named and httpd also become unresponsive, but
I'll start with sshd. But first I'll check /var/log/messages. There
are a bunch of these:

Oct 17 04:28:42 207-234-145-112 sshd(pam_unix)[7359]: check pass; user
unknown
Oct 17 04:28:42 207-234-145-112 sshd(pam_unix)[7359]: authentication
failure; logname= uid=0 euid=0 tty=NODEVssh ruser=
rhost=140.134.31.166

I'm assuming that this is some hacker trying to break in at 4AM EST.
It seems like they never got in, but I'm not an expert, maybe they
found a way? Everything else in /var/log/messages looks pretty
normal.

Then I check /var/log/secure:

Oct 17 04:28:36 207-234-145-112 sshd[7357]: Illegal user test from
140.134.31.166
Oct 17 04:28:40 207-234-145-112 sshd[7357]: Failed password for
illegal user test from 140.134.31.166 port 2433 ssh2
Oct 17 04:28:42 207-234-145-112 sshd[7359]: Illegal user guest from
140.134.31.166

Ok someone is definitely trying to break in. They *seem* to be
unsuccessful.

Is there anymore information I should send?

Once again, thank you so much for helping. I'm really curious to
learn how to debug problems like this: problems where there is no hope


Best,
julia

Paul Lutus <(E-Mail Removed)> wrote in message news:<(E-Mail Removed)>...
> julia wrote:
>
> > Hello,
> >
> > I am not sure if this is a java problem or a redhat problem.
> >
> > I am running a chat server written in java called Bribble. I have
> > java2 1.4 installed under Fedora 1. When a client connects to this
> > server, at one point or another, several other daemons become
> > unresponsive. The httpd, named, sshd servers all stop working. Ping,
> > however, remains up. Thus I know the box is still operational. At
> > this point, I have to call my ISP to have the box rebooted.
> >
> > Does anyone know what could be causing this problem?

>
> Yes, I know exactly. It is a problem with your server machine. But for me to
> be more specific, you would have to be more specific.
>
> > I find it very
> > strange that such a small chat server program could do such damage.
> > The chat server is started using: java -server -jar bribble.jar. It
> > does some mysql work in the background as well. I have read that this
> > may be related to IPv4/IPv6 issues. But I was hoping someone could
> > give some insight or pointer to what the problem may be.

>
> If, as seems likely, you do not have access to the server's source code and
> are not yourself the programmer responsible for it, and if you are not in a
> position to post the specific server-side error messages, we are not going
> to be able (or perhaps willing) to try to sort it out, because it is simply
> not a Java programming problem as presented.

 
Reply With Quote
 
julia
Guest
Posts: n/a
 
      10-19-2004
Hi John,

Thanks so much for responding... I really appreciate it.

I checked /var/log/messages and didn't really find anything out of the
ordinary, but then again, not too sure what to be looking for. There
are some people trying to break in to the server as indicated in
/var/log/secure, but they seem to be unsuccessful.

The problem starts when a client connects to the server. The server
can run on its own, listening, for any amount of time. But when a
client connects, sshd, httpd, named and the chatserver itself all go
down. I've waited hours, but they never come back.

I think I'll check the source and see exactly what's happening. I'll
check back soon.

Thanks again!
julia

"John C. Bollinger" <(E-Mail Removed)> wrote in message news:<cl0qih$9cj$(E-Mail Removed)>...
> julia wrote:
>
> > Hello,
> >
> > I am not sure if this is a java problem or a redhat problem.
> >
> > I am running a chat server written in java called Bribble. I have
> > java2 1.4 installed under Fedora 1. When a client connects to this
> > server, at one point or another, several other daemons become
> > unresponsive. The httpd, named, sshd servers all stop working. Ping,
> > however, remains up. Thus I know the box is still operational. At
> > this point, I have to call my ISP to have the box rebooted.
> >
> > Does anyone know what could be causing this problem?

>
> If your server does not exhibit these symptoms over an extended period
> when you are not running the chat server, then very likely your chat
> server is buggy. Have you contacted the developers?
>
> > I find it very
> > strange that such a small chat server program could do such damage.

>
> I'm sure I could write a much smaller program that could do much more
> damage. The nature and size of the program are largely irrelevant; if
> it is buggy then it might have all manner of unfortunate effects. One
> thing, though: any program has a much greater potential to cause
> problems if it runs as root. If you are running your chat server that
> way then I strongly recommend that you stop doing so immediately.
>
> > The chat server is started using: java -server -jar bribble.jar. It

>
> That tells us almost nothing, I'm afraid.
>
> > does some mysql work in the background as well. I have read that this
> > may be related to IPv4/IPv6 issues. But I was hoping someone could
> > give some insight or pointer to what the problem may be.

>
> You haven't given us enough to do more than make wild guesses. Do you
> see anything pertinent in any of the system logs? As what user does the
> program run? Is it started manually, or in some other manner? How long
> does it have to run before problems occur? How much / what kind of
> client activity is required before problems occur? Do the developers
> offer any support? Does the chat server remain usable when the other
> services go down? Indefinitely?
>
>
> John Bollinger
> (E-Mail Removed)

 
Reply With Quote
 
Paul Lutus
Guest
Posts: n/a
 
      10-19-2004
julia wrote:

> Hi Paul,
>
> Thanks so much for taking the time to read my post... It is really
> appreciated.
>
> The server is running Fedora 1 with java2 1.4.2 and I have root access
> so I can send anything you want. I'm not quite sure where to begin.
>
> I my opinion, the worst part is the fact that this problem causes sshd
> to become unresponsive. named and httpd also become unresponsive, but
> I'll start with sshd. But first I'll check /var/log/messages. There
> are a bunch of these:


/ ...

> Ok someone is definitely trying to break in. They *seem* to be
> unsuccessful.


Okay, please step back for a moment. This is clearly a Linux server security
and configuration issue. It is not a Java-related issue at all.

Why not choose a Linux newsgroup to discuss it?

--
Paul Lutus
http://www.arachnoid.com

 
Reply With Quote
 
Sudsy
Guest
Posts: n/a
 
      10-19-2004
julia wrote:
<snip>
> Oct 17 04:28:36 207-234-145-112 sshd[7357]: Illegal user test from
> 140.134.31.166
> Oct 17 04:28:40 207-234-145-112 sshd[7357]: Failed password for
> illegal user test from 140.134.31.166 port 2433 ssh2
> Oct 17 04:28:42 207-234-145-112 sshd[7359]: Illegal user guest from
> 140.134.31.166
>
> Ok someone is definitely trying to break in. They *seem* to be
> unsuccessful.


So someone at Feng Chia University in Taiwan is trying to "crack" your
system. Must be some education they're getting...
Have you checked CERT (<http://www.cert.org>) for vulnerabilities?

--
Java/J2EE/JSP/Struts/Tiles/C/UNIX consulting and remote development.

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
IE7 beta2 causes x64 computer to shutdown (lsass.exe) Alexis F. Windows 64bit 3 05-05-2006 12:26 AM
CD/DVD causes PC to shutdown? Baalrog Computer Support 3 12-02-2005 09:02 PM
New Releases: Criterion additions, WB Gangsters & Coupling: Complete: Updated complete downloadable R1 DVD DB& info lists Doug MacLean DVD Video 4 11-07-2004 05:20 PM
Postback causes 100=Continue, causes double download prompt? Xavier Osa ASP .Net 0 01-09-2004 11:17 AM
Mr. Bean Complete Bean NOT complete!! Waterperson77 DVD Video 5 12-10-2003 05:22 PM



Advertisments