How to keep system resources free and identify suspicious/offending users and scripts

m2azer · 12-11-2008, 04:55 PM

Hello all,

How to deal with:
High I/O that slows down and eat system resources
infinite loops mistakenly run by users
figuring out high system load/high memory usage

I had a situation where a mail server, sendmail on rhel4 with 6G memory , became very slow to the point imap connections were timed out as well the over all system response. TOP, showed high load that reached 22 and higher

If an infinite loop script was to run by a user how would I discover it and how can I identify the offending user/limit number of process that could be run by users?

Thank you so much

jailbait · 12-11-2008, 05:10 PM

You can limit the amount of resources that a user can hog with the ulimit command. Here is an explanation of what ulimit can do:

http://certcities.com/editorial/colu...itorialsID=214

-------------------------
Steve Stites

dv502 · 12-11-2008, 05:17 PM

There is a file called /etc/security/limits.conf

This file is use to control a how much memory, CPU time, processes and other resources a user can use. See the man page for limits.conf

Code:

man limits.conf

Use top to monitor high CPU and memory usage. Investigate the process before killing it. A user could be using a program that uses lots of CPU usage and not be aware of it.

Optional: Install rkhunter or chkrootkit and clamav. The first two are rootkit checkers and clamav is a anti-virus scanner.
Clamav can integrated in mail servers and other services.

m2azer · 12-16-2008, 09:34 AM

Thank you for your replies. 2 quick questions
What do you think about "csf" as firewall 'without cpanel'? any other recommendations?
Is there a complete, A2Z, docs/guide on how to protect/secure linux?

Thanks