Prev-20 Home Next-20 1 msg Bug#328501: phpmyadmin: CAN-2005-2869 4 msg SELinux 8 msg security.debian.org mirrors? Re: Debian Security Host Bandwidth Saturation \ Edward Tjin Liep Shie (20 Sep 2005) . \ Christian Holtje (20 Sep 2005) 11 msg Re: WTF: Debian security, ex. Linux kernel vuln... 12 msg security.debian.org timeouts 2 msg Re: [SECURITY] [DSA 815-1] New kdebase packages... 1 msg I am out of contact 1 msg Mike Ferchof ist außer Haus. 5 msg Unusual incoming traffic detected from klecker.... 3 msg Version of 'cvs' in security archive 1 msg Re: [SECURITY] [DSA 797-1] New zsync packages f... 1 msg Re: [SECURITY] [DSA 806-1] New cvs packages fix... 14 msg Abwesenheit 1 msg Re: [SECURITY] [DSA 805-1] New Apache2 packages... 1 msg Alerta Esafe 2 msg Re: [SECURITY] [DSA 803-1] New Apache packages ... 3 msg Kernel Security Support 1 msg [#QVP-282714]: Re: patched 2 msg Is kernel package out-of-date? Prev-20 Home Next-20

Prev-Msg Prev-Thread Debian-security Sep-2005 Next-Thread Next-Msg Subject: Re: Debian Security Host Bandwidth Saturation Group: Debian-security From: Edward Tjin Liep Shie Date: 20 Sep 2005 Hi, We are willing to host a mirror of the security site if it's not that big of a deal to add a second server.... If it's really necessary we can even connect tit at gigabit... Let me know if we can help [] Edward TLS Tiscali NL On 9/20/05 7:11 PM, "Martin Schulze" <joey> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > - ------------------------------------------------------------------------ > The Debian Project http://www.debian.org/ > Security Host Bandwidth Saturation press > September 20th, 2005 http://www.debian.org/News/2005/20050920 > - ------------------------------------------------------------------------ > > Debian Security Host Bandwidth Saturation > > The recently released security update of XFree86 in DSA 816 for sarge > and woody has caused the host security.debian.org to saturate its > 100MBit/s network connection entirely. Due to the large number of X > packages, the gross size of these packages and the high number of > users who need to install the update, the server is busy sending out > updates which exhaust its total outgoing bandwidth. > > This incident happens before new a security infrastructure is in place > which would have avoided this. At the moment we ask our users to > accept delays in their update until the situation is relaxed again. > > Yesterday morning, at about 11 o'clock (CEST, i.e. UCT +0200) the > files for the security update DSA 816 (XFree86) were installed on the > public security server. The result was similar to a distributed > denial of service since literally thousands of users tried to fetch > the updates. Since then the host saturates its network connection > entirely. > > Independent of this there have been discussions about restructuring > the security infrastructure in order to provide a more failsafe > solution, that can also deal with high bandwidth peaks better than a > single machine. > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.1 (GNU/Linux) > > iD8DBQFDMEKxW5ql+IAeqTIRArhRAKCrWBXrPLxEjI4TaAO0EysV3O8iGQCfTBC1 > AcXjiglPKxS8wGqKzbHAeB0= > =iLq8 > -----END PGP SIGNATURE----- > -- With kind regards, Edward Tjin Liep Shie Tiscali NL Office : +31 30 2483672 Mobile : +31 65 3949063 Fax : +31 30 2483894 -- To UNSUBSCRIBE, email to debian-security-REQUEST with a subject of "unsubscribe". Trouble? Contact listmaster Prev-Msg Prev-Thread Debian-security Sep-2005 Next-Thread Next-Msg

© 2004-2008 readlist.com