[Icecast] Re: Anyone seen this?
Geoff Shang
geoff at hitsandpieces.net
Fri Apr 29 04:04:15 UTC 2005
Karl Heyes wrote:
>> 1) file descriptor leak. If it's this, that's a pretty serious icecast
>> bug, probably exploitable as a DoS attack.
>
> agreed, on linux check the /proc/<pid>/fd directory, use of utilities
> like lsof may indicate excessive file descriptor usage.
I don't appear to have lsof. What does it do?
What should I be seeing in this directory? At time of writing, I see 92
entries.
>> 3) Hitting a kernel limit (either per-user or global). Unlikely unless
>> you have a lot of clients (hundreds or thousands). If it's a per-user
>> limit, it should be easy to change. If it's global... well, you'd need
>> at least a few thousand clients for that, so it's unlikely.
>
> check ulimit (-n) for open files, the default is 1024.
Yeah it's 1024.
>> All in all, I'd say the first one (fd leak) is the most likely, but
>> there's not enough info here for me to guess at where (and if there
>> was, I couldn't do anything about it anyway - don't have my computer
>> with me here in Berlin :-).
>
> agreed, the logs may indicate an unusual pattern showing up
Well, let me know if you want them, I wouldn't know what to look for.
They're rather big. :)
Geoff.
More information about the Icecast
mailing list