java server causes complete server shutdown

[julia]

Hello,

I am not sure if this is a java problem or a redhat problem.

I am running a chat server written in java called Bribble. I have
java2 1.4 installed under Fedora 1. When a client connects to this
server, at one point or another, several other daemons become
unresponsive. The httpd, named, sshd servers all stop working. Ping,
however, remains up. Thus I know the box is still operational. At
this point, I have to call my ISP to have the box rebooted.

Does anyone know what could be causing this problem? I find it very
strange that such a small chat server program could do such damage.
The chat server is started using: java -server -jar bribble.jar. It
does some mysql work in the background as well. I have read that this
may be related to IPv4/IPv6 issues. But I was hoping someone could
give some insight or pointer to what the problem may be.

Thanks!
julia

 

[Paul Lutus]

Hello,

I am not sure if this is a java problem or a redhat problem.

I am running a chat server written in java called Bribble. I have
java2 1.4 installed under Fedora 1. When a client connects to this
server, at one point or another, several other daemons become
unresponsive. The httpd, named, sshd servers all stop working. Ping,
however, remains up. Thus I know the box is still operational. At
this point, I have to call my ISP to have the box rebooted.

Does anyone know what could be causing this problem?

Yes, I know exactly. It is a problem with your server machine. But for me to
be more specific, you would have to be more specific.

I find it very
strange that such a small chat server program could do such damage.
The chat server is started using: java -server -jar bribble.jar. It
does some mysql work in the background as well. I have read that this
may be related to IPv4/IPv6 issues. But I was hoping someone could
give some insight or pointer to what the problem may be.

If, as seems likely, you do not have access to the server's source code and
are not yourself the programmer responsible for it, and if you are not in a
position to post the specific server-side error messages, we are not going
to be able (or perhaps willing) to try to sort it out, because it is simply
not a Java programming problem as presented.

 

[John C. Bollinger]

Hello,

I am not sure if this is a java problem or a redhat problem.

I am running a chat server written in java called Bribble. I have
java2 1.4 installed under Fedora 1. When a client connects to this
server, at one point or another, several other daemons become
unresponsive. The httpd, named, sshd servers all stop working. Ping,
however, remains up. Thus I know the box is still operational. At
this point, I have to call my ISP to have the box rebooted.

Does anyone know what could be causing this problem?

If your server does not exhibit these symptoms over an extended period
when you are not running the chat server, then very likely your chat
server is buggy. Have you contacted the developers?

I find it very
strange that such a small chat server program could do such damage.

I'm sure I could write a much smaller program that could do much more
damage. The nature and size of the program are largely irrelevant; if
it is buggy then it might have all manner of unfortunate effects. One
thing, though: any program has a much greater potential to cause
problems if it runs as root. If you are running your chat server that
way then I strongly recommend that you stop doing so immediately.

The chat server is started using: java -server -jar bribble.jar. It

That tells us almost nothing, I'm afraid.

does some mysql work in the background as well. I have read that this
may be related to IPv4/IPv6 issues. But I was hoping someone could
give some insight or pointer to what the problem may be.

You haven't given us enough to do more than make wild guesses. Do you
see anything pertinent in any of the system logs? As what user does the
program run? Is it started manually, or in some other manner? How long
does it have to run before problems occur? How much / what kind of
client activity is required before problems occur? Do the developers
offer any support? Does the chat server remain usable when the other
services go down? Indefinitely?


John Bollinger
(e-mail address removed)

 

[julia]

Hi Paul,

Thanks so much for taking the time to read my post... It is really
appreciated.

The server is running Fedora 1 with java2 1.4.2 and I have root access
so I can send anything you want. I'm not quite sure where to begin.

I my opinion, the worst part is the fact that this problem causes sshd
to become unresponsive. named and httpd also become unresponsive, but
I'll start with sshd. But first I'll check /var/log/messages. There
are a bunch of these:

Oct 17 04:28:42 207-234-145-112 sshd(pam_unix)[7359]: check pass; user
unknown
Oct 17 04:28:42 207-234-145-112 sshd(pam_unix)[7359]: authentication
failure; logname= uid=0 euid=0 tty=NODEVssh ruser=
rhost=140.134.31.166

I'm assuming that this is some hacker trying to break in at 4AM EST.
It seems like they never got in, but I'm not an expert, maybe they
found a way? Everything else in /var/log/messages looks pretty
normal.

Then I check /var/log/secure:

Oct 17 04:28:36 207-234-145-112 sshd[7357]: Illegal user test from
140.134.31.166
Oct 17 04:28:40 207-234-145-112 sshd[7357]: Failed password for
illegal user test from 140.134.31.166 port 2433 ssh2
Oct 17 04:28:42 207-234-145-112 sshd[7359]: Illegal user guest from
140.134.31.166

Ok someone is definitely trying to break in. They *seem* to be
unsuccessful.

Is there anymore information I should send?

Once again, thank you so much for helping. I'm really curious to
learn how to debug problems like this: problems where there is no hope


Best,
julia

 

[julia]

Hi John,

Thanks so much for responding... I really appreciate it.

I checked /var/log/messages and didn't really find anything out of the
ordinary, but then again, not too sure what to be looking for. There
are some people trying to break in to the server as indicated in
/var/log/secure, but they seem to be unsuccessful.

The problem starts when a client connects to the server. The server
can run on its own, listening, for any amount of time. But when a
client connects, sshd, httpd, named and the chatserver itself all go
down. I've waited hours, but they never come back.

I think I'll check the source and see exactly what's happening. I'll
check back soon.

Thanks again!
julia

 

[Paul Lutus]

Hi Paul,

Thanks so much for taking the time to read my post... It is really
appreciated.

The server is running Fedora 1 with java2 1.4.2 and I have root access
so I can send anything you want. I'm not quite sure where to begin.

I my opinion, the worst part is the fact that this problem causes sshd
to become unresponsive. named and httpd also become unresponsive, but
I'll start with sshd. But first I'll check /var/log/messages. There
are a bunch of these:

/ ...

Ok someone is definitely trying to break in. They *seem* to be
unsuccessful.

Okay, please step back for a moment. This is clearly a Linux server security
and configuration issue. It is not a Java-related issue at all.

Why not choose a Linux newsgroup to discuss it?

 

[Sudsy]

julia wrote:

Oct 17 04:28:36 207-234-145-112 sshd[7357]: Illegal user test from
140.134.31.166
Oct 17 04:28:40 207-234-145-112 sshd[7357]: Failed password for
illegal user test from 140.134.31.166 port 2433 ssh2
Oct 17 04:28:42 207-234-145-112 sshd[7359]: Illegal user guest from
140.134.31.166

Ok someone is definitely trying to break in. They *seem* to be
unsuccessful.

So someone at Feng Chia University in Taiwan is trying to "crack" your
system. Must be some education they're getting... :-(
Have you checked CERT (<http://www.cert.org>) for vulnerabilities?