[wildfly-dev] DOS causes logs with huge size
Jason Greene
jason.greene at redhat.com
Tue Jul 21 15:44:46 EDT 2015
In the CLI do:
/subsystem=logging/logger=javax.jmdns:add
/subsystem=logging/logger=javax.jmdns:write-attribute(name=level,value=OFF)
Or you can edit the XML and add:
<logger category="javax.jmdns">
<level name="OFF"/>
</logger>
> On Jul 21, 2015, at 2:10 PM, Eduardo Sant'Ana da Silva <eduardo.santanadasilva at gmail.com> wrote:
>
> No, how can I do this?
>
> On Jul 21, 2015, at 4:09 PM, Jason Greene <jason.greene at redhat.com <mailto:jason.greene at redhat.com>> wrote:
>
>> Did you try filtering out all of those log categories?
>>
>>> On Jul 21, 2015, at 2:04 PM, Eduardo Sant'Ana da Silva <eduardo.santanadasilva at gmail.com <mailto:eduardo.santanadasilva at gmail.com>> wrote:
>>>
>>> Anyone already saw this?
>>>
>>> I had, what I presume was a DOS attack in a virtual machine on the cloud, that consumes all space left.
>>>
>>> I saw single files log with more than 2.5G of information on my standalone log directory:
>>>
>>> 2015-07-20 06:53:46,024 SEVERE [javax.jmdns.impl.constants.DNSRecordType] (SocketListener(45-55-77-19.local.)) Could not find reco
>>> rd type for index: -1
>>> 2015-07-20 06:53:46,042 SEVERE [javax.jmdns.impl.DNSIncoming] (SocketListener(45-55-77-19.local.)) Could not find record type: dns
>>> [query,192.99.0.161:52050, length=184, id=0x5c78, flags=0x3030]
>>> 0: 5c7830305c783030 5c7830305c783030 5c7830305c783031 5c7830305c783030 \x00\x00 \x00\x00 \x00\x01 \x00\x00
>>> 20: 5c7830305c783030 5c7830305c783030 5c7830395c783546 5c7837335c783635 \x00\x00 \x00\x00 \x09\x5F \x73\x65
>>> 40: 5c7837325c783736 5c7836395c783633 5c7836355c783733 5c7830375c783546 \x72\x76 \x69\x63 \x65\x73 \x07\x5F
>>> 60: 5c7836345c783645 5c7837335c783244 5c7837335c783634 5c7830345c783546 \x64\x6E \x73\x2D \x73\x64 \x04\x5F
>>> 80: 5c7837355c783634 5c7837305c783035 5c7836435c783646 5c7836335c783631 \x75\x64 \x70\x05 \x6C\x6F \x63\x61
>>> a0: 5c7836435c783030 5c7830305c783043 5c7830305c783031 \x6C\x00 \x00\x0C \x00\x01
>>>
>>> 2015-07-20 06:53:46,076 WARNING [javax.jmdns.impl.constants.DNSRecordClass] (SocketListener(45-55-77-19.local.)) Could not find re
>>> cord class for index: -1
>>> 2015-07-20 06:53:46,260 SEVERE [javax.jmdns.impl.DNSIncoming$MessageInputStream] (SocketListener(45-55-77-19.local.)) bad domain n
>>> ame: possible circular name detected. Bad offset: 0xffffffff at 0xb6
>>> 2015-07-20 06:53:46,270 SEVERE [javax.jmdns.impl.constants.DNSRecordType] (SocketListener(45-55-77-19.local.)) Could not find reco
>>> rd type for index: -1
>>> 2015-07-20 06:53:46,296 SEVERE [javax.jmdns.impl.DNSIncoming] (SocketListener(45-55-77-19.local.)) Could not find record type: dns
>>> [query,192.99.0.161:52050, length=184, id=0x5c78, flags=0x3030, questions=1
>>> questions:
>>> [DNSQuestion at 2024648779 type: TYPE_IGNORE index 0, class: CLASS_UNKNOWN index 0, name: 0\x00\x01\x00\x00\x00\x00\x00\x00\x
>>> 09\x5F\x73\x6.\x72\x76\x69\x63\x65\x73\x07\x5F\x64\x6E\x73\x2D\x73\.4\x04\x5F\x75\x64\x70\x05\x6C\x6F\x63\x61\x6C\x00\x00\.C\x00\x
>>> 01ϿϿϿϿϿϿϿϿϿϿϿϿϿϿϿϿϿϿϿϿ.]]
>>> question: [DNSQuestion at 2024648779 type: TYPE_IGNORE index 0, class: CLASS_UNKNOWN index 0, name: 0\x00\x01\x00\x00\x0
>>> 0\x00\x00\x00\x09\x5F\x73\x6.\x72\x76\x69\x63\x65\x73\x07\x5F\x64\x6E\x73\x2D\x73\.4\x04\x5F\x75\x64\x70\x05\x6C\x6F\x63\x61\x6C\x
>>> 00\x00\.C\x00\x01ϿϿϿϿϿϿϿϿϿϿϿϿϿϿϿϿϿϿϿϿ.]
>>> 0: 5c7830305c783030 5c7830305c783030 5c7830305c783031 5c7830305c783030 \x00\x00 \x00\x00 \x00\x01 \x00\x00
>>> 20: 5c7830305c783030 5c7830305c783030 5c7830395c783546 5c7837335c783635 \x00\x00 \x00\x00 \x09\x5F \x73\x65
>>> 40: 5c7837325c783736 5c7836395c783633 5c7836355c783733 5c7830375c783546 \x72\x76 \x69\x63 \x65\x73 \x07\x5F
>>> 60: 5c7836345c783645 5c7837335c783244 5c7837335c783634 5c7830345c783546 \x64\x6E \x73\x2D \x73\x64 \x04\x5F
>>> 80: 5c7837355c783634 5c7837305c783035 5c7836435c783646 5c7836335c783631 \x75\x64 \x70\x05 \x6C\x6F \x63\x61
>>> a0: 5c7836435c783030 5c7830305c783043 5c7830305c783031 \x6C\x00 \x00\x0C \x00\x01
>>>
>>>
>>>
>>> Maybe this could give a hint:
>>>
>>> http://sourceforge.net/p/jmdns/bugs/130/ <http://sourceforge.net/p/jmdns/bugs/130/>
>>>
>>> Is this an issue that wildfly should care about?
>>>
>>> Regards
>>> Eduardo Sant'Ana da Silva
>>> _______________________________________________
>>> wildfly-dev mailing list
>>> wildfly-dev at lists.jboss.org <mailto:wildfly-dev at lists.jboss.org>
>>> https://lists.jboss.org/mailman/listinfo/wildfly-dev <https://lists.jboss.org/mailman/listinfo/wildfly-dev>
>> --
>> Jason T. Greene
>> WildFly Lead / JBoss EAP Platform Architect
>> JBoss, a division of Red Hat
>>
>
--
Jason T. Greene
WildFly Lead / JBoss EAP Platform Architect
JBoss, a division of Red Hat
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/wildfly-dev/attachments/20150721/0b647b84/attachment-0001.html
More information about the wildfly-dev
mailing list