OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: Re[3]: [suse-security] NSCD
From: Cliff Friedel (cliffwrkcs.net)
Date: Fri Dec 22 2000 - 23:21:49 CST

I have had this problem with an ISP I started. Seems like nscd just bites
it after it starts taking a healthy amount of hits. That with its slow
performance has made me remove it from all of our servers.

Cliff

On Fri, 22 Dec 2000 r.maurizzigvs.it wrote:

>
>
> > This amount of users needs a lot of tuning and i think installing a
> > program like NSCD is or should be part of that tuning. I personaly run
> > SuSE on a web-servers and have NSCD turned of. The reason is that i only
> > read difficulties of NSCD and every pogram adds a security risc.
>
> Am I the only one for which NSCD creates problems with slow nameservers? As in:
>
> - Issue the command: "ping www.somestrangedomainname.com"
> - my DNS has to lookup the address from a far/slow DNS and doesn't reply before
> timeout
> - ping replies host unknown
> - NSCD caches the host unknown error
> - another ping returns error again for some time
> - "/etc/rc.d/nscd stop" (sorry for the RedHat-ism :)
> - "ping www.somestrangedomainname.com"
> - this times it's OK.
>
> I can easily imagine a lot of people that just installed linux being lost, and
> rebooting their machine to see "if it works this way". And the worst part is, it
> does work after the reboot...
>
> Someone should have a talk with the glib/nsdc people ;-)
>
>
> Ciao,
> Roberto.
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: suse-security-unsubscribesuse.com
> For additional commands, e-mail: suse-security-helpsuse.com
>
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: suse-security-unsubscribesuse.com
For additional commands, e-mail: suse-security-helpsuse.com