On Fri, 11 May 2001 [EMAIL PROTECTED] wrote:
>
> Hey everyone,
>
> Sorry for the crosspost, but I wanted to make sure everybody and anybody
> who has knowledge on this subject has seen my plea for help. :)
> (espeically since I'll probably be doing this switch tomorrow)
>
> Are there currently any tweaks in solaris i386 for the abuse IRC
> servers puts the kernel under? I know of the following two lines for
> /etc/system, but I don't know if there's anything else I need to tweak.
>
> set rlim_fd_max = 8192
> set rlim_fd_cur = 4096
>
In addition to those, heres a tweak to remove a majority of buffer
overflow security holes on solaris, which will send a SIGSEGV to any
process trying to execute code on its stack, and log the attempt to
syslog:
set noexec_user_stack=1
set noexec_user_stack_log=1
It also might be a good idea to tweak ndd to 100BaseT full
duplex on, 100BaseT half duplex off, 10BaseT full duplex off, 10BaseT half
duplex off, autonegotiation off, in most situations, to avoid under
performance on the network side :)
>
> Also, another heads-up.. the IP of SanDiego.* will be changing with this
> move.. Since we don't have any N: lines, does this mean that I could
> possibly get away with re-iping SanDiego.* and connect before hub admins
> change their C lines?
>
> Unfortunately I don't think we'll know the new IPs until the time comes to
> switch the server.. I'll send out email with the new IP as soon as I find
> out, so DNS, C: lines, etc. can be updated.
>
> Thanks!
>
> -Clive
>
>
