20000808: your machine is hammered AND has security problems

>From: "Thomas L. Mote" <address@hidden>
>Organization: University of Georgia
>Keywords: 200007172022.e6HKMuT11816 UGA McIDAS-X ADDE NOAAPORT GINI imagery

Tom,

While on cacimbo, I asked our system administrator to take a look at
the massive number of errors being sent to your /var/adm/messages file.
Here is an example:

Aug  8 21:06:29 cacimbo inetd[115]: /usr/dt/bin/rpc.ttdbserverd: Child Status 
Changed
Aug  8 21:07:26 cacimbo last message repeated 28 times

His comment was that you shouldn't be running 'rpc.ttdbserverd', or if you
really need to, you should upgrade your OS patch level.  'rpc.ttdbserverd'
has known security problems, and it is causing a bunch of errors on
your system.  If your machine hasn't already been breeched, it could
be at anytime.

To stop running rpc.ttdbserverd. you should edit /etc/inetd.conf and
comment out the Sun ToolTalk Database Server:

change:

100083/1        stream  rpc/tcp wait root /usr/dt/bin/rpc.ttdbserverd 
rpc.ttdbserverd

to:

# 100083/1        stream  rpc/tcp wait root /usr/dt/bin/rpc.ttdbserverd 
rpc.ttdbserverd

After making the change, send a HUP to inetd:

kill -HUP <process id of inetd>

Also, in my previous email I noted that your machine is very slow.  Not
finding the handy application 'top', I had to resort to the listing
from 'uptime':

cacimbo% uptime
  9:13pm  up 1 day(s),  2:46,  4 users,  load average: 22.60, 22.77, 22.65

You can see that the load averages are at 22!  Something is not right
here!  No wonder it is taking hours for the McIDAS update to run its
course.  The compilers are simply waiting for little slices of your
CPUs.  Perhaps the rpc.ttdbserverd error messages are an indication of
what is going on?

My system administrator suggests that you load 'top' so you can better
monitor what is eating up your machine.  Here is a URL for 'top':

ftp://ftp.groupsys.com/pub/top/

'top' has to be installed as 'root', otherwise we would have done it for
you.

Tom