1

On one of our boxes, I'm encountering strange problem from time to time.. in.tftpd processes are forking up to thousand of processes, getting server to almost unresponsive state.

I've tried various approaches to limiting tftp daemon but to no avail..

what puzzles me most is, that it seems to breach even ulimit -u setting.

I'm starting in.tftpd from initscript (so no xinetd), prior to starting it, ulimit -n 50 is run.

I can see limit set up correctly for master process:

grep processes /proc/XXX/limits: Max processes 50 50 processes

but again, few days ago, problem occured again, according to atop records, thousands of in.tftpd processes got forked..

Any idea on what could I be doing wrong?

I also tried limiting memory using cgroups, but even with limit of 2MB, it can spawn much more processes than I'd like, and 1MB is too low... Is it possible to limit number of processes using cgroups? but I still think ulimit should be enough, but what am I doing wrong here?

**processes getting increasing & reducing, wondering what could be the root cause? :-|

thanks a lot for any clues in advance, I'm really becoming desperate...

Please find the screenshots:

https://www.dropbox.com/s/mwfgoe5k11ghc7z/1.png?dl=0 https://www.dropbox.com/s/62ksc3lefnpywjm/2.png?dl=0

Jackson Lourdusamy
  • 37
  • 3
  • Are you getting hacked? Does a new process appear each time there is a tftp connect? Is some one scanning your machine or attacking your ports? Firewall your machine or just pull the ethernet cable and see if it helps. – Hankster May 13 '15 at 07:48
  • I see you’re new to the Stack Exchange network, so welcome! This is more of a system administration than a programming-related question so it’s *off-topic* for StackOverflow. You’d have a much better chance of getting good answers at [Unix and Linux](http://unix.stackexchange.com/). – Anthony Geoghegan May 13 '15 at 08:23

0 Answers0