slow server because of security setup? - Security

This is a discussion on slow server because of security setup? - Security ; Hi I have a server where I have done various security setup. The machine has become quite slow now. The problem is that things hangs for some time in the middle of operations, for no apparent reason. E.g. apt-get update/upgrade ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: slow server because of security setup?

  1. slow server because of security setup?

    Hi

    I have a server where I have done various security setup. The machine
    has become quite slow now. The problem is that things hangs for some
    time in the middle of operations, for no apparent reason. E.g. apt-get
    update/upgrade stops several times in the middle of the operation and
    hangs for 30-60 seconds before continuing. An SSH connection attempt
    hangs up to 30 seconds before the login prompt appears. Sometimes it is
    fast and sometimes its slow.

    I attribute these problems to the security setup, since without the
    security setup, the box was fast as could be expected, without any of
    these hiccups. I mainly followed the Debian Security setup
    documentation, not entirly, but the majort parts. So the I ran bastille
    entirely and enabled its firewall. I turned off all services except ssh,
    which I manually configured with basic setup, I configured the
    hosts.allow/deny with basic deny all and allow ssh and a finger rule.
    That is the major components of it.

    What I am suspecting is that because bastille turned off things like the
    possibility to send ping messages etc, it might also have turned on
    something to rate adjust the speed of some services or network
    functions. Alternatively, that bastille has configured the machine to
    for example do reverse lookup/finger etc. of the connecting machine.
    This, then, does not work because of the connecting machines own
    security setup, so the process hangs until the network timeout occurs.
    Something similar might be the cause with apt-get.

    Any ideas what the problem might be and how to fix it?

    regards

    tom

  2. Re: slow server because of security setup?

    Tom Forsmo wrote:
    > Hi
    >
    > I have a server where I have done various security setup. The machine
    > has become quite slow now. The problem is that things hangs for some
    > time in the middle of operations, for no apparent reason. E.g. apt-get
    > update/upgrade stops several times in the middle of the operation and
    > hangs for 30-60 seconds before continuing. An SSH connection attempt
    > hangs up to 30 seconds before the login prompt appears. Sometimes it is
    > fast and sometimes its slow.


    Complete guess, but I'd go for a problem with your DNS. Starting an ssh
    session will do both a forward and a reverse lookup, and either of those
    failing will cause the session to hang for quite a while.

    It's unlikely to be your security setup, as if you were being blocked it
    would hang indefinitely and not resume after a few seconds.

    I'd start with the networking basics and go from there.

    Simon.

+ Reply to Thread