• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 166
  • Last Modified:

Urgent: No space left on Disk -- VIRUS? ( Linux )

All of a sudden, my hard drives on linux got full.. There are two HDs mounted... one got full ... i thought i just need to delete some files... but now the second one shows 100% too ..

I rebooted the computer and now its not booting up...  HELP NEEDED!

0
jibranilyas
Asked:
jibranilyas
  • 2
1 Solution
 
SunBowCommented:
Use boot diskette or CD.

If you were not adding stuff, you probably have no virus but opened up vulnerability to allow people to internet their files for you for free anonymous storage.  Generally, remove TCP for that, and until you secure better, remove all networking.

For future, with linux or anything, reserve one disk for only the system files and use.  Set up other disk with the applications and all temporary files, such as eMail and logs.

A recent thread complained about Oracle.  Our answer is, that you, the Admin, must exercise control over the applications logs of anything, how many things are tracked, and how big a file can be - files which you should ensure never go to boot drive.  I suppose if you tried on your own to run some malware sniffer to record everythin possible, one could learn that one cannot store everything possible.

Last ditch effort, build a separate drive for booting, then attach these to get any files needed, and clean them up while doing a post-mortem analysis of what broke it. You cannot add space to a full disk.  Booting requires access to at least a little bit of temporary space. With a diskette, you might get up long enough to at least delete a few unnecessary files.   Alternatively, boot to maintenance mode and run some cleansing jobs than my remove crosslinked sectors, locate lost sectors, and otherwise make some space available.  Rule applies to all OS.
0
 
zerofieldCommented:
use a recovery disk, a knoppix or kanotix disk, either one.  boot up.

once at a command window or command line, mount your partition (i really hope i dont need to show you this, but just in case..)

it'll resemble something along the lines of:

mount /dev/hda1 /mnt/hda1  (ide)    or   /dev/sda1 (scsi)  or   /dev/md1   (multi disk stuff)

get it mounted, then run this command (modified accordingly):

find /mnt/hda1 / -size=+1000

you may want to man find to check out how to modify that command.  essentially, you're looking for large files.  you could combine du and wc commands to try to find directories with hundreds of thousands of files, but searching for all files larger than say, 2-5 megs would probably show you something.

my guess would be to check in the /var some first, look for databases or logs of enormous sizes.
0
 
SunBowCommented:
thanx.
              (but don't neglect the other comment)
                                                                                      Good Fortune !
0

Featured Post

Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now