Solved

Urgent: No space left on Disk -- VIRUS?  ( Linux )

Posted on 2004-09-21
3
162 Views
Last Modified: 2010-04-11
All of a sudden, my hard drives on linux got full.. There are two HDs mounted... one got full ... i thought i just need to delete some files... but now the second one shows 100% too ..

I rebooted the computer and now its not booting up...  HELP NEEDED!

0
Comment
Question by:jibranilyas
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 24

Accepted Solution

by:
SunBow earned 500 total points
ID: 12114267
Use boot diskette or CD.

If you were not adding stuff, you probably have no virus but opened up vulnerability to allow people to internet their files for you for free anonymous storage.  Generally, remove TCP for that, and until you secure better, remove all networking.

For future, with linux or anything, reserve one disk for only the system files and use.  Set up other disk with the applications and all temporary files, such as eMail and logs.

A recent thread complained about Oracle.  Our answer is, that you, the Admin, must exercise control over the applications logs of anything, how many things are tracked, and how big a file can be - files which you should ensure never go to boot drive.  I suppose if you tried on your own to run some malware sniffer to record everythin possible, one could learn that one cannot store everything possible.

Last ditch effort, build a separate drive for booting, then attach these to get any files needed, and clean them up while doing a post-mortem analysis of what broke it. You cannot add space to a full disk.  Booting requires access to at least a little bit of temporary space. With a diskette, you might get up long enough to at least delete a few unnecessary files.   Alternatively, boot to maintenance mode and run some cleansing jobs than my remove crosslinked sectors, locate lost sectors, and otherwise make some space available.  Rule applies to all OS.
0
 
LVL 5

Expert Comment

by:zerofield
ID: 12115482
use a recovery disk, a knoppix or kanotix disk, either one.  boot up.

once at a command window or command line, mount your partition (i really hope i dont need to show you this, but just in case..)

it'll resemble something along the lines of:

mount /dev/hda1 /mnt/hda1  (ide)    or   /dev/sda1 (scsi)  or   /dev/md1   (multi disk stuff)

get it mounted, then run this command (modified accordingly):

find /mnt/hda1 / -size=+1000

you may want to man find to check out how to modify that command.  essentially, you're looking for large files.  you could combine du and wc commands to try to find directories with hundreds of thousands of files, but searching for all files larger than say, 2-5 megs would probably show you something.

my guess would be to check in the /var some first, look for databases or logs of enormous sizes.
0
 
LVL 24

Expert Comment

by:SunBow
ID: 12138499
thanx.
              (but don't neglect the other comment)
                                                                                      Good Fortune !
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
Email attacks are the most common methods for initiating ransomware and phishing scams. Attackers want you to open an infected attachment or click a malicious link, and unwittingly download malware to your machine. Here are 7 ways you can stay safe.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Suggested Courses

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question