-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I ran into a situation last week, where my /var partion completely filled up. Upon investigation, I realized that /var/log/snort filled 85% of the space available on the partition. Having no space left on /var left no space for incoming mail and no space for squid cache, and slowed my machine to a crawl. Would it be theoretically possible to launch a herd of port scanners against a known host to fill up someone's /var drive and shut them down? Or, am I missing something in a logrotate or config setting somewhere? TIA Jeff Harris - --- Registered Linux user #304026. "lynx -source http://www.rallycentral.us/~linux/jharris.asc | gpg --import" or "gpg --keyserver pgp.mit.edu --recv-key BD23A31E" Key fingerprint = FB8C 3210 8DE1 78F4 6505 5918 0C34 BE94 BD23 A31E -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQE+xU04DDS+lL0jox4RAkpFAJ4rzc3jvPN023uw93Nb2+vL6EwS3QCfXssg nFhxyCz5rfzNTWBP7/FCjeA= =w5B0 -----END PGP SIGNATURE-----