On Mon, 23 Dec 2002, Andres C. wrote: > I've a problem with this. > Kernel goes dwon and logs show something like this. > > Dec 23 08:42:47 ns1 kernel: Stack: 000000c4 d5cec540 00059682 c0126013 > 00000304 00405049 00000400 c0126de8 > Dec 23 08:42:47 ns1 kernel: 00000304 00405049 00000400 00000000 > d25fdef4 000000c4 d782b100 d782b100 > Dec 23 08:42:47 ns1 kernel: de0d1bc0 c46c2000 00000304 00000002 > d5cec660 00000000 d5cec660 d5cec480 > Dec 23 08:42:47 ns1 kernel: Call Trace: [get_hash_table+23/36] > [brw_page+332/924] [ext2_bmap+110/132] [generic_readpage+133/148] > [try_to_read_ahead+254/276] [do_generic_file_read+750/1508] > [generic_file_read+99/124] > Dec 23 08:42:47 ns1 kernel: [file_read_actor+0/80] [sys_read+174/196] > [system_call+52/56] > Dec 23 08:42:47 ns1 kernel: Code: 8b 00 39 6a 04 75 15 8b 4c 24 20 39 4a 08 > 75 0c 66 39 7a 0c > Dec 23 10:03:52 ns1 kernel: possible SYN flooding on port 80. Sending > cookies.
The syn flood came quite a while after the kernel log entries. I doubt that it is a dos attack. Does the problem persist? Gerald -- http://frontstreetnetworks.com | http://raqware.com Front Street Networks LLC | Phone: +1 203-785-0699 229 Front Street, Ste. C, New Haven, CT. 06513-3203 _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
