Each UDP packet has a header and a payload (the data). The header contains
the source port, the destination port, packet's length and a checksum. Linux
automatically drops the packets with invalid length ("short packet") or if
checksum validation fails ("bad checksum"), so you can't block them.I doubt this is an attack because the packets do nothing, are simply ignored. And I don't think you receive hundreds/thousands invalid packets per second. But probably this means that some hardware has problems... -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Mico Sent: Wednesday, October 03, 2012 0:17 AM To: Half-Life dedicated Linux server mailing list Subject: [hlds_linux] Prevent UDP attacks In the message log of the operating system (Ubuntu 12.04) I'm seeing a lot of logs like the following: [848814.998297] UDP: short packet: From 190.xxx.xxx.xxx:308 /33 to 200.xxx.xxx.xxx:27025 [874435.912157] UDP: short packet: From 190.xxx.xxx.xxx:4805 49320/37 to 200.xxx.xxx.xxx:27024 [882015.978724] UDP: bad checksum. From 190.xxx.xxx.xxx:58299 to 200.xxx.xxx.xxx:27020 ulen 33 As block these requests? thanks _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
