On Tue, Apr 25, 2006 at 10:51:47AM -0400, Tanner Lovelace wrote: > Apr 25 09:31:39 bebop kernel: TCP: Treason uncloaked! Peer > 200.219.181.35:24117/80 shrinks window 3787637969:3787637970. > Repaired.
It is not necessarily an attack at all. Many packet manglers (packeteer comes to mind) do ... interesting things. The code in question is part of the TCP retransmit timer and deals with the receiver [mistakenly|maliciously] shrinking the receive window. The stack works around that. You shouldn't be alarmed offhand. If it happens repeatedly, there's probably muckery afoot upstream. Thanks, -- Daniel T. Chen [EMAIL PROTECTED] GPG key: www.sh.nu/~crimsun/pubkey.gpg.asc
pgpnUiDY5CSzm.pgp
Description: PGP signature
-- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
