[NBLUG/talk] Weird dmesg

ME dugan at passwall.com
Tue Apr 15 00:42:00 PDT 2003


> I saw this in my dmesg today, anyone know what it means?
>
>
> TCP: Treason uncloaked! Peer 129.19.136.33:4225/80 shrinks
> window 953690301:953697201. Repaired.
> TCP: Treason uncloaked! Peer 129.19.136.33:4225/80 shrinks
> window 953690301:953697201. Repaired.
> TCP: Treason uncloaked! Peer 129.19.137.52:1062/80 shrinks
> window 3335165973:3335167113. Repaired.
> TCP: Treason uncloaked! Peer 129.19.137.52:1062/80 shrinks
> window 3335165973:3335167113. Repaired.

I think the kernel developers made a fix for one of TCP attacks (like
fragmented packets that when reassembled are larger than max valid or
smaller than min valid. (though there were others) and as a part of the
patch, they thought it would be good to log attempts with that message.

Anyway, I may not recall this accurately, but I seem to recall that later
kernel updates somehow lost the fix but kept the message.This led to DoS
where people runing what they thought were "fixed" kernels, wern't.

The Linux source has comments on this issue, an google has many, many
archived posts and answers for this. Assuming I am remembering this
accurately, google could be rthe best source for detailed descriptions.

If you have one of the latest kernels, then you can treat this as a
warning mmessage.



More information about the talk mailing list