Attack or problem?
My www/ftp server has an uptime of 380 days and is still running
potato and 2.4.9 kernel. I have notice the following in todays
kernel.logs:
...
Sep 21 09:15:54 host kernel: UDP: bad checksum. From 65.96.240.162:29372 to X.Y.Z.W:33481 ulen 20
Sep 21 09:15:54 host kernel: UDP: bad checksum. From 65.96.240.162:29372 to X.Y.Z.W:33463 ulen 20
Sep 21 09:15:54 host kernel: TCP: Treason uncloaked! Peer 66.28.13.251:3700/80 shrinks window 1554281757:1554289905. Repaired.
...
Sep 21 09:15:54 host kernel: TCP: Treason uncloaked! Peer 66.28.13.251:3700/80 shrinks window 1555215717:1555220969. Repaired.
Sep 21 09:15:54 host kernel: UDP: bad checksum. From 208.59.175.234:33118 to X.Y.Z.W:33547 ulen 20
Sep 21 09:15:54 host kernel: UDP: bad checksum. From 208.59.175.234:33118 to X.Y.Z.W:33532 ulen 20
...
Is this a kernel problem, hardware or an attack attempt?
-Igor Mozetic
Reply to: