Re: kernel: [mmm.nnn] TCP: drop open request :: Do I have to worry about ?

To: debian-user@lists.debian.org
Subject: Re: kernel: [mmm.nnn] TCP: drop open request :: Do I have to worry about ?
From: Henrique de Moraes Holschuh <hmh@debian.org>
Date: Sun, 2 Oct 2011 20:52:10 -0300
Message-id: <[🔎] 20111002235210.GF16368@khazad-dum.debian.net>
In-reply-to: <[🔎] 4E88E0B2.70700@lavignotte.org>
References: <[🔎] 4E88E0B2.70700@lavignotte.org>

On Mon, 03 Oct 2011, jacques wrote:
> from time to time log spits :
> 
> Oct  2 23:25:11 gordo kernel: [501679.617067] TCP: drop open request
> from ip.ip.ip.ip/1979
> Oct  2 23:25:11 gordo kernel: [501679.639032] TCP: drop open request
> from ip.ip.ip.ip/1980
> Oct  2 23:25:11 gordo kernel: [501679.639044] TCP: drop open request
> from ip.ip.ip.ip/1981
> Oct  2 23:25:11 gordo kernel: [501679.639053] TCP: drop open request
> from ip.ip.ip.ip/1982
> 
> several line sof it. ip.ip.ip.ip is not the real string ;)
> 
> Do I have to worry about and consider to process these messages ?

Enable SYN cookies, and check whether you have tuned your TCP stack well
enough for your normal load...

http://e-mats.org/2010/01/tcp-drop-open-request-from/
http://blog.blacknode.net/2008/03/tcp-drop-open-request-from-xxxxxxxxxxxx/

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

Reply to:

References:
- kernel: [mmm.nnn] TCP: drop open request :: Do I have to worry about ?
  - From: jacques <jacques@lavignotte.org>

Prev by Date: Re: [OT] British vs. American English (was Re: Wow, Evolution left me with eggs in my face)
Next by Date: Re: [OT] British vs. American English
Previous by thread: kernel: [mmm.nnn] TCP: drop open request :: Do I have to worry about ?
Next by thread: emacs rmail: how to save sent messages
Index(es):
- Date
- Thread