Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: DoS attack against TCP services

    Date:        Wed, 4 Feb 2015 23:27:39 +0100 (CET)
    Message-ID:  <>

  | I'm afraid I have chosen the wrong subject. After some testing, I found 
  | that all tcp connections go in the TIME_WAIT state.

It would be all TCP connections that are first closed by your system,
(ones closed first by the remote, like some HTTP connections, skip TIME_WAIT
at your end).

The problem to me "smells" very much like there's some problem with the
kernel's internal timer operations - or related - something isn't
processing time correctly.

What's more, it seems peculiar to your system, as no-one else seems to
be reporting similar problems.   So I'd be investigating how the timers
are working (or are not working) in the kernel - perhaps even try
selecting a different timer.

I assume that time (as seen from user processes) is functioning correctly?


Home | Main Index | Thread Index | Old Index