Re: DoS attack against TCP services

To: 6bone%6bone.informatik.uni-leipzig.de@localhost
Subject: Re: DoS attack against TCP services
From: Robert Elz <kre%munnari.OZ.AU@localhost>
Date: Fri, 06 Feb 2015 02:40:34 +0700

    Date:        Wed, 4 Feb 2015 23:27:39 +0100 (CET)
    From:        6bone%6bone.informatik.uni-leipzig.de@localhost
    Message-ID:  <Pine.NEB.4.64.1502042315490.812%6bone.informatik.uni-leipzig.de@localhost>

  | I'm afraid I have chosen the wrong subject. After some testing, I found 
  | that all tcp connections go in the TIME_WAIT state.

It would be all TCP connections that are first closed by your system,
(ones closed first by the remote, like some HTTP connections, skip TIME_WAIT
at your end).

The problem to me "smells" very much like there's some problem with the
kernel's internal timer operations - or related - something isn't
processing time correctly.

What's more, it seems peculiar to your system, as no-one else seems to
be reporting similar problems.   So I'd be investigating how the timers
are working (or are not working) in the kernel - perhaps even try
selecting a different timer.

I assume that time (as seen from user processes) is functioning correctly?

kre

Follow-Ups:
- Re: DoS attack against TCP services
  - From: 6bone
- Re: DoS attack against TCP services
  - From: 6bone
- Re: DoS attack against TCP services
  - From: 6bone

References:
- Re: DoS attack against TCP services
  - From: 6bone
- Re: DoS attack against TCP services
  - From: Christos Zoulas

Prev by Date: Kernel RNG
Next by Date: Re: Kernel RNG
Previous by Thread: Re: DoS attack against TCP services
Next by Thread: Re: DoS attack against TCP services
Indexes:

Home | Main Index | Thread Index | Old Index