[Cialug] TCP: Treason uncloaked

David Champion dchamp1337 at gmail.com
Fri Jan 13 18:47:21 CST 2012


On port 80, these were web servers behind a firewall that only allowed 80
through.

-dc

On Fri, Jan 13, 2012 at 2:12 PM, Nicolai <nicolai-cialug at chocolatine.org>wrote:

> On Fri, Jan 13, 2012 at 02:01:59PM -0600, David Champion wrote:
>
> > I ran across a Linux server getting hit by an apparent DoS attack, which
> > caused the server to be very slow. Looking at dmesg, there was a lot of
> > "TCP: Treason uncloaked..." messages.
>
> > If you do some googleing, you can also find info on blocking this attack
> > with iptables.
>
> Interesting... there's conflicting information on this issue according
> to a google search.  Out of curiosity, what were the local and remote
> TCP ports?
>
> Nicolai
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cialug.org/pipermail/cialug/attachments/20120113/6ee109af/attachment.html>


More information about the Cialug mailing list