On Wed, 20 May 1998, Tomasz Papszun wrote:
> On Tue, 19 May 1998, Henrik Nordstrom wrote:
>
> > > [kfree_skb+183/244] [ip_glue+308/472] [ip_defrag+837/860]
> > > [ip_rcv+380/1464] [def_callback2+38/44] [packet_rcv+177/188]
> >
> > Looks like you have a Linux TCP/IP kernel problem (or memory fault).
>
> Original messages (included in the question) are very similar to these
> after some quite new (from about a few weeks or a month ago) kind of
> Denial-of-Service attack on Linux (and M$ W*). Something like nestea2,
> overdrop and so on. Even kernel 2.0.33 is vulnerable.
Odd, isn't it ? I mean this had happened the second time after an uptime
of 22 Days. Doesn't sound like a DoS-Attack to me.
I guess I'll wait for another 22 days of uptime to be reached - then it
should be clearer.
> Which version of kernel have you?
It's SuSEs pre-SuSE-3 of 2.0.33 - I've allready informed them. I'll try a
blank one today.
> After applying some "pre-34" patch to 2.0.33, vulnerability disappeared at
> my server.
> For up-to-date patches look at
> ftp://ftp.uk.linux.org/pub/linux/alan/2.0.34pre/
> (at the moment there is patch-2.0.34pre15.gz from 17 May).
Thanks, I'll check it out and install it !
regards, sascha
Received on Fri May 22 1998 - 00:59:47 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:40:19 MST