TCP receive window set to 0; DoS or not?
travis.hassloch at rackspace.com
Thu Sep 7 21:30:57 UTC 2006
-----BEGIN PGP SIGNED MESSAGE-----
New listener, first-time caller.
I've been seeing some systems that stop serving pages, and I also see
the Linux "Treason Uncloaked!" kernel messages that indicate a remote
system reduced its rcv win from 1 to 0... is there a non-malicious
explanation for this, aside from a remote host running out of socket
buffers? Seems to happen too often for that to be the case, and
my googling has shown that it may be outside of spec. Certainly
the warning is clear enough...
The whole point of the Internet is that different kinds of computers
can interoperate. Every time you see a web site that only supports
certain browsers or operating systems, they clearly don't get it.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v220.127.116.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the NANOG