TCP receive window set to 0; DoS or not?

Travis Hassloch travis.hassloch at rackspace.com
Thu Sep 7 21:30:57 UTC 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

New listener, first-time caller.

I've been seeing some systems that stop serving pages, and I also see
the Linux "Treason Uncloaked!" kernel messages that indicate a remote
system reduced its rcv win from 1 to 0... is there a non-malicious
explanation for this, aside from a remote host running out of socket
buffers?  Seems to happen too often for that to be the case, and
my googling has shown that it may be outside of spec.  Certainly
the warning is clear enough...
- --
The whole point of the Internet is that different kinds of computers
can interoperate.  Every time you see a web site that only supports
certain browsers or operating systems, they clearly don't get it.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFAI+QPlSPhv5tocwRAg5hAKCBNvX4U8hAmtfnGImRug5t1IUoBACfbXlS
kNJe5BAexBENqtsb1TULL3I=
=2Cit
-----END PGP SIGNATURE-----



More information about the NANOG mailing list