[clug] Blocking wierd packets...
Kim Holburn
kim.holburn at anu.edu.au
Wed Aug 4 06:20:12 GMT 2004
Yeah, I have rule that does that.
$IPTABLES -A FORWARD -m state --state INVALID -j DROP
probably a good idea.
On 2004 Aug 4, , at 1:12 PM, Martijn van Oosterhout wrote:
> My firewall is dropping whacky packets looking like:
>
> ip_conntrack_tcp: INVALID: Out of window data; SEQ is over the upper
> bound (over the window of the receiver)
> ip_conntrack_tcp: INVALID: invalid TCP flag combination
> ip_conntrack_tcp: INVALID: bad TCP checksum
>
> Should I worry about this? Seems to me dropping them is a pretty safe
> thing to do in any case... Maybe the latest virus?
> --
> Martijn van Oosterhout <kleptog at svana.org>
> http://svana.org/kleptog/
>> Patent. n. Genius is 5% inspiration and 95% perspiration. A patent is
>> a
>> tool for doing 5% of the work and then sitting around waiting for
>> someone
>> else to do the other 95% so you can sue them.
> --
> linux mailing list
> linux at lists.samba.org
> http://lists.samba.org/mailman/listinfo/linux
>
--
Kim Holburn
IT Manager, Canberra Research Laboratory
National Information and Communication Technology Australia
Ph: +61 2 61258620 M: +61 417820641
Email: kim.holburn at anu.edu.au - PGP Public Key on request
Cacert Root Cert: http://www.cacert.org/index.php?id=16 ->
http://www.cacert.org/cacert.crt
Aust. Spam Act: To stop receiving mail from me: reply and let me know.
Democracy imposed from without is the severest form of tyranny.
-- Lloyd Biggle, Jr. Analog, Apr 1961
More information about the linux
mailing list