[clug] Blocking wierd packets...

Kim Holburn kim.holburn at anu.edu.au
Wed Aug 4 06:20:12 GMT 2004

Yeah, I have rule that does that.


probably a good idea.

On 2004 Aug 4, , at 1:12 PM, Martijn van Oosterhout wrote:

> My firewall is dropping whacky packets looking like:
> ip_conntrack_tcp: INVALID: Out of window data; SEQ is over the upper 
> bound (over the window of the receiver)
> ip_conntrack_tcp: INVALID: invalid TCP flag combination
> ip_conntrack_tcp: INVALID: bad TCP checksum
> Should I worry about this? Seems to me dropping them is a pretty safe
> thing to do in any case... Maybe the latest virus?
> -- 
> Martijn van Oosterhout   <kleptog at svana.org>   
> http://svana.org/kleptog/
>> Patent. n. Genius is 5% inspiration and 95% perspiration. A patent is 
>> a
>> tool for doing 5% of the work and then sitting around waiting for 
>> someone
>> else to do the other 95% so you can sue them.
> -- 
> linux mailing list
> linux at lists.samba.org
> http://lists.samba.org/mailman/listinfo/linux
Kim Holburn
IT Manager, Canberra Research Laboratory
National Information and Communication Technology Australia
Ph: +61 2 61258620 M: +61 417820641
Email: kim.holburn at anu.edu.au  - PGP Public Key on request
Cacert Root Cert: http://www.cacert.org/index.php?id=16 -> 
Aust. Spam Act: To stop receiving mail from me: reply and let me know.

Democracy imposed from without is the severest form of tyranny.
                           -- Lloyd Biggle, Jr. Analog, Apr 1961

More information about the linux mailing list