求教如何解决TCP: Treason uncloaked! 错误...web服务器每天都有很多这样的记录...
45 views
Skip to first unread message
xifan
Nov 10, 2008, 10:09:48 PM11/10/08
to linux-kernel
使用dmesg 查看会发现很多这样的记录...
查过资料是tar-pit攻击相关. 收缩了TCP window size, 需要如何来解决..
我发现很多ip并不是攻击ip怎么内核还是会判断呢...根治的方式有哪些...重构内核?
TCP: Treason uncloaked! Peer 123.125.9.57:54437/80 shrinks window 3607450224:3607458416. Repaired.
TCP: Treason uncloaked! Peer 123.125.9.57:54437/80 shrinks window 3607450224:3607458416. Repaired.
TCP: Treason uncloaked! Peer 123.125.9.50:33209/80 shrinks window 1971687226:1971689986. Repaired.
TCP: Treason uncloaked! Peer 123.125.9.50:33209/80 shrinks window 1971687226:1971689986. Repaired.
TCP: Treason uncloaked! Peer 123.125.9.50:33850/80 shrinks window 2134769508:2134770888. Repaired.
TCP: Treason uncloaked! Peer 123.125.9.50:33850/80 shrinks window 2134769508:2134770888. Repaired.
TCP: Treason uncloaked! Peer 123.125.9.50:37161/80 shrinks window 2921996461:2921999221. Repaired.
TCP: Treason uncloaked! Peer 123.125.9.50:37161/80 shrinks window 2921996461:2921999221. Repaired.
TCP: Treason uncloaked! Peer 123.125.9.50:39016/80 shrinks window 3150753749:3150755129. Repaired.
TCP: Treason uncloaked! Peer 123.125.9.50:39016/80 shrinks window 3150753749:3150755129. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.136:26766/80 shrinks window 4257840418:4257843234. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.136:26766/80 shrinks window 4258253348:4258256164. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.136:26766/80 shrinks window 4258484395:4258488619. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.136:26766/80 shrinks window 4258577847:4258579255. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.136:26766/80 shrinks window 4258651063:4258655287. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.132:17350/80 shrinks window 705947092:705951316. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.131:25713/80 shrinks window 3075916059:3075918875. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.132:45365/80 shrinks window 3200876473:3200877640. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.132:45365/80 shrinks window 3201422999:3201424407. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.132:45365/80 shrinks window 3202363919:3202365327. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.132:45365/80 shrinks window 3203422881:3203424289. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.132:34047/80 shrinks window 3682423604:3682437300. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.132:1111/80 shrinks window 3689280317:3689281725. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.132:1111/80 shrinks window 3689354941:3689360573. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.132:1111/80 shrinks window 3689653437:3689657661. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.132:1111/80 shrinks window 3689718205:3689719613. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.132:1111/80 shrinks window 3689766077:3689767485. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.134:53100/80 shrinks window 3474006647:3474008055. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.134:53100/80 shrinks window 3474136183:3474137591. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.134:21208/80 shrinks window 3425631934:3425633342. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.134:53100/80 shrinks window 3474362871:3474364279. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.134:53100/80 shrinks window 3474608631:3474612855. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.134:53100/80 shrinks window 3474767735:3474769143. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.134:21208/80 shrinks window 3426561982:3426563390. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.134:21208/80 shrinks window 3427142590:3427143998. Repaired.
2008-11-11
xifan
_______________________________________________
Linux 内核开发中文邮件列表
Linux-...@zh-kernel.org
http://zh-kernel.org/mailman/listinfo/linux-kernel
Linux 内核开发中文社区: http://zh-kernel.org
查过资料是tar-pit攻击相关. 收缩了TCP window size, 需要如何来解决..
我发现很多ip并不是攻击ip怎么内核还是会判断呢...根治的方式有哪些...重构内核?
TCP: Treason uncloaked! Peer 123.125.9.57:54437/80 shrinks window 3607450224:3607458416. Repaired.
TCP: Treason uncloaked! Peer 123.125.9.57:54437/80 shrinks window 3607450224:3607458416. Repaired.
TCP: Treason uncloaked! Peer 123.125.9.50:33209/80 shrinks window 1971687226:1971689986. Repaired.
TCP: Treason uncloaked! Peer 123.125.9.50:33209/80 shrinks window 1971687226:1971689986. Repaired.
TCP: Treason uncloaked! Peer 123.125.9.50:33850/80 shrinks window 2134769508:2134770888. Repaired.
TCP: Treason uncloaked! Peer 123.125.9.50:33850/80 shrinks window 2134769508:2134770888. Repaired.
TCP: Treason uncloaked! Peer 123.125.9.50:37161/80 shrinks window 2921996461:2921999221. Repaired.
TCP: Treason uncloaked! Peer 123.125.9.50:37161/80 shrinks window 2921996461:2921999221. Repaired.
TCP: Treason uncloaked! Peer 123.125.9.50:39016/80 shrinks window 3150753749:3150755129. Repaired.
TCP: Treason uncloaked! Peer 123.125.9.50:39016/80 shrinks window 3150753749:3150755129. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.136:26766/80 shrinks window 4257840418:4257843234. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.136:26766/80 shrinks window 4258253348:4258256164. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.136:26766/80 shrinks window 4258484395:4258488619. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.136:26766/80 shrinks window 4258577847:4258579255. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.136:26766/80 shrinks window 4258651063:4258655287. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.132:17350/80 shrinks window 705947092:705951316. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.131:25713/80 shrinks window 3075916059:3075918875. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.132:45365/80 shrinks window 3200876473:3200877640. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.132:45365/80 shrinks window 3201422999:3201424407. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.132:45365/80 shrinks window 3202363919:3202365327. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.132:45365/80 shrinks window 3203422881:3203424289. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.132:34047/80 shrinks window 3682423604:3682437300. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.132:1111/80 shrinks window 3689280317:3689281725. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.132:1111/80 shrinks window 3689354941:3689360573. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.132:1111/80 shrinks window 3689653437:3689657661. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.132:1111/80 shrinks window 3689718205:3689719613. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.132:1111/80 shrinks window 3689766077:3689767485. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.134:53100/80 shrinks window 3474006647:3474008055. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.134:53100/80 shrinks window 3474136183:3474137591. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.134:21208/80 shrinks window 3425631934:3425633342. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.134:53100/80 shrinks window 3474362871:3474364279. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.134:53100/80 shrinks window 3474608631:3474612855. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.134:53100/80 shrinks window 3474767735:3474769143. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.134:21208/80 shrinks window 3426561982:3426563390. Repaired.
TCP: Treason uncloaked! Peer 60.28.138.134:21208/80 shrinks window 3427142590:3427143998. Repaired.
2008-11-11
xifan
_______________________________________________
Linux 内核开发中文邮件列表
Linux-...@zh-kernel.org
http://zh-kernel.org/mailman/listinfo/linux-kernel
Linux 内核开发中文社区: http://zh-kernel.org
xifan
Nov 13, 2008, 7:56:34 PM11/13/08
to Sherlock, linux-...@zh-kernel.org
恩我使用的是redhat centos 系列的操作系统...
一般这情况是阶段性出现...
2008-11-14
xifan
发件人: Sherlock
发送时间: 2008-11-13 14:51:34
收件人: xifan
抄送:
主题: Re: 求教如何解决TCP: Treason uncloaked! 错误...web服务器每天都有很多这样的记录...
这些只不过是些log而已,并不能表示这些IP是针对你server做的攻击
有的时候是client 中刀后发送特殊的数据包,不知道你用的是哪个distrobution
如果是Redhat或者是Centos的话,问题不大。其他distro就不清楚了
2008/11/11 xifan <xi...@hoopchina.com>
==========
InitX
==========
Reply all
Reply to author
Forward
0 new messages