similar to: kernel: possible SYN flooding on port 655. Sending cookies.

Hi *Problem *- I'm running Icecast in a VM container on OpenVZ. Syslog on the hardware node (HN) shows these error messages: Jan 23 18:43:05 HN kernel: [27469893.430615] possible SYN flooding on port 8000. Sending cookies. Jan 23 21:37:40 HN kernel: [27480362.817944] possible SYN flooding on port 8000. Sending cookies. Jan 23 23:43:50 HN kernel: [27487929.582025] possible SYN flooding on

Hello Maxim, did you send the pull request ? Please send an email to the list when you do thank you Saverio 2016-11-05 10:09 GMT+01:00 Saverio Proto <zioproto at gmail.com>: > Hello Maxim, > thanks for stepping in ! > > so, I am not even sure how it works for commit rights, because the > people I was in touch with now forked the project to LEDE. > > Also, I always

For tinc users on OpenWRT: https://dev.openwrt.org/changeset/29137 ciao :) Saverio

Saverio, it looks I'm using tinc on OpenWRT packaged by you) Thank you for it Is something there in that task, what is harder than https://wiki.openwrt.org/doc/devel/packages ? Anyway, I want to try On Thu, Nov 3, 2016 at 5:57 PM, Guus Sliepen <guus at tinc-vpn.org> wrote: > On Thu, Nov 03, 2016 at 03:43:42PM +0100, Saverio Proto wrote: > > > I am not using OpenWrt a

On 07/20/2018 03:56 AM, Leon Fauster via CentOS wrote: > Hi folks, > > I have here a database node running > > # rpm -qa | grep mysql-server > mysql55-mysql-server-5.5.52-1.el6.x86_64 > > on > > # virt-what > vmware > > > that seems to have a connection problem: > > # dmesg |grep SYN |tail -5 > possible SYN flooding on port 3306. Sending cookies.

I have just finished a patch to linux 2.0.29 that provides the SYN cookies protection against SYN flood attacks. You can grab it from my home page at: http://www.dna.lth.se/~erics/software/tcp-syncookies-patch-1.gz You can also follow the pointers from my home page (see the signature) to get a very short blurb about this patch. Quick synopsys: This implements the SYN cookie defense against SYN

Hi folks, I have here a database node running # rpm -qa | grep mysql-server mysql55-mysql-server-5.5.52-1.el6.x86_64 on # virt-what vmware that seems to have a connection problem: # dmesg |grep SYN |tail -5 possible SYN flooding on port 3306. Sending cookies. possible SYN flooding on port 3306. Sending cookies. possible SYN flooding on port 3306. Sending cookies. possible SYN flooding on

Hello, I'm upgrading to 1.0.14 I did some manual tricks in my Gentoo Portage because seems that upstream Gentoo did not update the portage yet, does anybody know how to Contact Gentoo Linux to have the package updated ? Question 1: I notice in my log file I had many entries like this with 1.0.13: 1307284053 tinc.ninux[15152]: Lost 251 packets from GREG1 (151.28.100.141 port 655)

> Am 20.07.2018 um 18:52 schrieb Nataraj <incoming-centos at rjl.com>: > > On 07/20/2018 03:56 AM, Leon Fauster via CentOS wrote: >> Hi folks, >> >> I have here a database node running >> >> # rpm -qa | grep mysql-server >> mysql55-mysql-server-5.5.52-1.el6.x86_64 >> >> on >> >> # virt-what >> vmware >>

> Currently, i have nodes with PMTUDiscovery =yes and ClampMSS = yes. Hello, these features were introduced in 1.0.13 correct ?? I also understand that the two settings are by default "yes" if not explictly set to "no" in the config file. what may happen if I have a network with mixed versions from 1.0.11 and 1.0.13, where the older daemons do not implement that feature

Anyone seen this problem? server Apr 16 14:34:28 nas1 kernel: [7506182.154332] TCP: TCP: Possible SYN flooding on port 49156. Sending cookies. Check SNMP counters. Apr 16 14:34:31 nas1 kernel: [7506185.142589] TCP: TCP: Possible SYN flooding on port 49157. Sending cookies. Check SNMP counters. Apr 16 14:34:53 nas1 kernel: [7506207.126193] TCP: TCP: Possible SYN flooding on port 49159. Sending

Hi, we are using Tinc in our Freifunk Network in Oldenburg for internode connections over the internet. So Tinc is running on OpenWrt 10.03 on Dlink Dir-300 Routers. We all have enough internet bandwith (1,6 MB/sec and more) but we only get a maximum speed of ~350KB/sec between two tinc nodes because then tinc uses 99% of the cpu. Is it possible to get more Speed with tinc on this machines?

I received this PR for the tinc package on OpenWrt. https://github.com/openwrt/packages/pull/7646/files Not sure if this is something that is better going upstream instead. Moreover, from a security point of view, is it okay to merge this patch ? thank you Saverio

Hello *, I've the following problem with dovecot 1.0.7: /var/log/messages shows | Dec 13 13:48:27 mailbox kernel: possible SYN flooding on port 143. Sending cookies. and /var/log/maillog shows (Please note: nearly the same time): | Dec 13 13:48:28 mailbox dovecot: pipe() failed: Too many open files This leads to an unresponsive mail service and requires a dovecot restart. What

Hello, to start could you tell us what version of OpenWrt are you using ? Is it a stable release ? and what version of tinc you are trying to install ? if it is just a problem with the tun/tap module, on OpenWrt you have not modprobe, so you should use insmod insmod tun Saverio

Hello, today I was trying to do something easy I did with openvpn before. I have a server, and a few clients will connect to the server and route their internet traffic into the tunnel. The server then makes NAT. To configure clients in OpenVPN there was this directive called: --redirect-gateway that basically (copy and paste from OpenVPN man): 1) Create a static route for the --remote address

Hi, Here is my goal. Can I do this with tinc? I have a mobile broadband card, and my machine runs a webserver, email server, and a public vcs. But I have four problems: 1. Port 25 is blocked so I have to use an elaborate convulsion to allow me to send mails. 2. It has a dynamic IP address so I have to use dynamic DNS. 3. There's no way for me to set up reverse DNS (that I know of). 4. They

Hello, Anyone on this list had successfully used tinc on planet lab [0] ? I'm trying to do it but I get some problems using the tap device tincd just keeps printing this error: Error while reading from Linux ethertap device /dev/net/tun: File descriptor in bad state I guess the problem is I cannot manage tun/tap devices on the planet lab nodes even if I am root :( Look at this: bash-3.2#

During Brandon Black presentation I heard that was developed a patch to prevent loss of UDP packets when tinc detects a replay attack. Is possible to have a look at that patch ? :) Saverio

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= CERT(sm) Advisory CA-96.21 Original issue date: September 19, 1996 Last revised: -- Topic: TCP SYN Flooding and IP Spoofing Attacks - ----------------------------------------------------------------------------- *** This advisory supersedes CA-95:01. *** Two