i'm running several tcp/ip servers on two 2.0.36 boxes, and found the
following in this
morning logs (on each server and makes me think its a hack attempt):
- Accepting client from 1.0.0.0
This means a connection has been successfully accept()'ed, from 1.0.0.0
(server does an sprintf of
inet_ntoa on accepted ip) which is as far as i know an invalid internet
address.
Servers are up and running correctly since few months and i dont beleive
this is a bug.
How is it possible for someone to *establish* a connection with a fake
adress? i know packets can be
sent pretending to be someone else, but i thought that all tcp sequence
stuf would make this impossible
(note i had more then ten such logs, thus more then ten successfull
connects, on three different server
process')
Any comments would be highly appreciated,
Thanx,
-- Vedad Kajtaz
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/