"Terminating an idle connection after more than 10 minutes in
the FIN_WAIT_2 state violates the protocol specification, but
is practical. [...snip...] If the other process never closes its
end of the connection, our end can remain in the FIN_WAIT_2
forever. A counter should be maintained for the number of
connections terminated for this reason, to see how often this
occurs."
pete
On Mon, Apr 26, 1999 at 11:30:22PM +0100, Alex Buell wrote:
> There's a DoS attack going around on the net: this particular attack
> focuses on IDENT (port 113) and leaves sockets in CLOSE_WAIT state.
>
> Here's an example (from netstat -ntu)
>
> tcp 34 0 194.222.9.116:113 204.60.30.67:1386 CLOSE_WAIT
>
> Seems if there's data in the queue, the socket will never close.
> This is on 2.2.6.
>
> Someone else reported the same thing with 2.2.5, he had a socket in
> CLOSE_WAIT over 7 days!
>
> Cheers,
> Alex
> --
> "A mind opened by new ideas can never return to its original limits"
>
> http://www.tahallah.demon.co.uk
>
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.rutgers.edu
> Please read the FAQ at http://www.tux.org/lkml/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/