Hi, On Wed, 22 Aug 2007 12:18:16 -0700 Grant <[EMAIL PROTECTED]> wrote:
> Sometimes I get "Treason uncloaked!" in dmesg when running bittorrent. > The solution here: > > http://www.linuxquestions.org/questions/showthread.php?t=127984 > > is: > > You'd best set iptables to block all packets from BOGON networks (nets > that shouldn't exist) so you can avoid this type of attack. You may > find a list of bogon nets here. Note: unallocated nets change from > time to time! Just in November IANA allocated two more blocks to RIPE, > so you really need to pay attention if you're blocking all bogon IPs. > > Which doesn't sound great. What would you guys recommend I do? I use > a Gentoo router. Hm, I don't think that those "attacks" (which do no harm to Linux systems since some 1.x version of the kernel -- the warning is a reminiscence) will always come from wrong nets. I have those occasionally on all my larger server installs and never really bothered about them. It usually means that the other side of the TCP connection reduced the window to zero size, thus leading stupid TCP stacks to save information on a basically starved connection. The kernel just sends an information to the log, so in case if you recognize the IP and are in charge of the sender, you'll know that it has a veeeeery broken TCP stack. Essentially: Just ignore it, if the sender IP doesn't belong to one of your own networks. -hwh -- [EMAIL PROTECTED] mailing list