[3743] in linux-net channel archive
Re: TCP denial of service?
daemon@ATHENA.MIT.EDU (Troy S Muller)
Thu Jul 18 00:52:52 1996
Date: Tue, 16 Jul 1996 23:03:40 -0700
From: Troy S Muller <tmuller@agora.rdrop.com>
To: Jon Lewis <jlewis@inorganic5.fdt.net>
CC: Linux Net Mailing List <linux-net@vger.rutgers.edu>
Jon Lewis wrote:
>
> I just had a strange one on our mail mail/shell server. It runs Linux
> 2.0.4, sendmail 8.6.12, libc 4.7.6. Uptime was nearly 8 days. All of a
> sudden, incoming mail could no longer be accepted. Attempts to telnet to
> port 25 would get as far as:
> Trying 205.229.48.17...
> and hang.
>
> I looked at netstat -tn, and saw lots of connections to :25 in TIME_WAIT,
> and about 10 in SYN_RECV. The ones in SYN_RECV were from another server
> of ours on another backbone providers net...and the routing was out, so
> that address was unreachable. When the routing returned, the SYN_RECV's
> went away, and sendmail was able to receive connections again. Is it
> possible to increase the number of SYN_RECV's that can stack up before
> connections start to hang?
>
> ------------------------------------------------------------------
> Jon Lewis | Mime attachments are OK
> jlewis@inorganic5.fdt.net | But please ask before sending
> http://inorganic5.fdt.net | unsolicited huge files.
> ________Finger jlewis@inorganic5.fdt.net for PGP public key_______
Sounds to me like a network issue. If your router is out, no doubt you
can't do anything. You would have only be able to get to the system if
you are on its subnet.
Troy
