lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date:	Thu, 8 Jan 2009 11:47:46 +0800
From:	"Wang Xu" <gnawux@...il.com>
To:	linux-kernel@...r.kernel.org
Subject: "Treason uncloaked" issue of TCP

Hello,

We have a cluster with around 200 nodes, and all of them are installed
with CentOS 5.2/2.6.18-92.el5 kernel.
And we found many dmesg log as follows:
 | TCP: Treason uncloaked! Peer 192.168.33.182:55510/60222 shrinks
window 977590224:977590304. Repaired.
 | TCP: Treason uncloaked! Peer 192.168.33.185:55510/49646 shrinks
window 2483808366:2483808382. Repaired.
 | TCP: Treason uncloaked! Peer 192.168.33.133:51316/51560 shrinks
window 236559458:236559498. Repaired.
 | TCP: Treason uncloaked! Peer 192.168.33.115:55510/53342 shrinks
window 3977841758:3977841854. Repaired.

I searched from the web but cannot get any idea:
 * its a cluster in lab, no WAN access and only with internal
communication, thus it shouldn't be something like attack.
 * all of them are linux (red hat/centos kernel), hence it must not be
other buggy stack
 * I have checked the source, and it have already with the patch
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2ad41065d9fe518759b695fc2640cf9c07261dd2

Does anyone have some suggestion? And if you need any more
information, I can provide it.

Thank you!

-- 
Wang Xu
Timothy Leary  - "Women who seek to be equal with men lack ambition."
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists