| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <f6b59324-1417-566f-a976-ff2402718a8d@nerdbynature.de>
Date: Thu, 4 Jan 2024 11:55:44 +0100 (CET)
From: Christian Kujau <lists@...dbynature.de>
To: linux-kernel@...r.kernel.org
cc: netdev@...r.kernel.org, Dmitry Safonov <0x7f454c46@...il.com>,
Francesco Ruggeri <fruggeri@...sta.com>,
Salam Noureddine <noureddine@...sta.com>, Dmitry Safonov <dima@...sta.com>,
David Ahern <dsahern@...nel.org>
Subject: syslog spam: TCP segment has incorrect auth options set
Ever since commit 2717b5adea9e ("net/tcp: Add tcp_hash_fail() ratelimited
logs") the following is printed, in waves of small floods, to syslog:
kernel: TCP: TCP segment has incorrect auth options set for XX.20.239.12.54681->XX.XX.90.103.80 [S]
This host is connected to the open internet and serves as a small HTTP and
SSH login server, not much traffic is happening here. So I'd assume these
messages to be the result of random internet scans and/or fingerprinting
attempts or the like. While not really a concern, these messages are
flooding the dmesg buffer over time :-(
Is there a way to adjust the severity of these messages?
* In include/net/tcp.h this gets logged with tcp_hash_fail(), which is
* defined in include/net/tcp_ao.h and calls net_info_ratelimited(), which
* is in turn defined in include/linux/net.h and calls pr_info().
Can e.g. net_dbg_ratelimited be used instead?
Thanks,
Christian.
--
BOFH excuse #78:
Yes, yes, its called a design limitation
Powered by blists - more mailing lists