Re: [cobalt-security] get_hash_table+23/36

["Andres C." <anakinpc@xxxxxxxxxxx>]

No. We reboot server and have a lot of problem during boot.
Now is fixed, but we wanna know why this happen, and how prevent.
Thanks

----- Original Message -----
From: "Gerald Waugh" <gwaugh@xxxxxxxxxxxxxxxxxxxxxxx>
To: <cobalt-security@xxxxxxxxxxxxxxx>
Sent: Monday, December 23, 2002 12:18 PM
Subject: Re: [cobalt-security] get_hash_table+23/36


> On Mon, 23 Dec 2002, Andres C. wrote:
>
> > I've a problem with this.
> > Kernel goes dwon and logs show something like this.
> >
> > Dec 23 08:42:47 ns1 kernel: Stack: 000000c4 d5cec540 00059682 c0126013
> > 00000304 00405049 00000400 c0126de8
> > Dec 23 08:42:47 ns1 kernel:        00000304 00405049 00000400 00000000
> > d25fdef4 000000c4 d782b100 d782b100
> > Dec 23 08:42:47 ns1 kernel:        de0d1bc0 c46c2000 00000304 00000002
> > d5cec660 00000000 d5cec660 d5cec480
> > Dec 23 08:42:47 ns1 kernel: Call Trace: [get_hash_table+23/36]
> > [brw_page+332/924] [ext2_bmap+110/132] [generic_readpage+133/148]
> > [try_to_read_ahead+254/276] [do_generic_file_read+750/1508]
> > [generic_file_read+99/124]
> > Dec 23 08:42:47 ns1 kernel:        [file_read_actor+0/80]
[sys_read+174/196]
> > [system_call+52/56]
> > Dec 23 08:42:47 ns1 kernel: Code: 8b 00 39 6a 04 75 15 8b 4c 24 20 39 4a
08
> > 75 0c 66 39 7a 0c
> > Dec 23 10:03:52 ns1 kernel: possible SYN flooding on port 80. Sending
> > cookies.
>
> The syn flood came quite a while after the kernel log entries.
> I doubt that it is a dos attack.
>
> Does the problem persist?
>
> Gerald
> --
> http://frontstreetnetworks.com | http://raqware.com
> Front Street Networks LLC  | Phone: +1 203-785-0699
> 229 Front Street, Ste. C, New Haven, CT. 06513-3203
>
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security