What's this mean?

Bill Moran wmoran at potentialtech.com
Sun Jun 29 06:58:27 PDT 2003

budsz wrote:
> On Sat, Jun 28, 2003 at 02:36:28PM -0400, Bill Moran wrote:
>>in_chksum is a routine that validates the checksum of recieved network data.
>>As far as I can tell from the code, that error means that the packet of data
>>was three bytes shorter than it should have been.  One way or the other it's
>>a network problem.  Could be crappy NIC or other hardware.  Could be some 
>>of attack using invalid packets.  I'm not familiar enough with that corner 
>>the code to say for sure.
>>Is this happening frequently?  If you only saw the message once, you can
>>probably ignore it as a network glitch, but if it's showing up often, you'd
>>do well to track down the source and fix it.
> Thanks Bill for explanation. I assume if I under attack with invalid
> packet of data maybe you've any advice to prevent this problem?.

I'm guessing the problem is continuous.

Start monitoring your network traffic with tcpdump or ethereal or whatever
seems easiest for you.  Search the Internet for information on short packet
attacks or anything else that seems to be similar to your problem.  Lock
down your firewall rules in general.

As I said before, I'm not expert enough to give you any specific advice on
this particular issue, but standard security techniques still apply.

Bill Moran
Potential Technologies

More information about the freebsd-questions mailing list