Linux : TCP Treason uncloaked

By | November 22, 2010

If you see those dmesg output message, this mean that someone is attacking your server. Probably by sending fragmented packets.

TCP: Treason uncloaked! Peer shrinks window
76154906:76154907. Repaired.

This may be avoid by manually blocking this IP in IPtables or if this is a DDoS attack, automated script may be used. See above (use with caution).

Short script:

Complex script: