Date: Wed, 6 Dec 2000 08:15:49 +0100 From: Sebastiaan van Erk <sebster@sebster.com> To: freebsd-security@freebsd.org Subject: rx list Message-ID: <20001206081549.A49341@sebster.com>
next in thread | raw e-mail | index | archive | help
Good morning everybody!! I have a question. Yesterday two production firewalls were (probably) attacked using a DoS attack. One of them is running 4.1.1-RELEASE, the other is running 3.4-STABLE. I get these kind of messages in the syslog of both machines. Dec 6 00:09:43 hobbes /kernel: Out of mbuf clusters - adjust NMBCLUSTERS or inc rease maxusers! Dec 6 00:09:43 hobbes /kernel: xl2: no memory for rx list -- packet dropped! Dec 6 00:09:43 hobbes /kernel: xl1: no memory for rx list -- packet dropped! I checked on the net, but it seems to suggest that systems after 3.2 and 4.0 should be safe. Also I don't see any patches. How likely is it that this is a DoS attack (note that we also get the message on the internal interface!)? And how do I go about fixing it? (I can increase maxusers and NMBCLUSTERS, but then how do I know it's not going to happen again?). Thanks in advance, Sebastiaan van Erk To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001206081549.A49341>