On 02/06/2017 03:16 PM, Robert Moskowitz wrote:
My server hung yesterday. I did not notice it; at this stage in the game, I should be much more aware...
I looked into /var/log/messages and my last entry was:
Feb 5 15:03:46 medon kernel: conntrack: generic helper won't handle protocol 47 . Please consider loading the specific helper module.
So I don't know if someone knocked me over with a GRE based attack, if the drive is bad, if the board is bad, or the OS has a problem.
So simple things to start with. I see an earlier GRE warning in messages:
Feb 5 03:29:49 medon kernel: conntrack: generic helper won't handle protocol 47. Please consider loading the specific helper module.
So it is probably not a stack problem with attacking GRE bots. BTW, is there some 'easy' way to just block these?
$IPTABLES -A INPUT -i $EXTERNAL_INTERFACE -p gre -j REJECT