Re: [2.0.x/2.1.x] Lots of ICMP error msgs

Chris Evans (
Tue, 30 Sep 1997 11:08:58 +0100 (BST)

On Tue, 30 Sep 1997, Aaron Tiensivu wrote:

> Does an alarming amount of "ICMP: failed checksum from"
> necessarily tip off an attempted DoS attack? Are these normal? Should I get
> this message a few times, and then other times a lot?
> I think some ruthless Quake players are trying to take down the server by doing
> such a thing..

I've seen two different Linux boxes die horribly (hang) in the past. Last
thing logged: _huge_ amounts of ICMP failed checksums. Kernels were 1.2.13
and 2.0.x respectively.

I notice in a recent vger davem snapshot there were some fixes relating to
proper ICMP size checking upon bad packets. Is this related..????

I've been wondering about this for some time.