Find the answer to your Linux question:
Results 1 to 5 of 5
In the /var/log/message log I am seeing UDP packets dropped because of bogus hlen. What exactly does this mean and is there a way to see what packets are being ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Mar 2008
    Posts
    26

    UDP Bogus Hlen


    In the /var/log/message log I am seeing UDP packets dropped because of bogus hlen. What exactly does this mean and is there a way to see what packets are being dropped and where the source was?

  2. #2
    Linux Guru anomie's Avatar
    Join Date
    Mar 2005
    Location
    Texas
    Posts
    1,692
    define: hlen - Google Search

    Can you post the exact message? You may or may not be able to identify the real source (can be spoofed).

  3. #3
    Just Joined!
    Join Date
    Mar 2008
    Posts
    26
    Quote Originally Posted by anomie View Post
    define: hlen - Google Search

    Can you post the exact message? You may or may not be able to identify the real source (can be spoofed).
    I believe the exact message is what I wrote along with a size which ranges from 35xxx to 65xxx. If I understand the google define correctly there is a bad source or destination address? How could this be possible?

  4. #4
    Linux Guru anomie's Avatar
    Join Date
    Mar 2005
    Location
    Texas
    Posts
    1,692
    Can you not copy/paste from the log?

    It's possible it is a crafted packet (i.e. someone trying to do something nasty).

  5. #5
    Just Joined!
    Join Date
    Mar 2008
    Posts
    26
    No, I can't copy and paste the log but tomorrow I will post one of the exact messages. It's not somebody purposly trying to do something nasty becaue its a closed lan.

    BTW how would you "craft" a packet?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •