I've seen it a couple of times:
/var/log/messages-20121111:Nov 10 21:35:17 bob dhclient[1114]: parse_option_buffer: malformed option dhcp.<unknown> (code 105): option length exceeds option buffer length. /var/log/messages-20121118:Nov 16 22:02:35 bob dhclient[1114]: parse_option_buffer: malformed option dhcp.slp-service-scope (code 79): option length exceeds option buffer length. /var/log/messages-20121125:Nov 21 22:48:13 bob dhclient[1114]: parse_option_buffer: malformed option dhcp.slp-service-scope (code 79): option length exceeds option buffer length.
I'm on 24.77.240.0/22
Sean
On Wed, Dec 5, 2012 at 6:51 AM, Trevor Cordes trevor@tecnopolis.ca wrote:
Starting Nov 29 04:16:10 I start seeing a new error in my /v/l/messages from dhclient (the DHCP client for my Shaw internet connection):
Nov 29 04:16:10 pog dhclient[1271]: parse_option_buffer: malformed option dhcp.fqdn (code 81): option length exceeds option buffer length.
And it repeats every 30-39s for hours, then sometimes stops for a while. Sometimes skips a day but then starts up again.
Is someone trying a known DHCP buffer overflow attack on my Shaw segment or is this something legit that Shaw is passing out that linux doesn't understand? I know what fqdn means, though why it should exceed buffer limits is beyond me.
Can others check their logs and see if they're getting this too?
There was 1 other weird dhclient error before this started: Nov 27 06:52:55 pog dhclient[1271]: parse_option_buffer: malformed option dhcp.uap-servers (code 98): option length exceeds option buffer length. _______________________________________________ Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable