fter narrowing this down last night and proving it is a issue focused on linux and passive fingerprinting
Here is the info you all need to review to understand what they are doing and why, perhaps some windows 10 users have similar ‘strange out of spec’ packets. (perhaps they ran some network customization tools?)
Please review an external PDF paper from SFU university here on this topic:
SFU article on DDOS and packet fingerprinting (TTL is #1 stealth method) => journals.sfu.ca/apan/index.php/apan/article/download/14/5
UPDATE: just noticed others are modding their TTL in windows, so this confirms they are doing passive packet inspection and looking for abnormal (what they feel is abnormal anways) data in the packets