The security WG discussed this topic on Jan 17th 24.

The problem was discovered on the .NET server when a misconfigured http service keeps trying to open the server endpoint.
The message in the logs:
07:35:11.5838 info: OPC[0] TCPSERVERCHANNEL SOCKET ATTACHED: 0268589A, ChannelId=22
07:35:11.5838 fail: OPC[0] BadTcpMessageTooLarge: BufferSize=65535; MessageSize=1952804143
07:35:11.5840 fail: OPC[0] TCPSERVERCHANNEL ForceChannelFault Socket=0268589A, ChannelId=0, TokenId=0, Reason=BadTcpMessageTooLarge 'Messages size 1952804143 bytes is too large for buffer of size 65535.'
07:35:11.5840 info: OPC[0] ChannelId 22: in Faulted state.

In fact the connection was initiated by a http GET request: GET /metrics HTTP/1.1 where /met is interpreted as the message size.

The malicious connection was only identified by the bad buffer size and caused a channel fault. in the worst case the misconfigured service spams just the log files, but a malicious service could use the vector to cause some sort of DoS attack.

The conclusion of the discussion was to recommend to add a more sophisticated first packet inspection when the first hello/reverso hello message is parsed.
Also some means of reducing the overall log output if such a condition is detected, e.g. by logging only some statistical output once per minute as to how many connection attempts failed due to a faulted service connection.