From owner-freebsd-questions Fri May 3 15:58:25 2002 Delivered-To: freebsd-questions@freebsd.org Received: from out4.mx.nwbl.wi.voyager.net (out4.mx.nwbl.wi.voyager.net [169.207.1.77]) by hub.freebsd.org (Postfix) with ESMTP id 7377737B41B for ; Fri, 3 May 2002 15:58:21 -0700 (PDT) Received: from shell.core.com (shell.core.com [169.207.1.89]) by out4.mx.nwbl.wi.voyager.net (8.12.3/8.11.4/1.7) with ESMTP id g43MwLTN011514 for ; Fri, 3 May 2002 17:58:21 -0500 Received: from localhost (raiden@localhost) by shell.core.com (8.11.6/8.11.6/1.3) with ESMTP id g43MwKQ09135 for ; Fri, 3 May 2002 17:58:20 -0500 (CDT) Date: Fri, 3 May 2002 17:58:20 -0500 (CDT) From: Steven Lake X-X-Sender: raiden@shell.core.com To: freebsd-questions@FreeBSD.ORG Subject: Ping of death? Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I've got one box that's got absolutely horrible access speed to the net but it's on a T1 line and no other machine is sharing the line. Telco has tested the line and sees nothing wrong but were unable to do a bandwidth or data test to see if it's just traffic or not. The line should be pushing the full 1.544mbps, but I'm barely able to scrape 30k out of it. Any machine that connects to it goes through the roof on the processor useage and dogs out. So I'm suspect of a possible ping of death, but I wanted to rule out the local equipment first. But since anything connecting to it to test this is gagged it's impossible to do any tests. Does anyone have a way to monitor incoming traffic to find out if you're being hit with a dos attack or should I ring telco again and have them do a test on the T1 line to find the source? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message