Date: Fri, 26 Jan 2001 09:59:38 -0500 From: <mharding@marketnews.com> To: Will Mitayai Keeso Rowe <mit@mitayai.net> Cc: <freebsd-security@FreeBSD.ORG> Subject: Re: ICMP attacks Message-ID: <980521178.3a7190da7ba07@mail.marketnews.com> In-Reply-To: <NEBBIEGPMLMKDBMMICFNOEHBECAA.mit@mitayai.net> References: <NEBBIEGPMLMKDBMMICFNOEHBECAA.mit@mitayai.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Try using a Intrusion detection system. Snort works well for me. If this is just a port scan it will show a lot of different attack warnings as the different ports are hit, but it will show what IP is doing it. Mason Quoting Will Mitayai Keeso Rowe <mit@mitayai.net>: > > icmp-response bandwidth limit 205/200 pps > > icmp-response bandwidth limit 264/200 pps > > icmp-response bandwidth limit 269/200 pps > > icmp-response bandwidth limit 273/200 pps > > icmp-response bandwidth limit 273/200 pps > > icmp-response bandwidth limit 271/200 pps > > icmp-response bandwidth limit 261/200 pps > > icmp-response bandwidth limit 268/200 pps > > icmp-response bandwidth limit 205/200 pps > > icmp-response bandwidth limit 223/200 pps > > Is there any way to trace the people that are causing this? It's > becoming a > daily occurance and it's beginning to irritate me. > > -Mit > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?980521178.3a7190da7ba07>