Date: Thu, 06 Sep 2007 15:48:37 -0300 From: "Marc G. Fournier" <scrappy@freebsd.org> To: freebsd-net@freebsd.org Subject: DDoS attacks ... identifying destination ... Message-ID: <B619D4EFFD109A19C9A24EFC@ganymede.hub.org>
next in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Today, I got hit by an attack, but haven't been able to easily determine whom was being attacked ... I run ipaudit to monitor bandwidth usage, so I have 'source / destination' information, but I'm not finding any particularly easy way to narrow down whom was being attacked ... I run mrtg on the switch so that I know which *server* is being attacked, so I need some method of being able to see whom is being attacked so that I can put appropriate blocks in place ... Is there either a command line command, or ports tool, that I can use similar to top, or systat -iostat, that will help identify the IP that is being attacked? Thank you ... - ---- Marc G. Fournier Hub.Org Networking Services (http://www.hub.org) Email . scrappy@hub.org MSN . scrappy@hub.org Yahoo . yscrappy Skype: hub.org ICQ . 7615664 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) iD8DBQFG4EuF4QvfyHIvDvMRArtBAJ476WaXhFxzb5S+QRsJuFPQfs6SNgCePONi MCdrm9L85MBseHho0cGM6q8= =EfvZ -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B619D4EFFD109A19C9A24EFC>