Date: Sat, 4 May 2002 03:59:25 +0100 From: Daniel Bye <dan@slightlystrange.org> To: freebsd-questions@FreeBSD.ORG Subject: Re: Ping of death? Message-ID: <20020504025925.GB5805@icarus.slightlystrange.org> In-Reply-To: <Pine.GSO.4.44L0.0205031752280.8080-100000@shell.core.com> References: <Pine.GSO.4.44L0.0205031752280.8080-100000@shell.core.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, May 03, 2002 at 05:58:20PM -0500, Steven Lake wrote: > I've got one box that's got absolutely horrible access speed to > the net but it's on a T1 line and no other machine is sharing the line. > Telco has tested the line and sees nothing wrong but were unable to do a > bandwidth or data test to see if it's just traffic or not. > > The line should be pushing the full 1.544mbps, but I'm barely able > to scrape 30k out of it. Any machine that connects to it goes through the > roof on the processor useage and dogs out. So I'm suspect of a possible > ping of death, but I wanted to rule out the local equipment first. But > since anything connecting to it to test this is gagged it's impossible to > do any tests. > > Does anyone have a way to monitor incoming traffic to find out if > you're being hit with a dos attack or should I ring telco again and have > them do a test on the T1 line to find the source? Check out iplog in /usr/ports/net. tcpdump *may* be useful too. Dan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020504025925.GB5805>