Date: Sat, 15 Nov 1997 00:41:17 -0800 From: "alex huppenthal" <alex@comsys.com> To: "Ernie Elu" <ernie@spooky.eis.net.au>, <freebsd-isp@FreeBSD.ORG> Subject: Re: Traffic monitoring Message-ID: <01bcf1a2$3d472540$3a31cacc@neisse.comsys.com>
next in thread | raw e-mail | index | archive | help
I've seen children pinging broadcast addresses from a variety of sites. Welcome to the Internet ala CB Radio traffic from the 70s. Try >> tcpdump net 255 That'll give you a dump of the source. You might see some valid RIP messages occasionally, but if it is the trash I see periodically, it'll be something like 00:35:21.220035 den-co5-06.ix.netcom.com > 255.255.255.255: icmp: echo request 00:35:22.351393 den-co5-06.ix.netcom.com > 255.255.255.255: icmp: echo request 00:35:22.945241 den-co5-06.ix.netcom.com > 255.255.255.255: icmp: echo request --- pure pollution. We send the trash up the to the next link. There are many other approaches to locating the criminal. -----Original Message----- From: Ernie Elu <ernie@spooky.eis.net.au> To: freebsd-isp@FreeBSD.ORG <freebsd-isp@FreeBSD.ORG> Date: Saturday, November 15, 1997 12:31 AM Subject: Traffic monitoring >I am trying to monitor out internet traffic to figure out what is causing a >sudden increase over the last couple of days which Inoticed on an mrtg graph for >the router. > >I have tried trafshow but I can't pick anything odd from it. What I need is >something that will keep a running totals of traffic to each of the >addresses in our class-C's. > >Any suggestions? > >- Ernie. >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01bcf1a2$3d472540$3a31cacc>