Date: Tue, 16 Nov 1999 18:47:49 -0800 From: The Mad Scientist <madscientist@thegrid.net> To: freebsd-security@freebsd.org Subject: Tracing Spoofed Packets Message-ID: <4.1.19991116182120.0094d280@mail.thegrid.net>
next in thread | raw e-mail | index | archive | help
I doubt it, but is there ANY way to trace spoofed packets coming in from the Internet? I've been getting these packets showing up at my boarder router pretty regularly for the past few days now: Nov 15 19:47:43 wormhole /kernel: icmp-response bandwidth limit 284/100 ppsNov 15 19:57:06 wormhole /kernel: ipfw: 400 Deny ICMP:3.13 10.1.6.6 10.0.1.2 in via ed0 Nov 15 19:57:37 wormhole last message repeated 36 times Nov 15 19:59:38 wormhole last message repeated 175 times Nov 15 20:00:53 wormhole last message repeated 96 times This goes on for about two hours. The logs don't show anything else abnormal from what I can discern. I don't see any performance hit or bandwidth drop, so it doesn't really bother me. I'd just like to figure out what's going on. Thanks in advance, -Dean To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.1.19991116182120.0094d280>