From owner-freebsd-questions  Thu Feb 28 11:24:53 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from mail.XtremeDev.com (xtremedev.com [216.241.38.65])
	by hub.freebsd.org (Postfix) with ESMTP id E3D7337B41A
	for <questions@freebsd.org>; Thu, 28 Feb 2002 11:24:51 -0800 (PST)
Received: from xtremedev.com (xtremedev.com [216.241.38.65])
	by mail.XtremeDev.com (Postfix) with ESMTP id B563470601
	for <questions@freebsd.org>; Thu, 28 Feb 2002 12:24:45 -0700 (MST)
Date: Thu, 28 Feb 2002 12:24:45 -0700 (MST)
From: FreeBSD user <freebsd@XtremeDev.com>
To: questions@freebsd.org
Subject: Network Statistics?
Message-ID: <20020228121942.F83104-100000@Amber.XtremeDev.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

After reading the recent posts on DRDoS and historical syn floods, I've
become interested in finding and displaying network statistics on my
FreeBSD machine. To start, netstat -nidb would only give me a little of
what I'm looking for. Specifically, I want to see info on incoming rates
of syn packets that has no corresponding ack packets to my syn/ack packets
(me being used as a reflector), etc. Is there an tools that would show
this to me? Has anyone setup something similar in FreeBSD with MRTG? If
so, can you share your config scripts on how to better detect this sort of
thing? Thanks in advance.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message