Date: Fri, 22 Nov 1996 00:20:42 -0800 (PST) From: Veggy Vinny <richardc@CSUA.Berkeley.EDU> To: Jim Riffle <jriffle@ns.kconline.com> Cc: isp@FreeBSD.ORG Subject: Re: ICMP Ping Flood tracing Message-ID: <Pine.PTX.3.95.961122001904.6675u-100000@soda.CSUA.Berkeley.EDU> In-Reply-To: <Pine.BSI.3.95.961122012316.742A-100000@ns.kconline.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 22 Nov 1996, Jim Riffle wrote: > On Thu, 21 Nov 1996, Veggy Vinny wrote: > > > Is there anyway to trace ICMP Ping Floods to see where the source > > machine is that is flooding your machine? Thanks. > > Yes, there is. I don't know how to tell after the fact, but during it, > you can tell when it is coming from. Really? I tried netstat and can't find any ip addresses or hostnames. > You will want to add "pseudo-device bpfilter 4" into your kernel > configuration file, then config, compile, and reboot. Okay... > After you have that running in your kernel, you can use the tcpdump > program to show what is going over your network. Or better yet, you can > get trafshow from the ports tree and run that. Sounds good, is there any way to also limit ping's to 64 bytes and not larger than that? Vince GaiaNet Corporation - Unix Networking Operations - GUS Mailing Lists Admin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.PTX.3.95.961122001904.6675u-100000>