From owner-freebsd-questions Fri May 3 16: 9: 8 2002 Delivered-To: freebsd-questions@freebsd.org Received: from topaz.mdcc.cx (topaz.mdcc.cx [212.204.230.141]) by hub.freebsd.org (Postfix) with ESMTP id 5234737B41A for ; Fri, 3 May 2002 16:09:04 -0700 (PDT) Received: from k7.mavetju.org (topaz.mdcc.cx [212.204.230.141]) by topaz.mdcc.cx (Postfix) with ESMTP id 099DE2B6CB; Sat, 4 May 2002 01:09:01 +0200 (CEST) Received: by k7.mavetju.org (Postfix, from userid 1001) id 91121215; Sat, 4 May 2002 09:08:57 +1000 (EST) Date: Sat, 4 May 2002 09:08:57 +1000 From: Edwin Groothuis To: Steven Lake Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Ping of death? Message-ID: <20020504090857.E56548@k7.mavetju.org> Mail-Followup-To: Edwin Groothuis , Steven Lake , freebsd-questions@FreeBSD.ORG References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: ; from raiden@shell.core.com on Fri, May 03, 2002 at 05:58:20PM -0500 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Fri, May 03, 2002 at 05:58:20PM -0500, Steven Lake wrote: > Does anyone have a way to monitor incoming traffic to find out if > you're being hit with a dos attack or should I ring telco again and have > them do a test on the T1 line to find the source? Try simple tools like tcpdump (tcpdump -ni ) and trafshow (/usr/ports/net/trafshow). At least it will tell you what is going on. Edwin -- Edwin Groothuis | Personal website: http://www.MavEtJu.org edwin@mavetju.org | Interested in MUDs? Visit Fatal Dimensions: bash$ :(){ :|:&};: | http://www.FatalDimensions.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message