Date: Thu, 2 Nov 2000 18:36:11 -0600 (CST) From: Mike Silbersack <silby@silby.com> To: Buliwyf McGraw <buliwyf@libertad.univalle.edu.co> Cc: security@FreeBSD.ORG Subject: Re: DOS attack II Message-ID: <Pine.BSF.4.21.0011021834350.32075-100000@achilles.silby.com> In-Reply-To: <Pine.BSF.4.21.0011021753550.20146-100000@libertad.univalle.edu.co>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 2 Nov 2000, Buliwyf McGraw wrote: > > What is the source of the squid connections? > > All my intranet (only) do the requests. Internet give us the answers. > > The next time, when the problems come back, i gonna use tcpdump to check > what is coming to the interface... i will use ttt to see what is the > protocol with more load in the segment... and then i expect get > something about the problem. > > Thanks for Any coment... Hm. How is the access controlled? Is it possible that squid is still listening on the external IP, and only dropping the connections after they are established? Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0011021834350.32075-100000>