From owner-freebsd-questions  Mon Jun 15 20:30:26 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id UAA21396
          for freebsd-questions-outgoing; Mon, 15 Jun 1998 20:30:26 -0700 (PDT)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id UAA21358
          for <freebsd-questions@freefall.cdrom.com>; Mon, 15 Jun 1998 20:30:09 -0700 (PDT)
          (envelope-from dwhite@gdi.uoregon.edu)
Received: from gdi.uoregon.edu (metriclient-2.uoregon.edu [128.223.172.2])
	by freefall.freebsd.org (8.8.8/8.8.5) with ESMTP id UAA22708
	for <freebsd-questions@freefall.cdrom.com>; Mon, 15 Jun 1998 20:29:12 -0700 (PDT)
Received: from localhost (dwhite@localhost)
          by gdi.uoregon.edu (8.8.8/8.8.8) with SMTP id UAA02607;
          Mon, 15 Jun 1998 20:29:47 -0700 (PDT)
          (envelope-from dwhite@gdi.uoregon.edu)
Date: Mon, 15 Jun 1998 20:29:47 -0700 (PDT)
From: Doug White <dwhite@gdi.uoregon.edu>
Reply-To: Doug White <dwhite@resnet.uoregon.edu>
To: Christoph Kukulies <kuku@gilberto.physik.RWTH-Aachen.DE>
cc: freebsd-questions@freefall.cdrom.com
Subject: Re: using tcpdump effectively
In-Reply-To: <199806151447.QAA29137@gilberto.physik.RWTH-Aachen.DE>
Message-ID: <Pine.BSF.3.96.980615202757.2150D-100000@gdi.uoregon.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Mon, 15 Jun 1998, Christoph Kukulies wrote:

> 
> To trace down why some network based X11 sessions are spuriously failing
> I' trying to use tcpdump.
> 
> What sporadically happens is that a X session to our Mentor Design Architect
> running on HP  is ceased and the connection breaks (we login via rlogin
> and start the X client with DISPLAY set to the FreeBSD machine.)
> 
> When the connection breaks we see something like 'no route to host' 

Most likely the client is loosing the network connection to the host,
either by damage to the routing tables on the client or on an intermediate
network device. Run a traceroute to the HP box when MDA crashes and see if
it fails anywhere.

> Could that be caused by denial of service attacks? What exactly is a denial
> of service attack? 

A denial of service attack (DoS) attempts to keep a machine from being
servicable by overwhelming it with requests or by disabling a server,
rending it useless.

Doug White                              | University of Oregon  
Internet:  dwhite@resnet.uoregon.edu    | Residence Networking Assistant
http://gladstone.uoregon.edu/~dwhite    | Computer Science Major
NOTICE:  Make sure your mailer replies to dwhite@resnet or I won't get it! 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message