Date: Wed, 5 Dec 2001 14:40:17 -0200 From: "Ronan Lucio" <ronan@melim.com.br> To: <security@freebsd.org> Subject: Securty logs Message-ID: <02f601c17dab$85743670$2aa8a8c0@melim.com.br>
next in thread | raw e-mail | index | archive | help
Hi All, I have a doubt about the entries in the security log file. If I have icmp 8,0 denied for external computers, when someone pings, it create an entry in security log file: Dec 5 14:01:12 server /kernel: ipfw: 3000 Deny ICMP:8.0 62.211.157.214 255.255.255.255 in via fxp0 But if such computer give a flood attack, I think it will create the same entry. How can I identify if an entry in security log file was creted by simple ping or by a flood attack? Thank´s to all, Ronan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?02f601c17dab$85743670$2aa8a8c0>