From owner-freebsd-security Wed May 31 10:45:16 2000 Delivered-To: freebsd-security@freebsd.org Received: from shell.telemere.net (shell.telemere.net [63.224.9.3]) by hub.freebsd.org (Postfix) with ESMTP id A64E237BE54 for ; Wed, 31 May 2000 10:45:12 -0700 (PDT) (envelope-from visigoth@telemere.net) Received: by shell.telemere.net (Postfix, from userid 1001) id 392AC70601; Wed, 31 May 2000 12:45:03 -0500 (CDT) Received: from localhost (localhost [127.0.0.1]) by shell.telemere.net (Postfix) with ESMTP id 34BED6C801; Wed, 31 May 2000 12:45:03 -0500 (CDT) Date: Wed, 31 May 2000 12:44:58 -0500 (CDT) From: Visigoth To: Mitch Collinsworth Cc: freebsd-security@freebsd.org, mkc@larryboy.graphics.cornell.edu Subject: Re: icmp-response bandwidth limit In-Reply-To: <200005311729.NAA17118@larryboy.graphics.cornell.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This type of kernel message generally denotes one of two things, neither of which are usually nice. icmp-response bandwidth limiting is built into the kernel to lessen the effects of a ping flood, and are often the result of being flooded, but I have also noticed that message due to scans such as nmap. Either way, something happened that you will probably want to know about... I might recomend installing ipfilter and logging all traffic except your known/public services (and maybe even some of those ;). Visigoth Damieon Stark Sr. Unix Systems Administrator visigoth@telemere.net PGP Public Key: www.telemere.net/~visigoth/visigoth.asc ____________________________________________________________________________ | M$ -Where do you want to go today? | Linux -Where do you want to go tomorrow?| FreeBSD - The POWER to serve Freebsd -Are you guys comming or what? | http://www.freebsd.org | | - ---------------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use Charset: noconv iQA/AwUBOTVBjznmC/+RTnGeEQK/ZgCaA49njCV3Mn0QmzzjViG7s9PUygUAoM6Y jXN3p6dfTQJ4ieOpCN2YwB1i =xWXK -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message