ICMP Attacks???????
Perry E. Metzger
perry at piermont.com
Fri Aug 15 17:42:31 UTC 1997
Michael Dillon writes:
> >> Has anyone been resently attacked by massive flood pings?????? We are
> >> trying to locate any other ISP's or anyone else having the same problem.
>
> >flooded by the replies. I'd just go to a few of your machines and do a
> >netstat on them, then dump the data to a file and see if you can see where
> >all the ICMP packets are coming from. When you find out, it's time to get
>
> And just how do you identify the source of the ICMP packets when the source
> address is forged?
Trace it back, painfully, hop by hop by hop.
> I'm not sure what can be done to make this easier but I have a few ideas.
I have some too, but this isn't really the forum...
Perry
More information about the NANOG
mailing list