DDoS attacks ... identifying destination ...
Marc G. Fournier
scrappy at freebsd.org
Thu Sep 6 12:07:57 PDT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Today, I got hit by an attack, but haven't been able to easily determine whom
was being attacked ...
I run ipaudit to monitor bandwidth usage, so I have 'source / destination'
information, but I'm not finding any particularly easy way to narrow down whom
was being attacked ...
I run mrtg on the switch so that I know which *server* is being attacked, so I
need some method of being able to see whom is being attacked so that I can put
appropriate blocks in place ...
Is there either a command line command, or ports tool, that I can use similar
to top, or systat -iostat, that will help identify the IP that is being
attacked?
Thank you ...
- ----
Marc G. Fournier Hub.Org Networking Services (http://www.hub.org)
Email . scrappy at hub.org MSN . scrappy at hub.org
Yahoo . yscrappy Skype: hub.org ICQ . 7615664
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4 (FreeBSD)
iD8DBQFG4EuF4QvfyHIvDvMRArtBAJ476WaXhFxzb5S+QRsJuFPQfs6SNgCePONi
MCdrm9L85MBseHho0cGM6q8=
=EfvZ
-----END PGP SIGNATURE-----
More information about the freebsd-net
mailing list