Re: ICMP attack
Well,
as for blocking it, there are new features in upcoming kernel releases...
(2.2) and I think there are some in the current version..(don't remember) that
will help with alot of these types of attacks.
as for finding out where it's coming from...that depends on what type of
attack it is....alot of attacks lie about their source information...but there
are some debian packages that allow for loging all traffic that touches your
machine.
courtney : checks for satan probes...(seems to do more than that though).
iplogger : logs everything. Any tcp/udp/icmp that is directed to your machine
is logged...
If you really want to know...install those...Other than that...don't piss anyone
off... :)
Ivan
Quoting AJ <artlu@intergrafix.net>:
> i got attacked by an ICMP type nuke i believe (all my ppp junk went
> crazy).. but i had no clue how to find out where it was coming from or
> how to block it..
> any help for the future?
> (no clue if it was an ICMP but im pretty sure);
>
> AJ
>
>
> --
> Unsubscribe? mail -s unsubscribe debian-user-request@lists.debian.org <
> /dev/null
>
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Ivan E. Moore II Rev. Krusty
http://www.tdyc.com rkrusty@tdyc.com
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Imagination is more important than knowledge - Albert Einstien
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Reply to: