L. V. Lammert wrote:
On Sun, 6 Mar 2005, Bob Therina wrote:
Does anybody know if I can use Ethereal to get information about who's attacking my router with a ping of death attack? I already looked up the IP on ARIN whois and e-mailed the ISP with the log information. Is that all you can really do?
Simplest solution is to blacklist the IP in your router. Second best is to tarpit the IP.
Lee
================================================
Leland V. Lammert [EMAIL PROTECTED]
Chief Scientist Omnitec Corporation
Network/Internet Consultants www.omnitec.net
================================================
_______________________________________________
CWE-LUG mailing list
http://www.cwelug.org/ [email protected]
http://lists.firepipe.net/listinfo/cwe-lug
Thanks Lee,
I've blocked IP's before but, it just seems like a rather passive defense which doesn't do much to discourage that kind of behavior. I'll have to look into the tarpitting more. I checked it out a little and it looks interesting.
Another thing I'm wondering is that I always seem to get these attack messages during or just after using bit torrent. Could the messages be false alarms or, is it that some punk is picking it up with a sniffer or something?
Bob
_______________________________________________
CWE-LUG mailing list
http://www.cwelug.org/ [email protected]
http://lists.firepipe.net/listinfo/cwe-lug
