[Prev][Next][Index][Thread]

Re: Kernel panic , unable to mount puppy



On Wed, 25 Dec 1996, PuPPy wrote:

> another thing is, How do I trace my status?(when on the net), packets going
> in/out.
> I am looking for a good net monitor to do that.

PuPPy ;) You -can- use your name here, just like I do :)
There's a very useful utility called tcpdump. It allows you to monitor any
interface down to the physical level and see everything that's going in on
out.. you can place script-filters or whatever on it - that thing is GOOD.

I got the Linux port from somewhere on 
ftp.funet.fi /pub/Linux/PEOPLE/Linus ...

But I guess some version or another is present on sunsite as well.

> Last thingo, can I use the power given me by linux to protect my self from
> those sticky "ICMP" floods?(I am connected via a modem), or at least know
> where it came from?

If you know a bit of C, you can modify your kernel to discard incoming
ICMP echo messages (it's a matter of commenting out a couple of lines).

A slower solution is to recompile your kernel with IP firewalling and to
use the internal firewall to cut out ICMP echos. 

Knowing where it came from is also a matter of ten lines of C code.. there
are utils already done for that purpose, such as icmpinfo.
Ofcourse, nowadays that won't help as programs that spoof the sender
addresses have spread to the hands of people who actually use ICMP
bombing.

-- Dudu

------------------------------------------------------------------------------
crisk@netvision.net.il                                         HAIFA, ISRAEL
crisk@kgb.has.stolen.my.cox.org                              "I code for cash"
------------------------------------------------------------------------------
Sexually tilted quote from STAR WARS:
  4. Sorry about the mess...



References: