[linux] asi DOS ako vypraznit IPstack?
Matus UHLAR - fantomas
uhlar na fantomas.sk
Středa Srpen 1 21:27:07 CEST 2007
On 01.08.07 16:09, Martin Mancuska wrote:
> blokovat icmp pakety?
preco rovno neblokovat IP pakety, pomoze to ovela intenzivnejsie ako len
ICMP.
Vies ty vobec kolko veci na internete nejde a kolko laguje "vdaka" ludom,
ktori "blokuju ICMP pakety"?
> peto wrote / napísal(a):
> > dmesg na desktope mi hlasi
> > "IPVS: incoming ICMP: failed checksum from 69..................!
> > IPVS: incoming ICMP: failed checksum from 69....................!
> > eth0: Too much work at interrupt, IntrStatus=0x0001.
> > eth0: Too much work at interrupt, IntrStatus=0x0001.
> > eth0: Too much work at interrupt, IntrStatus=0x0001.
> > eth0: Too much work at interrupt, IntrStatus=0x0001.
> > eth0: Too much work at interrupt, IntrStatus=0x0001."
> > (IP-cka su z range autralskeho provider-a)
dropni ich vo firewalle ale je dost mozne ze su fejknute...
> > Nepozeral som to tcpdump ale reakcia vyzrea na pokus o DOS utok.
> >
> > Lenze tie eth0 hlasenia nezminu an po ifconfig etho down;
> > a po ifconfig eth0 up sa objavuju opat...
> >
> > Nevie niekto ako to zastavit inak ako rebootom?
zhod interface na par minut...
ak to je nejaky utok, zrejme nebude rozdiel medzi zhodenim interfacu a
vypnutim stroja. ale mozno by stalo za pokus sledovat z inej masiny na sieti
ci niekto tvoju IP neprevezme...
--
Matus UHLAR - fantomas, uhlar na fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
BSE = Mad Cow Desease ... BSA = Mad Software Producents Desease
Další informace o konferenci linux