Michael Dillon writes:
>> Has anyone been resently attacked by massive flood pings??? We are
>> trying to locate any other ISP's or anyone else having the same problem.
>flooded by the replies. I'd just go to a few of your machines and do a
>netstat on them, then dump the data to a file and see if you can see where
>all the ICMP packets are coming from. When you find out, it's time to get
And just how do you identify the source of the ICMP packets when the source
address is forged?
Trace it back, painfully, hop by hop by hop.
I'm not sure what can be done to make this easier but I have a few ideas.
I have some too, but this isn't really the forum...