Denial of service
Andy Green
andy at warmcat.com
Thu Oct 4 14:09:00 UTC 2007
Somebody in the thread at some point said:
> So I turned off sshd but that didn't stop the problem. I am getting hit
> several times a second by someone. I would sure like to at least know
> the IP they are from.
tcpdump -i eth0
will give you an overview of what is happening on your network interface
(change eth0 to whichever interface it actually is).
If the DNS lookups are distracting, you can do
tcpdump -i eth0 -n
to just get IP addresses. Paste a few lines of the results here if it
didn't make any sense.
-Andy
More information about the users
mailing list