nanog mailing list archives
Re: Most up to date packet size distribution info
From: Petri Helenius <pete () he iki fi>
Date: Thu, 18 Dec 2003 10:19:49 +0200
Deepak Jain wrote:
Certainly but this high ratios are usually only attainable if you´re close toInfected machines send up to 300pps per machine of ICMP packets which fall intothe 96 slot above. So in this example you probably have many of them.Couldn't this also mean he is being probed/attacked by many as well?
the source of the traffic. Try to match the 96 packet size fraction to the ICMP fraction you have. Obviously the next thing to check is where the traffic is coming (if you´re interested enough to get rid of it) Pete
Current thread:
- Most up to date packet size distribution info Rob Healey (Dec 17)
- Re: Most up to date packet size distribution info Jeff Kell (Dec 17)
- Re: Most up to date packet size distribution info Jared Mauch (Dec 17)
- Re: Most up to date packet size distribution info Robert Boyle (Dec 17)
- Re: Most up to date packet size distribution info Randy Bush (Dec 17)
- Re: Most up to date packet size distribution info Jared Mauch (Dec 17)
- Re: Most up to date packet size distribution info Hank Nussbacher (Dec 17)
- Re: Most up to date packet size distribution info Petri Helenius (Dec 17)
- Re: Most up to date packet size distribution info Deepak Jain (Dec 17)
- Re: Most up to date packet size distribution info Petri Helenius (Dec 18)
- Re: Most up to date packet size distribution info Christopher L. Morrow (Dec 18)
- Re: Most up to date packet size distribution info Jeff Kell (Dec 17)