Re: Most up to date packet size distribution info

North American Network Operators Group

Re: Most up to date packet size distribution info

From: Petri Helenius
Date: Thu Dec 18 03:22:49 2003

Deepak Jain wrote:

Infected machines send up to 300pps per machine of ICMP packets which fall into
the 96 slot above. So in this example you probably have many of them.
Couldn't this also mean he is being probed/attacked by many as well?

Certainly but this high ratios are usually only attainable if you�re close to
the source of the traffic. Try to match the 96 packet size fraction to
the ICMP fraction you have. Obviously the next thing to check is
where the traffic is coming (if you�re interested enough to get rid of it)

Pete

References:
- Re: Most up to date packet size distribution info Hank Nussbacher
- Re: Most up to date packet size distribution info Petri Helenius
- Re: Most up to date packet size distribution info Deepak Jain

Prev by Date: Re: Most up to date packet size distribution info
Next by Date: OpenBSD + new bgpd (Fw: cvs.openbsd.org: src)
Date Index
Thread Index
Author Index
Historical