I have an MRTG chart of what happened during the attack and have attached
it. Does anyone know why the bandwidth going OUT spiked up so high and just
cratered? Green is incoming, blue is outgoing.
Thanks,
Vibol Hou
-----Original Message-----
From: linux-kernel-owner@vger.kernel.org
[mailto:linux-kernel-owner@vger.kernel.org]On Behalf Of Vibol Hou
Sent: Friday, February 23, 2001 3:22 PM
To: Linux-Kernel
Subject: UDP attack? How to suppress kernel msgs?
Hi,
One of my servers running 2.4.1 was attacked earlier today. I have a strong
feeling it went down because the kernel was logging too many messages to
syslog. There's over 100,000 lines of the following in my syslog:
Feb 23 12:28:25 omega kernel: UDP: bad checksum. From 202.96.140.146:20567
to 21
6.115.239.40:113 ulen 1472
Feb 23 12:28:25 omega kernel: UDP: bad checksum. From 209.249.213.145:36338
to 2
16.115.239.40:113 ulen 1472
Feb 23 12:28:25 omega kernel: UDP: bad checksum. From 194.225.45.233:33762
to 21
6.115.239.40:113 ulen 1472
Feb 23 12:28:25 omega kernel: UDP: bad checksum. From 211.54.39.161:14958 to
216
.115.239.40:113 ulen 1472
Feb 23 12:28:25 omega kernel: UDP: bad checksum. From 202.96.140.167:3467 to
216
.115.239.40:113 ulen 1472
How do I suppress these types of messages from hogging up all the CPU?
Thanks,
Vibol Hou
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Feb 23 2001 - 21:00:32 EST
