[mirror-admin] Server DOS?
Scott Baker
bakers at canbytel.com
Fri Jul 31 13:34:39 EDT 2009
I think my server is being DOSd, or maybe it's another server on my
network. This isn't strictly mirror related, but there are a lot of
sysadmins on here maybe you can help.
I've port mirrored the port in question to another box so I can sniff the
traffic and see what's going on. Is there a simple way to see the "top
talker" so I can filter them out at the router level. If I tcpdump I get a
bajillion packets, so I'd need some software with some intelligence to
filter out how's sending the most packets (not bandwidth). iftop? iptraf?
I'm open to ideas.
Sorry if this is the wrong place for this, I'm running out of options.
--
Scott Baker - Canby Telcom
System Administrator - RHCE - 503.266.8253
--
More information about the Mirror-admin
mailing list