LinuxQuestions.org
Visit Jeremy's Blog.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > SUSE / openSUSE
Reload this Page "syn flood attack" How do I investigate this?
User Name
Password
SUSE / openSUSE This Forum is for the discussion of Suse Linux.

Notices


Reply
  Search this Thread
Old 04-28-2005, 07:53 PM   #1
oily_rags
Member
 
Registered: Sep 2004
Posts: 128

Rep: Reputation: 15
"syn flood attack" How do I investigate this?

I have been reading many lines in my routers log saying "syn flood attack detected, packet dropped" No ip for the alleged attacker is displayed though. How do I know if this is a real attack and not a false positive, and more importantly, find out who is trying to attack me?
Does suse 9.3 contain any tools in it's firewall or elsewhere that can analize the traffic? Or are there programs I should download and install for this purpose? Thanks
 
Old 04-28-2005, 09:26 PM   #2
jonr
Senior Member
Contributing Member
 
Registered: Jan 2003
Location: Kansas City, Missouri, USA
Distribution: Ubuntu
Posts: 1,040

Rep: Reputation: 47
You might try a program called ethereal. It will capture your Internet traffic and give you very detailed information on what's going on. I used it to solve what I thought was an attack on my system. To my embarrassment I discovered it was a ping I had left running for something like forty-eight hours...

Ethereal will show you the IP address of the incoming traffic and you can go from there. Worth a try.
Last edited by jonr; 04-28-2005 at 09:29 PM.
 
Old 04-28-2005, 09:29 PM   #3
oily_rags
Member
 
Registered: Sep 2004
Posts: 128

Original Poster
Rep: Reputation: 15
cool thanks john I appreciate the info, i'll give ethereal a try, thanks!
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
SYN flood 98steve600 Linux - General 1 03-28-2005 03:27 AM
SYN flood with Game Empowerer Linux - Networking 3 07-25-2004 04:36 PM
Syn Flood Attack Detect synaptical Linux - Security 2 07-25-2004 01:48 PM
Can't SYN Flood a Linux jveron23 Linux - Security 3 10-06-2003 11:27 AM
Preventing local users from "text flooding" a terminal (DoS attack)... khermans Linux - Security 2 09-24-2003 07:56 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > SUSE / openSUSE

All times are GMT -5. The time now is 06:05 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration