Re: Neighbor table overflow. Virus?
- From: Rick Moen <rick@xxxxxxxxxxxxxx>
- Date: Mon, 23 Jan 2006 16:46:07 -0500
nsa.usa@xxxxxxxxx <nsa.usa@xxxxxxxxx> wrote:
> ha ha. yes, except in this case I'm the only one with root privileges
> and /etc/hosts is fine and incidently the loopback is also fine.
> When I kicked off the user dialling-in, the problem immediately
> disapeared. The user logged back on and the problem returned, I kicked
> him off again (and suspended his account) and the problem was resolved
> once more.
> So it's definently because of this (and others) dialup user.
>
> But I need protection against this. In this case its a virus/malware
> (which is bad enough) but someone can also use this as a DoS attack....
People tend to leap to the "malware" conclusion at the jump of a hat,
when what they really mean is "The system is doing something strange
that I don't understand."
If it were really malware, you wouldn't see the errors go away the
moment the user's dial-in session ceased.
I don't really have enough data to work from, but you might consider
checking the logfiles and configuration of/concerning the PPP daemon,
for clues.
.
- Follow-Ups:
- Re: Neighbor table overflow. Virus?
- From: nsa.usa@xxxxxxxxx
- Re: Neighbor table overflow. Virus?
- References:
- Neighbor table overflow. Virus?
- From: nsa.usa@xxxxxxxxx
- Re: Neighbor table overflow. Virus?
- From: Rick Moen
- Re: Neighbor table overflow. Virus?
- From: nsa.usa@xxxxxxxxx
- Neighbor table overflow. Virus?
- Prev by Date: Re: Turn off IPv6, HOW?
- Next by Date: Re: Linksys Wireless WMP54G Card On Fedora 4 ?
- Previous by thread: Re: Neighbor table overflow. Virus?
- Next by thread: Re: Neighbor table overflow. Virus?
- Index(es):
Relevant Pages
|
