Re: what 's the output mean ? maybe I am under attack ?
From: edwin chan (slack@suntop-cn.com)
Date: 09/27/01
- Next message: Brett Glass: "Re: LaBrea for BSD?"
- Previous message: Ronan Lucio: "Re: flood attacks"
- In reply to: Peter Pentchev: "Re: what 's the output mean ? maybe I am under attack ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "edwin chan" <slack@suntop-cn.com> To: "Peter Pentchev" <roam@ringlet.net> Date: Fri, 28 Sep 2001 00:57:09 +0800
I think 998760 data packets retransmitted,but maked as 1014872219bytes.
maybe not a normal output ?
----- Original Message -----
From: "Peter Pentchev" <roam@ringlet.net>
To: "edwin chan" <slack@suntop-cn.com>
Cc: <freebsd-security@FreeBSD.ORG>
Sent: Thursday, September 27, 2001 12:25 AM
Subject: Re: what 's the output mean ? maybe I am under attack ?
> On Wed, Sep 26, 2001 at 11:09:34PM +0800, edwin chan wrote:
> > today, when i run "netstat -p tcp" i found something not normal, is it
mean
> > my box under attack ?
>
> What exactly do you consider to be 'not normal'?
>
> > $ netstat -p tcp
> > tcp:
> > 32949909 packets sent
> > 26228892 data packets (553570256 bytes)
> > 998760 data packets (1014872219 bytes) retransmitted
> > 37 resends initiated by MTU discovery
> > 5231789 ack-only packets (0 delayed)
> > 0 URG only packets
> > 27011 window probe packets
> > 43314 window update packets
> > 420146 control packets
> > 22126272 packets received
> > 15191487 acks (for 455329912 bytes)
> > 1713060 duplicate acks
> > 397 acks for unsent data
> > 4281933 packets (3828576231 bytes) received in-sequence
> > 114136 completely duplicate packets (22646316 bytes)
> > 0 old duplicate packets
> > 541 packets with some dup. data (307470 bytes duped)
> > 275937 out-of-order packets (110838044 bytes)
> > 212 packets (54004 bytes) of data after window
> > 0 window probes
> > 270521 window update packets
>
> G'luck,
> Peter
>
> --
> This sentence every third, but it still comprehensible.
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Next message: Brett Glass: "Re: LaBrea for BSD?"
- Previous message: Ronan Lucio: "Re: flood attacks"
- In reply to: Peter Pentchev: "Re: what 's the output mean ? maybe I am under attack ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
