Flood ping

Mailing List

Home

Forum Home

Linux - General Red Hat Linux discussion list

Installation - Getting started with Red Hat Linux

Enterprise Linux 3 - Discussion of Red Hat Enterprise Linux 3 (Taroon)

Red Hat Linux 9 - Discussion of Red Hat Linux 9 (Shrike)

Red Hat Linux 7.2 - Discussion of Red Hat Linux 7.2 (Enigma)

Red Hat Linux 7.3 - Discussion of Red Hat Linux 7.3 (Valhalla)

Apache Web Server

Oracle database, Microsoft SQL server ...

Subjects

•	Subject: application/x mplayer2 plugin
•	RPM error: db4 error(16) from dbenv >remove: Device or resource busy
•	Command stream end of file while reading
•	Subject: X Windows problem (xauth)
•	Subject: Upgrading openoffice 1 1 rpm
•	Subject: FTP: connection refused
•	Subject: FTP: connection refused
•	mount: /dev/cdrom: is not a valid block device
•	Dell Precision 650, RedHat 9, no sound
•	how to trace the cause resulting in the crash of bind server
•	Virus on the list
•	UNINSTALL RPM MYSQL
•	usb pen drives: mounting as a user
•	Subject: broadcom network interface
•	make mrproper
•	Couldn 't open PID file /var/run/named/named pid Permission denied
•	sendmail configuration on redhat
•	kernel 2 6 and /dev/sound/mixer not found
•	Subject: Promise 378 controller
•	Subject: Problem using up2date
•	mrtg step by step howto/configuration for a newbie?
•	Compiling and Installing Kernel 2 6
•	Can 't locate module ppp0, can 't locate module ppp compress 21
•	Subject: Lotus Notes under Wine
•	HOW I CAN MAKE BOOTABLE FLOPPY DISKET
•	/etc/security/limits conf question
•	Intel E/1000 driver
•	rpm database corrupt
•	Command stream end of file while reading
•	qla2300 modules

Flood ping

Flood ping

2004-06-10 - By Gurugunti, Mahesh

Back

Reply: 1 2 3 4

In a normal situation when a machine pings another host from valid (return
address to itself) , the pinged machine sends the acknowlegement back and
it in turn gets acknowlegement from source machine. So the sync/ack/n(ack)
conversation/session is completed successfully and the connection closes.

But if the source ping machine pings another machine with a "false" return
address then , then pinged machine sends the acknowledgement but never gets
any response for this(since the return address is not a valid address) . So
the session is kept open. When 100s and 1000s of such pings are sent then
there will lot of sessions open on destination machine and it eventually
brings down that machine (or whichever pingable device).

Mahesh

-- --Original Message-- --
From: Harry Hambi [mailto:harry.hambi@(protected)]
Sent: Thursday, June 10, 2004 10:15 AM
To: valhalla-list@(protected)
Subject: Flood ping

Hi all,
Can somebody explain what flood ping is, more importantly what it can tell
you about your network.

Rgds.

Harry.

http://www.bbc.co.uk/ - World Wide Wonderland

This e-mail (and any attachments) is confidential and may contain
personal views which are not the views of the BBC unless specifically
stated.
If you have received it in error, please delete it from your system.
Do not use, copy or disclose the information in any way nor act in
reliance on it and notify the sender immediately. Please note that the
BBC monitors e-mails sent or received.
Further communication will signify your consent to this.

-- -- This message is for the named person's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mistransmission. If
you receive this message in error, please delete it and all copies from your
system, destroy any hard copies and notify the sender. You must not,
directly or indirectly, use, disclose, distribute, print, or copy any part
of this message if you are not the intended recipient. Nomura Holding
America Inc., Nomura Securities International, Inc, and their respective
subsidiaries each reserve the right to monitor all e-mail communications
through its networks. Any views expressed in this message are those of the
individual sender, except where the message states otherwise and the sender
is authorized to state the views of such entity. Unless otherwise stated,
any pricing information in this message is indicative only, is subject to
change and does not constitute an offer to deal at any price quoted. Any
reference to the terms of executed transactions should be treated as
preliminary only and subject to our formal written confirmation.

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859 (See http://iso-8859.ora-code.com)-1">
<TITLE>Flood ping</TITLE>

<META content="MSHTML 6.00.2800.1400" name=GENERATOR></HEAD>
<BODY>
<DIV>In a
normal situation when a machine pings another host from valid (return
address to itself)  , the pinged machine sends the
acknowlegement
back and it in turn gets acknowlegement from source machine. So the
sync/ack/n(ack) conversation/session is completed successfully and the
connection closes.</DIV>
<DIV> </DIV>
<DIV>But
if
the source ping machine pings another machine with a "false" return address
then , then pinged machine sends the acknowledgement but never gets any
response for this(since the return address is not a valid address) . So the
session is kept open. When 100s and 1000s of such pings are sent then there
will
lot of sessions open on destination machine and it eventually brings down that
machine (or whichever pingable device).</DIV>
<DIV> </DIV>
<DIV>Mahesh</DIV>
<BLOCKQUOTE>
<DIV class=OutlookMessageHeader dir=ltr align=left>-- --Original Message-- -- From: Harry Hambi
[mailto:harry.hambi@(protected)] Sent: Thursday, June 10, 2004 10:15
AM To: valhalla-list@(protected) Subject: Flood
ping </DIV>
Hi all, Can
somebody explain what flood ping is, more importantly what it can tell you
about your network. 
Rgds. 
Harry. http://www.bbc.co.uk/ -
World
Wide Wonderland This e-mail (and any attachments) is confidential and
may contain personal views which are not the views of the BBC unless
specifically stated. If you have received it in error, please delete it
from your system. Do not use, copy or disclose the information in any way
nor act in reliance on it and notify the sender immediately. Please note
that the BBC monitors e-mails sent or received. Further communication
will signify your consent to this. </BLOCKQUOTE></BODY></HTML>

-- -- This message is for the named person's use
only. It may contain confidential, proprietary or legally privileged
information. No confidentiality or privilege is waived or lost by any
mistransmission. If you receive this message in error, please delete it and all
copies from your system, destroy any hard copies and notify the sender. You
must not, directly or indirectly, use, disclose, distribute, print, or copy any
part of this message if you are not the intended recipient. Nomura Holding
America Inc., Nomura Securities International, Inc, and their respective
subsidiaries each reserve the right to monitor all e-mail communications
through its networks. Any views expressed in this message are those of the
individual sender, except where the message states otherwise and the sender is
authorized to state the views of such entity. Unless otherwise stated, any
pricing information in this message is indicative only, is subject to change
and does not constitute an offer to deal at any price quoted. Any reference to
the terms of executed transactions should be treated as preliminary only and
subject to our formal written confirmation.

__ ____ ____ ____ ____ ____ ____ ____ ____ ____
Valhalla-list mailing list
Valhalla-list@(protected)
https://www.redhat.com/mailman/listinfo/valhalla-list