A couple of months ago, our organization’s network was hit by… something. I couldn’t really tell if it was a DOS attack or “just” a rapidly spreading virus. All I knew was that my DHCP requests were barely getting through, and all other traffic seemed to be being dropped. The cheap ethernet switch I had its activity lights flickering faster than I had ever seen, and for all ports (broadcast packets?).
This made me pretty disgruntled with our network ops(shouldn’t this be stopped at the WAN router), but I didn’t think whining about it would do any good. So I fired up Knoppix, since it has Ethereal built-in, and I obviously didn’t have the connectivity to download a port of it otherwise.
Mind you, I’ve never used Ethereal before, but it seemed like a good chance to play with it. So I had it gather a couple of traces off the network. FYI, 30 second traces were weighing in at around 13MB, so, do the math, and you can get a feel for how much junk was coming through my 10Mbps link. Anyway, I didn’t make a whole lot of sense of it, but if anyone wants to take a peek at one of the traces and email/post-a-comment, s/he is welcome to it.
Download Ethereal trace (.zip)
Because of spam considerations, if you wish to email me, please do through the “Contact Daniel” link on the blog’s main page. Thanks.
Comments are closed.