ICMP Overloading Argus
Carter Bullard
carter at qosient.com
Wed Aug 20 12:00:29 EDT 2003
Hey Eric,
We should find out why its dumping core. The design is that
argus should fail gracefully if it gets overwhelmed. So
does you core have anything to say for itself?
Carter
> -----Original Message-----
> From: owner-argus-info at lists.andrew.cmu.edu
> [mailto:owner-argus-info at lists.andrew.cmu.edu] On Behalf Of Eric
> Sent: Wednesday, August 20, 2003 10:44 AM
> To: argus-info at lists.andrew.cmu.edu
> Subject: ICMP Overloading Argus
>
>
> We're seeing argus die off with the following errors on FreeBSD
> 5.1
>
> (argus), uid 0: exited on signal 6 (core dumped)
>
> This is due to the huge spikes of icmp traffic in the past few
> days.
>
> Besides not capturing ICMP, can I do anything to help make argus
> more resilient to these problems? We notice that this happens
> during W32.Slammer worms as well.
>
> Thanks.
>
> - Eric
>
More information about the argus
mailing list