Hi,
>From last some days I am facing the unexpected huge ICMP traffic is going
out from Server.
I have blocked icmp ports in iptables and if I execute the Ping manualy its
blocking.
Some process is send this huge traffic. Below is tcpdump output.
================================
16:23:27.817856 IP (tos 0xc0, ttl 64, id 55278, offset 0, flags [none],
proto ICMP (1), length 104)
example.com > ***.***.***.***: ICMP host example.com unreachable -
admin prohibited, length 84
IP (tos 0x0, ttl 56, id 52085, offset 0, flags [DF], proto TCP (6),
length 76)
***.***.***.***.5189 > example.com.https: Flags [P.], cksum 0xa427
(correct), seq 2571871600:2571871636, ack 1159342022, win 65535, length 36
================================
How this can be controlled ?
Thanks,
Shital