One Hat Cyber Team

Your IP: 216.73.216.23
Server IP: 178.33.27.10
Server: Linux cpanel.dev-unit.com 3.10.0-1160.108.1.el7.x86_64 #1 SMP Thu Jan 25 16:17:31 UTC 2024 x86_64
Server Software: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
PHP Version: 8.2.11
Buat File | Buat Folder

Dir : ~/usr/local/src/netdata/health/guides/net/

View File Name : 10s_received_packets_storm.md

### Understand the alert

This alert is triggered when there is a significant increase in the number of received packets within a 10-second interval. It indicates a potential packet storm, which may cause network congestion, dropped packets, and reduced performance.

### Troubleshoot the alert

1. **Check network utilization**: Monitor network utilization on the affected interface to identify potential bottlenecks, high bandwidth usage, or network saturation.

2. **Identify the source**: Determine the source of the increased packet rate. This may be caused by a misconfigured application, a faulty network device, or a Denial of Service (DoS) attack.

3. **Inspect network devices**: Check network devices such as routers, switches, and firewalls for potential issues, misconfigurations, or firmware updates that may resolve the problem.

4. **Verify application behavior**: Ensure that the applications running on your network are behaving as expected and not generating excessive traffic.

5. **Implement rate limiting**: If the packet storm is caused by a specific application or service, consider implementing rate limiting to control the number of packets being sent.

6. **Monitor network security**: Check for signs of a DoS attack or other security threats, and take appropriate action to mitigate the risk.

### Useful resources

1. [Wireshark User's Guide](https://www.wireshark.org/docs/wsug_html_chunked/)
2. [Tcpdump Manual Page](https://www.tcpdump.org/manpages/tcpdump.1.html)
3. [Iperf - Network Bandwidth Measurement Tool](https://iperf.fr/)