>Hello ladies and gents can someone tell me what the proper thing to
>do is when someone try s to dos your server by connecting to it over
>& over continuously.
There's not much you can do with the Imail box itself.
If the attack is from one ip, then packet filter that ip or Class C
at your router. This moves the DoS to your router which can usually
handle it better at the ip packet level than Imail can at SMTP
application level.
> While they never were able to deliver any mail they were blocked
> by the MAPS system. So they got Accepting SMTP connection from [203.197.32.158]
>
>Wed 2000-11-22 20:07:38: [632:9428] 220 Wed 2000-11-22 20:07:39:
>[632:9428] EHLO <http://www.ilfsdp.com/>www.ilfsdp.com
>
>I included their IP and hostname just in case anyone else might want
>to put them in their personal IP blocking cache as well.
>
>Who best to go to about it. I thought about the FBI but then again
>since they never could bring the server down im not sure they would
>do anything about it .
The best insurance is your own defenses and detection, an area which
as complex as the whole ISP operation itself. The defensive cost of
doing business is going up.
Len
http://BIND8NT.MEIway.com : ISC BIND 8.2.2 p5 & 8.2.3 T6B for NT4 & W2K
http://IMGate.MEIway.com : Build free, hi-perf, anti-spam mail gateways
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
