> In case of a Denial-Of-Service attack, assuming that I know which service
> is under attack, who can I identify the source address of the such attack?
Generally you can't and unless its a high volume attack the ISPs don't care
and won't care until the police are involved by which time they will have
managed to expire any logs that far back and thus conveniently got themselves
out of the administrative inconvenience.
There are exceptions but as a generally rule in the current environment you
can't.
Alan
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
