On Mon, 20 Sep 2004, Lucky Leavell wrote:
We are a small ISP suffering from repeated SYN Flood DoS/DDoS type
attacks. After putting a bridging firewall in place and using a packet
sniffer, we are certain the attacks are coming from within our own
network with machine A attacking machine B, both o
More info, perhaps?
Like:
- What does your network setup look like (before and after recent
changes you mention)?
- What operating systems are in use?
- Are they patched?
- What services do you make available on the Internet (exposure)
- Have you ran chkrootkit, f-prot AV, clam AV on suspect
