-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 If you are worried about being overloaded by this traffic, (or any undesirable traffic for that matter), why not just throw them in your edge router's acls? After that why not contact the owners of ip after you do a whois on them?
HTH, Leon - -----Original Message----- From: Seth Keller [mailto:[EMAIL PROTECTED]] Sent: Wednesday, November 21, 2001 2:51 PM To: [EMAIL PROTECTED] Subject: Has anyone seen this before? We have been absolutely bombarbed for the last 3 hours from a range of IP's which appear to be performing legitimate requests to port 80 on our web server. Our T1 line has seen 100% utilization for the last 3 hours. We are getting roughly 500-600 requests per minute from a specific range of IP's. The IP addresses revolve around in near perfect order. They start at 216.106.166.141 and roll up to 216.106.166.207 before repeating. Any ideas? Thanks in advance. Seth Keller Culver Community Schools -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com> iQA/AwUBO/6qA9qAgf0xoaEuEQL8EACbBtJKS9zIfQWqbX7ETqbQCgSNOTwAoMZl ntlvP2/Mgr9tCf/7fRb/KTLE =saY4 -----END PGP SIGNATURE-----