[clug] what do I do if I'm being hit by a foreign server?

Paul mylists at wilsononline.id.au
Mon Oct 18 01:23:06 MDT 2010

The attack has stopped for now , so I hope that this has mean I'm ok, but perhaps I will 
check my VOIP account just incase.

Perhaps they where trying to exploit an issue with my VOIP router as it did seem 
susceptible to this attack as it continually crashed  and lost connection.

But I have since reverted to my Linux box for firewall and gateway duties.


On 18/10/2010 9:52 AM, Stephen Walsh wrote:
> On 10/18/2010 08:08 AM, Daniel Rose wrote:
>> <snip>
>> Since the website seems fairly neglected, you could email the hosting company, but
>> personally I'd move on
> Which of course totally ignores the fact that this is generating traffic on the link,
> therefore using up quota and racking up costs. Sure, it's only 40k packets per second, but
> we're only halfway through the month, right?
> My 2cents is: email the hosting company and let them know an account on their box is being
> used for nefarious purposes, and also email your ISP and let them know you're being hit
> with traffic on the relevant port from the relevant host, and could they possibly block it
> at their edge, or better yet, upstream. If you ISP isn't interested in doing this, find
> another ISP.

More information about the linux mailing list