* Suresh Ramasubramanian:
On 29/07/05, Florian Weimer <fw@deneb.enyo.de> wrote:
Anyway, you should examine *why* you (or your customers) are attacked, and address that. Everything else is likely cost-effective. Of course, this might mean you have to do without some revenue if you have customers that are DoS magnets for some reason.
Not allowing your users to run eggdrop or other irc bots on the shells you give them, and generally not hosting irc stuff would definitely help there.
Definitely. You should also help your customer to detect successful break-ins. Compromised machines are often used in very questionable contexts and quickly become targets of DoS attacks as well (not your average owned home computer, of course, it's more about multi-user UNIX machines).