BTW, Alexis Rosen at Panix could use some help tracking down the person(s) attacking his machines -- he's more or less being shut down by this. He's having some trouble finding the right person at Sprint (one of his two providers) to talk to. If the right person could get in touch with me, I'll hook the two of you up. Hopefully, with a little inter-provider cooperation, the guy will get caught and arrested soon. "Perry E. Metzger" writes:
PANIX, a large public access provider in New York, was badly hit with SYN flood attacks from random source addresses over the last few days. It nearly wrecked them.
I think its time for the larger providers to start filtering packets coming from customers so that they only accept packets with the customer's network number on it.