"David J. Schmidt" writes:
How likely is Panix to go under from this? Admittedly incomming connections are seriously effected, but if Panix were to filter out incoming SYN's at their entry points could their customers still do outbound browsing?
Panix makes a considerable fraction of their income from web hosting, which is an incoming operation. Luckily, the situation was palliated by hardening the system kernels and also the attacks have subsided, possibly because they were no longer particularly effective.
Bottom line, exactly how is this attack effecting Panix servers and what are they able to do to at least operate in a degraded fashion during these attacks? What could *I* do if my site were attacked?
Right now? If you don't have system source to your kernels I would say you are hosed. I would suggest trying to work to get lots of ISPs to filter outgoing packets. Its the surest defense for everyone. Additionally, if you do have sources to your kernel there may be fixes that can be made in advance of vendors announcing patches. BTW, if anyone is actually being attacked right now, please get in touch with me. Perry