F9 DOS attack

[Tim]

On Wed, 2008-11-26 at 06:54 -0500, Dave Feustel wrote:
> I spoke with a Comcast technician yesterday. He said there was nothing
> Comcast could do and that the problem was that the 'bomber' was able
> to get my ip address by scanning my system. That seems inconsistent to
> me.

If you're chatting with your ISP, I'd ask them if it's just you being
flooded, or a range of their IP addresses.  Then you'll know if you're a
direct target.  If they can't work that out, they're hopeless.

As far as security goes, turn off the services you don't need.  And
configure the ones that you do need, to not listen to the outside world
unnecessarily (secure the services properly, don't rely on a firewall to
stand in the way).  Then, add a firewall to your mix.  It's an extra
layer, not the only thing you should use in your defence.

Attempts to crack into your system over SSH, for instance, will be water
off a duck's back if you don't have an SSH server running, or it never
listens to the world interface.

-- 
[tim at localhost ~]$ uname -r
2.6.27.5-41.fc9.i686

Don't send private replies to my address, the mailbox is ignored.  I
read messages from the public lists.