DOS Attack Follow Up

[Shawn Wall <sjwall () shaw ca>]

Hi List. Thank you all for you insightful replies. I am posting this as a
follow up to some comments and questions.

I am caputing the traffic by SPANing a port on my switch to a port where I
have a box running ethereal. I don't think the internal network is being
spoofed because during the outage all traffic is coming from the 'outside'
to the 'inside'. The traffic is unicast not broadcast. During the attack
there are RST packets only, no data. Does any know how to prevent this type
of RST attack? Thanks.

shawn