Re: SMTP DoS Advice

[Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>]

On 2006-03-31 Mark Brunner wrote:
> A friend of mine tells me that his small business is under a SMTP
> Denial of Service attack.
> He's getting spoofed connection attempts a second from all over the
> 'Net, and his gateway just can't handle the load.  Any advice from the
> gurus in the list about how best to handle something like this?

DDoS is best handled upstream. He should contact his provider on this
matter and have them determine from where the actual packets are coming.

Regards
Ansgar Wiechers
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------