
On Apr 7, 2011, at 11:49 AM, Steve Holdoway wrote:
Any suggestions apart from forward 25 to /dev/null and hope they go away??
The firewall/NAT isn't helping, it's hurting - the state tables are getting filled up and legitimate traffic is being crowded out, and the CPU is high. Stateful firewalls and NATs should *never* be placed in front of servers. Contact the ISP and tell them that there's a DDoS being launched towards the public IP, and get them to filter. The church should move their servers into VPS, rather than trying to run them off a VDSL with software-based routers. ----------------------------------------------------------------------- Roland Dobbins <rdobbins(a)arbor.net> // <http://www.arbornetworks.com> The basis of optimism is sheer terror. -- Oscar Wilde