Hello, A few hours ago, a little boy flooded my servers and well, they were ok, but I couldn't connect neither ping to them... Is there a way to log attacker IP in order to advise the datacenter to block traffic in firewalls? thanks in advance
Ok, right now I am loggin traffic with iptraf. As I could guess, the attack was produced by UDP flooding, I think to port 80... is there a way to protect against it? is UDP necesary for apache2 or TCP traffic is enought to work? may I DROP every UDP traffic to port 80? recommendations about this will be good... but the problem I think was that all bandwidth was in use by the attack...
