Quote:
Originally Posted by Sponge
[You must be logged in to view images. Log in or Register.]
Wouldn't you just get the IP(s) of a zombie computer? Gonna go attack some innocents?
|
In this case probably not, I'd wager that it was a few people with personal issues. Botnet or not I'd imagine they could at least rate limit UDP to some acceptable level either at the core/dist switch of the colo or the trunk/vlan where the stuff is hosted from, a fairly standard practice in routing and switching.
Most co-location providers will cooperate with you on this if you have
packet traces and a list of offenders.
According to Rogean most of the abuse traffic is UDP which makes it tricky, otherwise you could just dedicate a cheap machine to
proxy your TCP connections for you, discarding illegitimate traffic.