Tom Baker|Netsmith Inc wrote: > I'm not even sure why my server was targeted
The vast majority of DoS attacks involve irc in one way or another. Typically it is a 13 year old who wants to prove how tough he is by knocking someone else offline and taking over their channel. I have seen cases where a non-irc server was compromised and used as an irc proxy. I.E. The kiddies know that they are going to be attacked, so instead of having their home connection DoS'd, they bounce through someone else's server and setup a bunch of those so they can't be knocked off for long. So, if you know what specific IP was targetted, I would investigate it for signs of compromise. May not be a bad time to do a network-wide audit (i.e. portscan your whole LAN from outside and see what is listening).
