Hello Scott, >In your case a 'man xl' will help
This is what I get: No manual entry for x1 >I agree that it looks like an external attack. Either SMTP based as Len >has suggested or a more general attack. It is probably going to be >easier to diagnose this from the border router, depending on what it is. It's a Cisco router. >You should be able to increase the traffic logging on the router and take >a look at the traffic. If may be of a specific type or from/to a >specific address and/or port. If so you should be able to implement some type >of ACL's to block the traffic That's exactly my plan, I've started logging all the incoming traffic, now I'll have to wait until the next attack happens, depending on what they're doing I'll block the corresponding addresses/ports. Thank you for all your help. Adolfo Justiniano Santa Cruz BBS e-mail: [EMAIL PROTECTED] http://www.scbbs.net --- [This E-mail was scanned for viruses by the Santa Cruz BBS anti-virus system]
