DOS attacks happen all the time.
In recent months many Gambling related sites and servers have been targeted, mostly going after some of the larger sportsbooks and groups.
Most hackers, when trying to compromise servers will concentrate on a specific block of IP’s looking for boxes to compromise for a number of reasons. They may want to serve music or porn from them, or want root access so they create larger attacks, (with more bandwidth) going after other targets. Once a block is compromised, (or not) they move on to another one.
I happen to know over 2 dozen server operators that were heavily attacked during the code red launch. (I was one)….They didn’t want our servers….except they DID want our bandwidth to launch the attack at the White House.
I have some local clients that have dedicated business bandwidth connections that have been hacked for no other reason than to drop a few gigs of music on the hard drive and run ftp servers in the middle of the night.
If you suspect that your server has been compromised, start looking for mp3’s and mpgs (mpegs) that don’t belong there. Some hackers are pretty slick and will even drop them in folders in with printer drivers.
If anyone ever thinks they have been compromised, I am willing to help consult in any areas that I may…bandwidth theft really sucks…
Rick
Universal4