a general attack on an ISP? If the latter, then the ISP needs to mobilize more serious resources. Otherwise, they'd likely be in breach of service.
If the former, maybe you can trace it from the "social" level. In other words, who has it in for your client, and work it that way with perhaps the police or a private investigator.
How about the ISP filtering the packets? Can't you work with them to eliminate certain streams? For example any more than x packet/min is dropped at the ISP level? Most of these type attacks tend to get nailed at the ISP level.
Also, check out Steve Gibson's site, and get what help you can there. He's the guy who did ZoneAlarm, and a few other things. He's not 1/2 as good as he thinks he is, IMHO, but that's still pretty good.
I'll check back in a while. BTW, my sympathies, but I'd rather give you some solid help. |
