Forensics Web Site a Must-See
Having trouble with DoS attacks? Want to figure out a way to see who's behind them or at least track down the source?

The complete answer is likely still some way off, but IT managers who want to track the latest forensic and sleuthing technologies should start at citeseer.nj.nec.com/park00effectiveness.html. This NEC ResearchIndex portal is loaded with links to papers that discuss the technical nitty-gritty of denial-of-service attacks, including the effectiveness of probabilistic (as opposed to deterministic) packet marking. This will be of interest not only to IT managers whose networks are vulnerable to DoS attacks but also to service providers that can unknowingly transmit problem traffic. Probabilistic schemes focus on adding compressed information to likely attack packets, thus giving victims a clue as to the origin of the attack.
http://www.eweek.com/article/0,3658,s=708&a=25835,00.asp