[QUOTE="Sandman"] Even so, I don't have anywhere near to 4000 customers so this can't be due to one of my clients faulty network either. This seems like a targeted attack.[/QUOTE] I don’t currently have a better theory. [QUOTE] I can think of only one person (from here on usenet) but he's from America and I doubt he has the ability to muster a botnet of Swedish-only clients. He has tried to flood me before, but only from a single IP. So no, I have to answer that I know of no one that could do this specifically against *me*. Maybe against one of my clients? Because, if they were targetting me, they would target my homepage (sandman.net) or some other, these attacks seem to either target the IP or my cluster domain name - and the cluster domain is not something used for anything but DNS redirection.[/QUOTE] From what you’ve said (and I may be wrong) it sounds like it could be targetting your source of income. The ability to run a botnet personally isn’t necessarily relevant, even if you’re right about that; botnet operators rent them out.