On Tue, Feb 23, 2010 at 02:46:54PM -0500, Paul Stewart wrote: > The problem is that a user on this box appears to be launching high > traffic DOS attacks from it towards other sites. It's possible the user inadvertently enabled the same exploit after you rebuilt the system. I suggest caution with assigning culpability. Nate Itkin