ddos attack in progress... help needed

Hello folks,

We're undergoing a ddos attack on one of our machines. Its quite
manageable so far - 28 source IPs, many of them cable modems. But its
the first we've ever suffered, and before we get too deep in, I'd
appreciate pointers to the appropriate law enforcement parties to
contact so we can get to the root eventually. Offline is fine.

If there's any value, I'm happy to provide the list. Sustained rate from
each machine is around 2mbits per 5 min snapshot.