My First Denial of Service Attack..... (fwd)

There are other analyses that can be performed if you have a tcpdump
(NOT etherfind) output log of the headers from an attack.

It's well worth a few tens of megabytes...

CERT and some of the people working on the SYN attacks can help if
you have such traces.