Recently someone did a ddos attack on our server. It used a full 100mbit line. Here is a line that it logged: Top Process %CPU 73.0 ./f3.c IP.AD.DR.ESS 50000 10000 Can someone tell me what ./f3.c is? And how can I prevent another ddos attack from this user? I added it using SSH to "iptables" and REJECTed it. Is this enough? Or do I need to install a third part firewall?