First off, i'm sorry if this is the wrong forum, I didn't know where to put it.

My cable line has been going on and off all day, and I assumed it was simply maintenance, until I checked RoadRunner's webpage, which says everything is working fine. Then I got the idea I could be the victim of a DoS attack, and so I configured my Linksys router to show me all the incoming packets. Here is a sample of them, as you can see some are from IPs that simply don't exist, such as 0.24.4.1.

Source IP ---- Destination Port Number
213.255.66.97 ---- 21
213.84.126.95 ----137
200.176.116.226 ----137
80.13.164.113 ----137
203.239.159.234 ----1660
207.69.188.187 ----1089
203.239.159.234 ----1660
207.69.188.187 ----1089
207.69.188.186 ----1075
216.73.82.11 ----1272
207.69.188.185 ----1065
61.1.36.156 ----137
207.69.188.187 ----1060
207.69.188.186 ----1043
24.200.196.67 ----137
35.11.130.97 ----49320
0.24.4.1 ----1035
65.172.162.154 ----1093
65.172.162.153 ----1092

What do you guys think?
And if it is a DoS how would I set up RH 7.2, or my Linksys router to stop it?

Without a full printout of firewall logs, especially flags and rates, no. Have you read this thread?

No, i'm reading it. Thats all the logs I have, the only firewall I have is my router. I need to set up a better one, but I dunno how to.

Hmm, how about searching Linuxquestions.org for terms like linksys+firewall?
With a +10K userbase I'm sure we can provide some info...

I read the search results, and i'm pretty sure that it was a DoS, and that my router is configured just as well as it can be..

Well, I'm ready to learn then.
W/o knowing packet flags or clues from payload size/contents, how did you determine it was a DoS attack?

Well, my AMAZING skills helped... just kidding.
Some jerk on IRC admitted to it, it seems he was mad because I z:lined him when he wouldn't stop the porn scripts.