http://hostinghelp.biz/content/ddos-%D1%87%D1%82%D0%BE-%D0%B4%D0%B5%D0%BB%D0%B0%D1%82%D1%8C-%D0%B5%D1%81%D0%BB%D0%B8-%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80-%D1%82%D0%BE%D0%BB%D1%8C%D0%BA%D0%BE-%D0%BE%D0%B4%D0%B8%D0%BD-linux-%D1%81-apache article describes some recipes to counter DDoS using iptables limit and string matching filters. Useful
http://www.tancsa.com/blast.html results, data and following discussion from 2006 test of routing performance
http://sourceforge.net/projects/pixla/ oss pix log analyzer
http://jeremy.chartier.free.fr/snortalog/what_is_snortalog.html open source software that does firewall log analisys, stats and reporting
http://www.ciscopress.com/articles/article.asp?p=424447&seqNum=4 notes about logging and long analyzing on cisco netsec devices (pix/asa)
http://www.vim.org/scripts/script.php?script_id=1141 this .vim files provide syntax highliting rules for cisco ACLs
http://www.opennet.ru/openforum/vsluhforumID3/41732.html#32 [RU] Для открытия порта SSH на host необходимо выполнить команды с удаленного хоста
http://www.wiztelsys.com/Article_iptables_bob2.html basically the Subj. You need 2.6.18.x to play around
http://www.debian-administration.org/articles/562 experimental netfilter module ipp2p for P2P trafiic
http://enterprisenetworksandservers.com/monthly/art.php?2715 article explaning Cisco PIX packet flow. Pls read it if u are planning to touch pix config files