nothing noticeable in the logfiles neither in their size, thats why I was asking for help with logging...
I have had another attack these days, the peaks I am talking about are the green ones, thats incoming traffic. The red ones are indeed the nightly backups which indicates outgoing traffic.
these attacks did not do any harm, the server is still available as I found out by chance. The last attack was registered at midnight, but Strato only cut off my server the next day at lunch so I was able to see what happened: the server load went up to 12 and more, still everything was functionable, the DOS did not succeed, to me it looks like the attacking server was not powerfull enough?
yet strato does not like these attacks and threatened to cancel my contract if there will be any more occurances. So I need logging to file abuse complaints about the originating server.