> Over the past week I've noticed a couple of hosts with 15000-17000
> bytes waiting in the Send-Q .. they were all attached to port 80, but
> for the most part weren't showing up in my apache logs and weren't really
> causing too much of a lag.  I wrote an ipf rule for them and the lag went
> away.  

Before you go and claim "i'm under attack! man the barricades" you
should be aware that a system just dropping off the net in the middle
of a fetch would cause this.

You could just have a popular web page which causes internet exploder
to bluescreen as it loads it ;-)

						- Bill