.
From: hlds_linux-boun...@list.valvesoftware.com
[hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Marco Padovan
[e...@evcz.tk]
Sent: 27 November 2012 14:27
To: hlds_linux@list.valvesoftware.com
Subject: Re: [hlds_linux] Incoming DoS attack
ihih, nice :)
the most important thing
mbit/s.
IP: 46.166.130.152. Could also block every packet whos data contains flood or
is 1024 bytes.
Date: Wed, 28 Nov 2012 00:40:14 -0800
From: my_azz...@yahoo.com
To: hlds_linux@list.valvesoftware.com
Subject: Re: [hlds_linux] Incoming DoS attack
These days any 12 year old
:26 AM
Subject: Re: [hlds_linux] Incoming DoS attack
The funny thing is, you can actually do so on the IP. Some skid has made a
Booter as it's |called in their community| which you can use to take down
shit. Send an abuse report to Santrex and block this ip in your software
firewall if you
it. It's quite
stable for now, but you never know when you're in for a larger attack
unfortunantly.
Date: Wed, 28 Nov 2012 00:55:20 -0800
From: my_azz...@yahoo.com
To: hlds_linux@list.valvesoftware.com
Subject: Re: [hlds_linux] Incoming DoS attack
Yea lol tell me about it! I have been
09:57
To: hlds_linux@list.valvesoftware.com
Subject: Re: [hlds_linux] Incoming DoS attack
Syn cookies didn't help for me sadly. Had to tune sysctl a tad more. Bumping up
the maximum values for nf_conntrack module and all sorts of things. Now I'm
using a couple of iptables rules to block all SYN
of luck :(
From: sai...@specialattack.net
To: hlds_linux@list.valvesoftware.com
Date: Wed, 28 Nov 2012 11:18:23 +0100
Subject: Re: [hlds_linux] Incoming DoS attack
Our other server yesterday got hit by the so called DNS response DDoS. So
I'm guessing right now the attack wasn't aimed
...@list.valvesoftware.com] On Behalf Of Michael
Johansen
Sent: woensdag 28 november 2012 11:35
To: hlds_linux@list.valvesoftware.com
Subject: Re: [hlds_linux] Incoming DoS attack
If you're with a ISP/provider that actually takes care of their customers
they |can| just blackhole the ip's that are attacking
: Re: [hlds_linux] Incoming DoS attack
I am not a promoter, but with Hetzner if an attack is on my server, I just
get an email with the list of ip's that where doing the ddos stating they
stopped them from coming through.
-Original Message-
From: hlds_linux-boun
they use netflow.
that specific email is sent for imformative purpose only.
if the attack keeps going they nullroute you and disconnect your server
from the network
Il 28/11/2012 13.36, Michael Johansen ha scritto:
IIRC Hetzner are all automated right? Would be good for them to have a
, 2012 3:57:54 AM
Subject: Re: [hlds_linux] Incoming DoS attack
Syn cookies didn't help for me sadly. Had to tune sysctl a tad more. Bumping up
the maximum values for nf_conntrack module and all sorts of things. Now I'm
using a couple of iptables rules to block all SYN-packets going over 5 per
Hi,
We've been having DoS attacks aimed at one of our MvM servers.
Anyone have any idea what they're attempting to do here? It is just to make the
server unreachable, or are the actually trying to exploit srcds somehow?
Here's a tcpdump made for about 30 seconds during the attack (which is
: Tue, 27 Nov 2012 10:56:28 +0100
Subject: [hlds_linux] Incoming DoS attack
Hi,
We've been having DoS attacks aimed at one of our MvM servers.
Anyone have any idea what they're attempting to do here? It is just to make
the server unreachable, or are the actually trying to exploit srcds
.
From: hlds_linux-boun...@list.valvesoftware.com
[hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Michael Johansen
[michs...@live.no]
Sent: 27 November 2012 11:15
To: hlds_linux@list.valvesoftware.com
Subject: Re: [hlds_linux] Incoming DoS attack
I haven't looked at the tcpdump
: [hlds_linux] Incoming DoS attack
The IP's in the dump originate from China, but as it's UDP it could very well
be spoofed.
Looking at the payload in the packets, each new packet only has 1 character
change from the previous packet.
Bruteforce, or perhaps signature scanning evasion?
Saint K
: hlds_linux-boun...@list.valvesoftware.com
[hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Michael Johansen
[michs...@live.no]
Sent: 27 November 2012 11:26
To: hlds_linux@list.valvesoftware.com
Subject: Re: [hlds_linux] Incoming DoS attack
Just took a look at the tcpdump, doesn't look
My face when, I just analyzed my own tcpdump and I had over ~150 Mbit/s traffic
on UDP, where as my SYN stood for about 50k pps.
From: sai...@specialattack.net
To: hlds_linux@list.valvesoftware.com
Date: Tue, 27 Nov 2012 11:29:01 +0100
Subject: Re: [hlds_linux] Incoming DoS attack
We
@list.valvesoftware.com
Date: Tue, 27 Nov 2012 11:29:01 +0100
Subject: Re: [hlds_linux] Incoming DoS attack
We have no control over the upstream network. All I can do is filter the
packets at the machine, but that wouldn't prevent the link from still being
overloaded.
Currently a null-route
I am indeed. Thank you for all your help :)
Date: Tue, 27 Nov 2012 14:25:24 +0100
From: e...@evcz.tk
To: hlds_linux@list.valvesoftware.com
Subject: Re: [hlds_linux] Incoming DoS attack
Hi,
are you the Mike on WHT?
I was the one replying in there :D
Il 27/11/2012 13.54, Michael
To: hlds_linux@list.valvesoftware.com
Date: Tue, 27 Nov 2012 11:29:01 +0100
Subject: Re: [hlds_linux] Incoming DoS attack
We have no control over the upstream network. All I can do is filter the
packets at the machine, but that wouldn't prevent the link from still being
overloaded.
Currently
To: hlds_linux@list.valvesoftware.com
Subject: Re: [hlds_linux] Incoming DoS attack
Hi,
are you the Mike on WHT?
I was the one replying in there :D
Il 27/11/2012 13.54, Michael Johansen ha scritto:
My face when, I just analyzed my own tcpdump and I had over ~150 Mbit/s
traffic on UDP
: 27 November 2012 14:27
To: hlds_linux@list.valvesoftware.com
Subject: Re: [hlds_linux] Incoming DoS attack
ihih, nice :)
the most important thing while being ddosed is to report to the relevant
abuse desks so they can clean up their networks ;)
Il 27/11/2012 14.26, Michael Johansen ha scritto
: hlds_linux-boun...@list.valvesoftware.com
[hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Marco Padovan
[e...@evcz.tk]
Sent: 27 November 2012 14:27
To: hlds_linux@list.valvesoftware.com
Subject: Re: [hlds_linux] Incoming DoS attack
ihih, nice :)
the most important thing while
22 matches
Mail list logo
