Hy In an older mail from this list (thath i can#39;t find right now), there
was a mail thath cointain some IP tables rules agains DDOS attact. If somebody
can find it or still has it please send it to me (szoke(at)synhosting.eu).
Thanks in advance. ps. Valve could you do something about this?
which kind of attacks are we talking about?
please share some packet samples
Il 25/06/2011 13:26, molnár lászló ha scritto:
Hy In an older mail from this list (thath i can#39;t find right now), there
was a mail thath cointain some IP tables rules agains DDOS attact. If
somebody can find it
I guess hes talking about UDP-flooding.
You can block the exact size of the packets in iptables (i think its 24 46
bytes on the ports.
/Chris
Sent from my iPhone 4
Den 25/06/2011 kl. 14.01 skrev Marco Padovan e...@evcz.tk:
which kind of attacks are we talking about?
please share some
Hy! Thanks for the answer.I am not so good at this tings so could you please
specify what information do you need, and how can i get it?
___
To unsubscribe, edit your list preferences, or view the list archives, please
visit:
[mailto:hlds_linux-
boun...@list.valvesoftware.com] On Behalf Of molnár lászló
Sent: 25 June 2011 13:58
To: hlds_linux@list.valvesoftware.com
Subject: [hlds_linux] IP Tables rules against DDOS attacts
Hy! Thanks for the answer.I am not so good at this tings so could you
please specify what
install tcpdump on your box and run it on the server while it's being
ddossed:
tcpdump -nnvvXS dst port 27005
(supposing the server under attack is listening on 27005)
Il 25/06/2011 14:58, molnár lászló ha scritto:
Hy! Thanks for the answer.I am not so good at this tings so could you please
Very good tutorial:
https://forums.alliedmods.net/showthread.php?t=151551
-Oryginalna wiadomość-
From: molnár lászló
Sent: Saturday, June 25, 2011 1:26 PM
To: hlds_linux@list.valvesoftware.com
Subject: [hlds_linux] IP Tables rules against DDOS attacts
Hy In an older mail from
Hi:
For 0 size udp flood you only need
http://www.sourceop.com/modules.php?name=Downloadsd_op=viewdownloadcid=9
(dont know if work with last update)
And for rcon exploits, block the tcp query port, for example: IPTABLES
-A INPUT -p tcp --dport 27015-j DROP
Best regards
You can also rate-limit in iptables since a new module was introduced not
too long ago. I use it for SSH and a few other ports as well. Here's an
example for those that care. The below will rate limit ssh connections to no
more than 4 every 60 seconds. Anything over that, iptables drops for a
9 matches
Mail list logo
