Hi,
SSDP attacks are a common vector on 90% of the "stresers" being sold,
the attack will generally exceed 1gbps so I doubt you're going to be
able to handle this with iptables.
Contact your host and ask them to drop source port 1900 to your IP
range. If they can't you're likely going to have to look elsewhere for
solutions.
You could also try changing the pattern matching algorithm by changing
--algo bm to --algo kpm (It's faster for string matching)
Make sure you delete the current rule and re-add it with the different
algorithm, I would not recommend running them alongside each other.
On 10/31/2015 4:30 AM, Левинчук Федор wrote:
find solution
$IPTABLES -I INPUT -p udp --dport 16000:29000 -m string --to 75 --algo bm
--string 'HTTP/1.1 200 OK' -j DROP
recommends another rules
$IPTABLES -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
$IPTABLES -A OUTPUT -p udp -m udp --match multiport --sports 16000:29000 -m string --algo
bm --string "disconnect" -j DROP
--
Calvin Judy
Founder & CEO
PH#: (843) 410-8486
Mail: [email protected]
_______________________________________________
Csgo_servers mailing list
[email protected]
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
