surreal, on 24 November 2012 - 07:26 AM, said:
the drop policy will prevent traffic obtaining a connection through that port, if there is even something listening on 7777 to start with.
It will however NOT stop the bandwidth consumption; You should probably speak to your upstream provider regarding the attack and have it blocked before it even reaches you.
P.S: You are probably looking at your firewall the wrong way around too; You should be explicitly denying everything, and then adding rules for what you "need" to be forwarded through, such as port 27960 if you're hosting Urban Terror on the default port.
Hi Surreal, thanks for your input.
I've sent several abuse emails now - I think GTA servers have an exploit (like we used to have x) at least we're not Dos'in other peoples servers now :D
I am denying everything and allowing only stuff I want - just after input on how best to drop these UDP floods.
I guess I'm doing the right thing - except I'm doing it manually and adding each IP thats used to flood me to the droplist, I rekon I'm gonna have to look at automating the DROP after a number of packets are received, I think that's what Derfull posted ~
Derfull
Posted 22 November 2012 - 10:50 AM
Maybe a DrDOS
Have you protect your server ?
Read this ;)
http://www.urbanterr...post__p__322656