FLOODER -.- - Printable Version

FLOODER -.- - Printable Version

+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Server (https://sampforum.blast.hk/forumdisplay.php?fid=6)
+--- Forum: Server Support (https://sampforum.blast.hk/forumdisplay.php?fid=19)
+--- Thread: FLOODER -.- (/showthread.php?tid=112448)

FLOODER -.- - [FoD]Fabio - 07.12.2009

Someone floodet my server, now players have the ids are very high, with the majority coming then: Server is full, there is any tool or something to protect it?

Re: FLOODER -.- - Woet - 07.12.2009

Use tcpdump to find the attacker.

Код:

tcpdump -n | grep SERVER_PORT | grep "length 2"

Find a suspicious IP (lots of packets of length 2)

Код:

tcpdump -n | grep SUSPICIOUS_IP

If it does indeed send a lot of those packets, ban it.

Код:

iptables -A INPUT -s SUSPICIOUS_IP -j DROP

Re: FLOODER -.- - [FoD]Fabio - 07.12.2009

okay

Re: FLOODER -.- - Jakub91111 - 08.12.2009

yesterday i block an ddos attack from IP's :

Код:

91.178.169.31
85.25.145.29
87.106.240.108
195.62.62.92
24.201.243.21
24.37.106.138

some of this IP's are from website or server server4you.de it's been same as you, the server wasn't full but write a error ''Server is full retrying....'' and players ID's was 400+ and 500...

If you have a root acces you can install ''iftop'' - that show you a trafic acces (I found that IP's from this script, one of this IP's have trafic 210MBps) and latter you can install iptables and put bash command iptables -A INPUT -s _ATTACKER_IP -j DROP (It's a linux firewall system)