iptables rules for botnet (UDP flood) protection

Posted by Petar Simeonov on Server Fault See other posts from Server Fault or by Petar Simeonov
Published on 2012-11-11T15:46:18Z Indexed on 2012/11/11 17:03 UTC
Read the original article Hit count: 379

Filed under:
|
|
|

I'm currently experiencing a massive UDP attack on my server. I host a couple of gameservers, mainly Tf2, CS:GO, CS 1.6 and CS:Source, and my 1.6 server is being flooded. I tried different rules in iptables, but none of them seemed to work. I'm on a 100mbps bandwidth tariff, but the flood i receive is 500+mbps. This is the log of the latest tcpdump -> http://pastebin.com/HSgFVeBs Packet length varies throughout the day. Only my gameserver ports are being flooded - 27015, 27016, 27018 via UDP packets. Are there any iptables rules, that might prevent this?

© Server Fault or respective owner

Related posts about iptables

Related posts about udp