LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   Stopping UDP Packtet Flood on Port: 28960 (http://www.linuxquestions.org/questions/linux-security-4/stopping-udp-packtet-flood-on-port-28960-a-364853/)

murder 09-19-2005 09:44 AM

Stopping UDP Packtet Flood on Port: 28960
 
i have got someone that keeps flooding port 28960 it doesnt really hurt anything other than it takes my gameservers offline is there a way that i can stop it?

gnukish 09-19-2005 11:18 AM

In linux use iptables(firewall in new-linux distros). Before iptables it was ipchain.

Code:

http://www.cse.msu.edu/~minutsil/iptables.html
Quick howto for iptables.

murder 09-19-2005 11:23 AM

thanks :)

murder 09-19-2005 11:26 AM

ok yeah i dont understand any of that :( is there a easy way to do it?

Orkie 09-19-2005 02:32 PM

Webmin has a very easy-to-use module for iptables. You will just need to set iptables to start as bootup (via a radio box at the bottom of the module) then set a rule for incoming packets which drops packets on port 28960 if protocol equals UDP.

murder 09-19-2005 06:14 PM

but the gameserver runs on UDP port 28960?

gnukish 09-19-2005 10:42 PM

copy and paste the below code which will drop the incoming udp packets in the respective port.

Code:

iptables -A INPUT -s <attacker IP> -p udp --dport 28960 -j DROP
now copy and paste

Code:

root@box:/sbin/iptables# service iptables save
root@box:/sbin/iptables# service iptables restart
root@box:/sbin/iptables# iptables -L

Hope you use the howto with this rules. Makes some sense , like A = append, p is the protoco, and --dport is the port no etc.

Try making your own rules and test them :)


All times are GMT -5. The time now is 08:27 PM.