Please help asap. How do I prevent spamm comming to my server?
Hey! I have a gaming server set up on linux and one guy keeps spamming it with bots (no players can connect). He has a dinamic IP so I fail to ban him. All I know is that he makes up to 300 connections from his IP per second (from logs). Is there a way to ban him automaticly anytime he tries to connect like that? I heard you can use iptables for such tasks, but I am really not that good in linux to figure out how to do it by myself. Please help asap, because we have a donation-based funding system and we're loosing much money, since if players can't play, they won't donate. Thanks in advance. :)
|
You can filter out the guy's MAC address and drop all of his packets.
Here is an article on the subject with examples: http://www.cyberciti.biz/tips/iptabl...filtering.html |
Quote:
|
Have you tried http://www.fail2ban.org/wiki/index.php/Main_Page
|
Can I use fail2ban to ban people that are just connecting to the server (not via SSH and they don't actually need a password)?
|
Sorry for the bump, but please help.
|
I think you can use iptables to limit the connection attempts to a few per second
(I will look it up and let you know) http://www.debian-administration.org/articles/187 explains how to do this Please let me know if you have any problems in applying this (be sure to save it so the changes are persistent.) |
Quote:
Thanks, Deadeyes. However, I fail to apply it: when I type (testing the example): Code:
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent \ --set Code:
iptables: No chain/target/match by that name |
Quote:
ipt_recent Look if you can find it in the output of lsmod after issueing the iptables command. If not load it manually modprobe ipt_recent Another one that could be necessary: ipt_REJECT xt_tcpudp x_tables What distro are you using? For me this worked instantaneously. |
Also try this:
http://hostingfu.com/article/ssh-dic...-with-iptables Just rename the service and correct the port number. Someone told me you can only have one -m (which does not seem to be true for CentOS). But in the link above you can find an example with one -m in a line. Please respond if anything here resolves your problem (also if it does not). I opened a thread here about the -m issue: http://www.linuxquestions.org/questi...nt-set-742801/ What I can see as a difference between gentoo and centos is that gentoo is using 1.4.x.x and centos 1.3.x.x Maybe the syntax has changed and that is the cause of this problem. In this guide you can find it for 1.4.x.x: http://www.geocities.com/youssef116/...g/ratelim.html |
All times are GMT -5. The time now is 07:05 AM. |