BFW Firewall & Router

A powerful network security tool, easy, safe and totally free.

Pular para o conteúdo

Flood Attack! [INACTIVE]

BrazilFW 2.xhelp discussions in English.
Regras do fórum
Tópico trancado

Flood Attack!

Mensagempor Wilfull » Qua Set 30, 2009 3:44 pm

I have some problems, in the last 2 weeks, form and IP from China, that floods my server! The tipe of the flood is:

Código: Selecionar todos
17 27 src=125.88.102.23 dst=server ip sport=41027 dport=19148 [UNREPLIED] src=server ip dst=125.88.102.23 sport=19148 dport=41027 use=1
udp      17 24 src=125.88.102.23 dst=server ip sport=41027 dport=1219 [UNREPLIED] src=server ip dst=125.88.102.23 sport=1219 dport=41027 use=1
udp      17 29 src=125.88.102.23 dst=server ip sport=41027 dport=14480 [UNREPLIED] src=server ip dst=125.88.102.23 sport=14480 dport=41027 use=1
udp      17 29 src=125.88.102.23 dst=server ip sport=41027 dport=53131 [UNREPLIED] src=server ip dst=125.88.102.23 sport=53131 dport=41027 use=1
udp      17 29 src=125.88.102.23 dst=server ip sport=41027 dport=14743 [UNREPLIED] src=server ip dst=125.88.102.23 sport=14743 dport=41027 use=1
udp      17 23 src=192.168.101.123 dst=147.243.138.71 sport=2750 dport=53 [UNREPLIED] src=147.243.138.71 dst=server ip sport=53 dport=2750 use=1
tcp      6 76 FIN_WAIT src=192.168.101.62 dst=80.253.56.85 sport=52252 dport=80 src=80.253.56.85 dst=server ip sport=80 dport=52252 [ASSURED] use=1
udp      17 28 src=125.88.102.23 dst=server ip sport=41027 dport=30878 [UNREPLIED] src=server ip dst=125.88.102.23 sport=30878 dport=41027 use=1
udp      17 21 src=125.88.102.23 dst=server ip sport=41027 dport=40855 [UNREPLIED] src=server ip dst=125.88.102.23 sport=40855 dport=41027 use=1
udp      17 24 src=125.88.102.23 dst=server ip sport=41027 dport=19234 [UNREPLIED] src=server ip dst=125.88.102.23 sport=19234 dport=41027 use=1
udp      17 22 src=125.88.102.23 dst=server ip sport=41027 dport=12164 [UNREPLIED] src=server ip dst=125.88.102.23 sport=12164 dport=41027 use=1
udp      17 25 src=125.88.102.23 dst=server ip sport=41027 dport=54718 [UNREPLIED] src=server ip dst=125.88.102.23 sport=54718 dport=41027 use=1
udp      17 22 src=125.88.102.23 dst=server ip sport=41027 dport=44269 [UNREPLIED] src=server ip dst=125.88.102.23 sport=44269 dport=41027 use=1
udp      17 29 src=125.88.102.23 dst=server ip sport=41027 dport=19426 [UNREPLIED] src=server ip dst=125.88.102.23 sport=19426 dport=41027 use=1
udp      17 29 src=125.88.102.23 dst=server ip sport=41027 dport=55828 [UNREPLIED] src=server ip dst=125.88.102.23 sport=55828 dport=41027 use=1
udp      17 29 src=125.88.102.23 dst=server ip sport=41027 dport=12692 [UNREPLIED] src=server ip dst=125.88.102.23 sport=12692 dport=41027 use=1
udp      17 25 src=125.88.102.23 dst=server ip sport=41027 dport=40179 [UNREPLIED] src=server ip dst=125.88.102.23 sport=40179 dport=41027 use=1
udp      17 18 src=125.88.102.23 dst=server ip sport=41027 dport=15991 [UNREPLIED] src=server ip dst=125.88.102.23 sport=15991 dport=41027 use=1
udp      17 26 src=125.88.102.23 dst=server ip sport=41027 dport=12355 [UNREPLIED] src=server ip dst=125.88.102.23 sport=12355 dport=41027 use=1
udp      17 28 src=125.88.102.23 dst=server ip sport=41027 dport=32605 [UNREPLIED] src=server ip dst=125.88.102.23 sport=32605 dport=41027 use=1
udp      17 29 src=125.88.102.23 dst=server ip sport=41027 dport=64114 [UNREPLIED] src=server ip dst=125.88.102.23 sport=64114 dport=41027 use=1
udp      17 29 src=125.88.102.23 dst=server ip sport=41027 dport=25817 [UNREPLIED] src=server ip dst=125.88.102.23 sport=25817 dport=41027 use=1
udp      17 29 src=125.88.102.23 dst=server ip sport=41027 dport=30363 [UNREPLIED] src=server ip dst=125.88.102.23 sport=30363 dport=41027 use=1
udp      17 29 src=125.88.102.23 dst=server ip sport=41027 dport=40917 [UNREPLIED] src=server ip dst=125.88.102.23 sport=40917 dport=41027 use=1
udp      17 27 src=125.88.102.23 dst=server ip sport=41027 dport=6310 [UNREPLIED] src=server ip dst=125.88.102.23 sport=6310 dport=41027 use=1
udp      17 21 src=125.88.102.23 dst=server ip sport=41027 dport=21286 [UNREPLIED] src=server ip dst=125.88.102.23 sport=21286 dport=41027 use=1
udp      17 27 src=125.88.102.23 dst=server ip sport=41027 dport=25339 [UNREPLIED] src=server ip dst=125.88.102.23 sport=25339 dport=41027 use=1
udp      17 22 src=125.88.102.23 dst=server ip sport=41027 dport=23196 [UNREPLIED] src=server ip dst=125.88.102.23 sport=23196 dport=41027 use=1
udp      17 29 src=125.88.102.23 dst=server ip sport=41027 dport=36475 [UNREPLIED] src=server ip dst=125.88.102.23 sport=36475 dport=41027 use=1
udp      17 24 src=125.88.102.23 dst=server ip sport=41027 dport=4177 [UNREPLIED] src=server ip dst=125.88.102.23 sport=4177 dport=41027 use=1
udp      17 29 src=125.88.102.23 dst=server ip sport=41027 dport=40803 [UNREPLIED] src=server ip dst=125.88.102.23 sport=40803 dport=41027 use=1
udp      17 25 src=125.88.102.23 dst=server ip sport=41027 dport=11020 [UNREPLIED] src=server ip dst=125.88.102.23 sport=11020 dport=41027 use=1
udp      17 28 src=125.88.102.23 dst=server ip sport=41027 dport=56995 [UNREPLIED] src=server ip dst=125.88.102.23 sport=56995 dport=41027 use=1
udp      17 29 src=125.88.102.23 dst=server ip sport=41027 dport=16474 [UNREPLIED] src=server ip dst=125.88.102.23 sport=16474 dport=41027 use=1
udp      17 29 src=125.88.102.23 dst=server ip sport=41027 dport=8888 [UNREPLIED] src=server ip dst=125.88.102.23 sport=8888 dport=41027 use=1


I did used the rule access Y deny all 125.88.102.23 any all #Flood! but did not helped! The trafic was same high on the download, 16 MG. Is there anyway to stop this king of attack in the future? I mean is there any rule that can stop this king of conections??

Thank you!
Wilfull
 
Voltar ao topo

Re: Flood Attack!

Mensagempor abdopcnet » Dom Out 04, 2009 5:49 pm

Advanced Firewall Configuration> Edit Configuration File
this is working
#block site ip
access Y deny all 84.45.70.83 all all
abdopcnet
 
Voltar ao topo
Tópico trancado

Voltar para BrazilFW 2.x - English Forum

Quem está online

Usuários navegando neste fórum: Nenhum usuário registrado e 1 visitante

Desenvolvido por phpBB® Forum Software © phpBB Group
Prosilver_SE Style modificado por Reginaldo Melo em Agosto de 2018
Traduzido por: Suporte phpBB