- Ошибка
-
No error. Server offline in favorites, HLSW and gametracker
- ОС
- Linux
- Amx Mod X
-
AMX Mod X 1.8.2
- Билд
-
ReHLDS version: 3.4.0.668-dev
- ReGamedll
-
ReGameDLL version: 5.7.0.312-dev
- Версия Metamod
-
Metamod-r v1.3.0.128
- Список метамодулей
-
[ 1] SafeNameAndChat RUN - SafeNameAndChat.so v1.1 ini ANY ANY
[ 2] AMX Mod X RUN - amxmodx_mm_i386.so v1.8.2 ini Start ANY
[ 3] Reunion RUN - reunion_mm_i386.so v0.1.0.133 ini Start Never
[ 4] WHBlocker RUN - whblocker_mm_i386.so v1.5.695 ini Chlvl ANY
[ 5] Revoice RUN - revoice_mm_i386.so v0.1.0.32 ini Start Never
[ 6] ReAuthCheck RUN - reauthcheck_mm_i386.so v0.1.6 ini Start Never
[ 7] Rechecker RUN - rechecker_mm_i386.so v2.5 ini Chlvl ANY
[ 8] ReSemiclip RUN - resemiclip_mm_i386.so v2.3.9 ini Chlvl ANY
[ 9] Fun RUN - fun_amxx_i386.so v1.8.2 pl2 ANY ANY
[10] Engine RUN - engine_amxx_i386.so v1.8.2 pl2 ANY ANY
[11] FakeMeta RUN - fakemeta_amxx_i386.so v1.8.2 pl2 ANY ANY
[12] CStrike RUN - cstrike_amxx_i386.so v1.8.2-dev-fix pl2 ANY ANY
[13] CSX RUN - csx_amxx_i386.so v1.8.2 pl2 ANY ANY
[14] Ham Sandwich RUN - hamsandwich_amxx_i386.so v1.8.2 pl2 ANY ANY
[15] MySQL RUN - mysql_amxx_i386.so v1.8.2 pl2 ANY ANY
[16] ReAPI RUN - reapi_amxx_i386.so v5.6.0.156-dev pl2 ANY Never
[17] CSDM2 RUN - csdm_amxx_i386.so v2.1.3c-KWo pl2 ANY ANY
- Список плагинов
-
Not relevant
Hi,
For the past couple of days my server is being attacked with HLDS amplification attack.
I have a VPS rented with debian 9 on it.
I have bought the module by Fire/Asmodai and applied the iptables rules, but the attacks are still successful.
tcpdump shows the following:
I have also noticed this in the tcpdump (from a lot of different servers):
Iptables packets accepted/dropped:
Is there a new kind of attack? The module from Fire should be able to mitigate this? I have pm'd him but he's not online.
For the past couple of days my server is being attacked with HLDS amplification attack.
I have a VPS rented with debian 9 on it.
I have bought the module by Fire/Asmodai and applied the iptables rules, but the attacks are still successful.
tcpdump shows the following:
Код:
129.138.114.195.19232 > x.x.x.x.27015: [udp sum ok] UDP, length 25
0x0000: d4be d9b6 efa2 0027 0dfd b540 0800 45e0 .......'[email protected].
0x0010: 0035 7003 0000 7011 75e5 818a 72c3 5d7b .5p...p.u...r.]{
0x0020: 1227 4b20 6989 0021 2859 ffff ffff 5453 .'K.i..!(Y....TS
0x0030: 6f75 7263 6520 456e 6769 6e65 2051 7565 ource.Engine.Que^C
0x0040: 7279 00 ry.
Код:
89.40.233.58.27015 > x.x.x.x.27015: [udp sum ok] UDP, length 116
0x0000: d4be d9b6 efa2 0027 0dfd b540 0800 45e0 .......'[email protected].
0x0010: 0090 4fba 0000 f611 c1bd 5928 e93a 5d7b ..O.......Y(.:]{
0x0020: 1227 6987 6989 007c b4ae ffff ffff 4930 .'i.i..|......I0
0x0030: 4d69 7831 2e4c 614c 6561 6761 6e65 2e52 Mix1.LaLeagane.R
0x0040: 6f20 2320 5473 2e4c 616c 6561 6761 6e65 o.#.Ts.Laleagane
0x0050: 2e52 6f00 6465 5f64 7573 7432 0063 7374 .Ro.de_dust2.cst
0x0060: 7269 6b65 0043 6f75 6e74 6572 2d53 7472 rike.Counter-Str^C
0x0070: 696b 6500 0a00 000e 0064 6c00 0131 2e31 ike......dl..1.1
0x0080: 2e32 2e37 2f53 7464 696f 0091 8769 08fc .2.7/Stdio...i..
0x0090: 33fa 9d2e 4001 0a00 0000 0000 0000 3...@.........
Код:
36492 2120910 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:27015:27016cs 1.6 packet
965376 40239110 DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:27015:27016
Последнее редактирование:
