Raised This Month: $ Target: $400
 0% 

things to protect your game server


Post New Thread Reply   
 
Thread Tools Display Modes
Author Message
Timiditas
Senior Member
Join Date: Apr 2009
Old 10-05-2009 , 20:54   Re: things to protect your game server
Reply With Quote #1

Quote:
Originally Posted by BrutalGoerge View Post
if you have linux, and shell access, nothing beats these iptables rules for rcon exploit protection
that way u block all tcp requests to the server, and have a white list of IP's that you allow to access rcon.

cmer is the one who originally posted it here.

eth0 assuming thats where ur internet lives

Code:
iptables -A INPUT -i eth0 -p tcp --dport 27015 -j DROP
iptables -A INPUT -i eth0 -p tcp --dport 27015 -s My_ip -j ACCEPT

iptables-save > /etc/sysconfig/iptables
This should have been built straight into the source engine!


/me wonders if this could be hacked in by an extension... most gameserver hosts do not allow shell access
__________________


Last edited by Timiditas; 10-05-2009 at 20:57.
Timiditas is offline
cmer
Member
Join Date: Apr 2009
Old 10-08-2009 , 02:57   Re: things to protect your game server
Reply With Quote #2

If you have the opportunity to manage your firewalls there is also the rule

Code:
# Creation chaine rejet du flood udp 28
iptables -N REJECT_FLOOD28
iptables -A REJECT_FLOOD28 -j LOG --log-prefix 'IPTABLES-FLOOD LENGTH 28: ' --log-level info
iptables -A REJECT_FLOOD28 -j DROP

# Drop des flood longueur paquet sur UDP
iptables -A INPUT -i eth0 -p udp --dport 27015 -m length --length 28 -j REJECT_FLOOD28
iptables -A INPUT -i eth0 -p udp --dport 27025 -m length --length 28 -j REJECT_FLOOD28
iptables -A INPUT -i eth0 -p udp --dport 27050 -m length --length 28 -j REJECT_FLOOD28
iptables -A INPUT -i eth0 -p udp --dport 28000 -m length --length 28 -j REJECT_FLOOD28
iptables -A INPUT -i eth0 -p udp --dport 29000 -m length --length 28 -j REJECT_FLOOD28


# Creation chaine rejet du flood udp 46
iptables -N REJECT_FLOOD46
iptables -A REJECT_FLOOD46 -j LOG --log-prefix 'IPTABLES-FLOOD LENGTH 46: ' --log-level info
iptables -A REJECT_FLOOD46 -j DROP

# Drop des flood longueur paquet sur UDP
iptables -A INPUT -i eth0 -p udp --dport 27015 -m length --length 46 -j REJECT_FLOOD46
iptables -A INPUT -i eth0 -p udp --dport 27025 -m length --length 46 -j REJECT_FLOOD46
iptables -A INPUT -i eth0 -p udp --dport 27050 -m length --length 46 -j REJECT_FLOOD46
iptables -A INPUT -i eth0 -p udp --dport 28000 -m length --length 46 -j REJECT_FLOOD46
iptables -A INPUT -i eth0 -p udp --dport 29000 -m length --length 46 -j REJECT_FLOOD46
you have the ip of the people you DDOS in /var/log/message and someone will drop the firewalls
__________________


cmer is offline
Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 18:25.


Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Theme made by Freecode