I'm receiving several attacks and unfortunately they cause disruption in the connection between my dedication and my players, look at the attacks:
* Remembering ubunto use linux 32 bits, I have several scripts but none works effectively:
Some kind person could help me to minimize these attacks?
* Remembering ubunto use linux 32 bits, I have several scripts but none works effectively:
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere limit: avg 1/sec burst 2
LOG icmp -- anywhere anywhere limit: avg 1/sec burst 2 LOG level warning prefix `PING-DROP:'
DROP icmp -- anywhere anywhere
DROPLOG icmp -f anywhere anywhere
ACCEPT icmp -- anywhere anywhere state ESTABLISHED limit: avg 3/sec burst 8
RELATED_ICMP icmp -- anywhere anywhere state RELATED limit: avg 3/sec burst 8
ACCEPT icmp -- anywhere anywhere icmp echo-request limit: avg 3/sec burst 8
DROPLOG icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
DROP tcp -- anywhere anywhere multiport dports loc-srv,netbios-ns,netbios-dgm,netbios-ssn,microsoft-ds,ms-sql-s,ms-sql-m
DROP udp -- anywhere anywhere multiport dports loc-srv,netbios-ns,netbios-dgm,netbios-ssn,microsoft-ds,ms-sql-s,ms-sql-m
DROP all -- anywhere anywhere state INVALID
DROP tcp -- anywhere anywhere state NEW tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG
DROP tcp -- anywhere anywhere state NEW tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE
SYN_FLOOD tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN
DROP all -- 0.0.0.0/7 anywhere
DROP all -- 2.0.0.0/8 anywhere
DROP all -- 5.0.0.0/8 anywhere
DROP all -- 7.0.0.0/8 anywhere
DROP all -- 10.0.0.0/8 anywhere
DROP all -- 23.0.0.0/8 anywhere
DROP all -- 27.0.0.0/8 anywhere
DROP all -- 31.0.0.0/8 anywhere
DROP all -- 36.0.0.0/7 anywhere
DROP all -- 39.0.0.0/8 anywhere
DROP all -- 42.0.0.0/8 anywhere
DROP all -- 49.0.0.0/8 anywhere
DROP all -- 50-0-0-0.static.sonic.net/8 anywhere
DROP all -- drms-4d000000.pool.mediaWays.net/8 anywhere
DROP all -- 78-0-0-0.adsl.net.t-com.hr/7 anywhere
DROP all -- 92.0.0.0/6 anywhere
DROP all -- rev.opentransfer.com.0.0.0.96.in-addr.arpa/4 anywhere
DROP all -- 112.0.0.0/5 anywhere
DROP all -- 120.0.0.0/8 anywhere
DROP all -- link-local/16 anywhere
DROP all -- 172.16.0.0/12 anywhere
DROP all -- 173.0.0.0/8 anywhere
DROP all -- 174.0.0.0/7 anywhere
DROP all -- 176.0.0.0/5 anywhere
DROP all -- 184.0.0.0/6 anywhere
DROP all -- 192.0.2.0/24 anywhere
DROP all -- 197.0.0.0/8 anywhere
DROP all -- 198.18.0.0/15 anywhere
DROP all -- 223.0.0.0/8 anywhere
DROP all -- BASE-ADDRESS.MCAST.NET/3 anywhere
ACCEPT udp -- anywhere anywhere state NEW udp dpt:domain
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:domain
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:www
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:https
ACCEPT tcp -- anywhere anywhere state NEW tcp dptop3
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:imap2
ACCEPT tcp -- anywhere anywhere state NEW tcp dptop3s
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:smtp
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ftp
REJECTLOG all -- anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
DROPLOG icmp -f anywhere anywhere
DROPLOG icmp -- anywhere anywhere
DROP all -- anywhere anywhere state INVALID
REJECTLOG all -- anywhere anywhere
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
DROPLOG icmp -f anywhere anywhere
ACCEPT icmp -- anywhere anywhere state ESTABLISHED limit: avg 3/sec burst 8
RELATED_ICMP icmp -- anywhere anywhere state RELATED limit: avg 3/sec burst 8
ACCEPT icmp -- anywhere anywhere icmp echo-request limit: avg 3/sec burst 8
DROPLOG icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state NEW,RELATED,ESTABLISHED
DROP all -- anywhere anywhere state INVALID
ACCEPT udp -- anywhere anywhere state NEW udp dpt:domain
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:domain
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:www
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:https
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:submission
ACCEPT tcp -- anywhere anywhere state NEW tcp dptop3s
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ftp
ACCEPT udp -- anywhere anywhere state NEW udp spts:bootps:bootpc dpts:bootps:bootpc
ACCEPT udp -- anywhere anywhere state NEW udp dptpenvpn
REJECTLOG all -- anywhere anywhere
Chain ACCEPTLOG (0 references)
target prot opt source destination
LOG all -- anywhere anywhere limit: avg 3/sec burst 8 LOG level debug tcp-sequence tcp-options ip-options prefix `ACCEPT '
ACCEPT all -- anywhere anywhere
Chain DROPLOG (7 references)
target prot opt source destination
LOG all -- anywhere anywhere limit: avg 3/sec burst 8 LOG level debug tcp-sequence tcp-options ip-options prefix `DROP '
DROP all -- anywhere anywhere
Chain REJECTLOG (3 references)
target prot opt source destination
LOG all -- anywhere anywhere limit: avg 3/sec burst 8 LOG level debug tcp-sequence tcp-options ip-options prefix `REJECT '
REJECT tcp -- anywhere anywhere reject-with tcp-reset
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
Chain RELATED_ICMP (2 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp parameter-problem
DROPLOG all -- anywhere anywhere
Chain SYN_FLOOD (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere limit: avg 2/sec burst 6
DROP all -- anywhere anywhere
Some kind person could help me to minimize these attacks?
Last edited: