Search found 4 matches
- Fri Aug 21, 2015 3:16 am
- Forum: Dedicated servers and Virtual Dedicated Servers
- Topic: Firewall events log "type of TCP flood/14"
- Replies: 5
- Views: 1024
Re: Firewall events log "type of TCP flood/14"
Okay, looks like the attack was tcp-ack flooding (probably reflected) against a closed port. I don't know why it's so effective against our service, hopefully a rate-limit filter will help.
- Thu Aug 20, 2015 11:18 pm
- Forum: Dedicated servers and Virtual Dedicated Servers
- Topic: Firewall events log "type of TCP flood/14"
- Replies: 5
- Views: 1024
Re: Firewall events log "type of TCP flood/14"
We are doing that but not always right in time.soja wrote:While the server is lagging, you can use the packet capture tool in detailed mode to get a snapshot of the incoming packets to make a filter.
So if anyone knows what the number stands for, please inform me.
- Thu Aug 20, 2015 11:06 pm
- Forum: Dedicated servers and Virtual Dedicated Servers
- Topic: Firewall events log "type of TCP flood/14"
- Replies: 5
- Views: 1024
Re: Firewall events log "type of TCP flood/14"
Apparently it is detected too late. The laggs ingame are some minutes long before this event shows up. That's why I want to filter such attacks directly.
- Thu Aug 20, 2015 10:46 pm
- Forum: Dedicated servers and Virtual Dedicated Servers
- Topic: Firewall events log "type of TCP flood/14"
- Replies: 5
- Views: 1024
Firewall events log "type of TCP flood/14"
We are currently getting a lot of TCP flooding attacks. I have a short question regarding the log entry "TCP flood/14". What does the number 14 stand for? Does it represent some IP or TCP flags? Would help me setting up the filters.
Thanks in advance!
Thanks in advance!