Source query status ddos.

[soja]

I will give the control panel firewall a shot, it is on a managed linux machine we rent.

The list is 17302 IPs for our most effected server.

Thanks John

[Edge100x]

The long the better!

Make sure to also include the gametracker IPs, but possibly as a separate rule with a rate-limit, as the attackers have sometimes spoofed them in the past.

[soja]

Yeah I am working on whitelisting the master servers, gt ips, our webserver, etc.

I can't get it to show up in my server browser still though, the server might need a map change or something to get back into contact with the master server(s)?

EDIT: NVM forgot to whitelist MY IP lol

[soja]

Sorry for double post.

John, since the firewall has been exploited on all of our managed windows machines, does that mean the rules in the firewall tab for servers on those machines will do nothing?

If so, are there any alternative ways to create a whitelist for the servers on these machines?

[Edge100x]

When you say "exploited", do you mean "disabled"?

The Windows firewall would be useless for blocking large numbers of IP addresses anyhow. It just does not have the performance to do it.

Due to the performance issue that I mentioned before, we can't block large numbers of IP addresses for you at our router at present. We are waiting patiently for a software update that will make this possible, but the developer is very busy and has had to push it back now for a year or so.

[soja]

Yeah, the firewall on all 3 of our windows machines was disabled due to it being used to lock up the machines.

Luckily most of the servers that are being targeted are on linux, but we are basically at the mercy of this attacker. We have been under attack for roughly 20 hours now, and still going.