21 Feb
2021
21 Feb
'21
11:12 a.m.
On 2/20/21 12:29 PM, niftybunny wrote:
We already changed the timers on the TCP connections and we have scripts running which are blocking IPs who will send us x0000 connections. Right now they changed tactics and for me it looks like SYNC flood from datacenter IP ranges and a few 100 IPs which undermine the easy blocking.
Would an iptables ruel with "recent" and "limit" be a solution here ? If yes, how do you use that (do you have a code snippet)?
-- Toralf