Tekil Mesaj gösterimi - a2s/dos attack saldırı hakkinda

Konu a2s/dos attack saldırı hakkinda

07-05-2017, 19:52:15

#1

WASPGENTR

Kimlik doğrulama veya yönetimden onay bekliyor.

Merhaba değerli üstadlar,

Uzun yıllardır birçok dc'de Counter-strike sunucuları barındırmaktayız. şuanda cs:go oyunununda turkiyede cok kaliteli sunucular yönetmekteydik. Fakat son haftalar değişik bir saldırı türüyle karşı karşıyayız, siz üstadların hatta dc sahiplerinin bu konuda fikrini almak istiyorum.

Sadecehosting ve DGN dc sinde bulunan sunucularımızda firewall aktif. Fakat bu firewaller bu saldırıyı tespit edememektedirler.

Saldırı şu sekilde gerceklesıyor. Sunucular aslında server tarafında aktif. a2s_info ddos saldırısı gerçekleştiği anda cs:go'nun sunucu listesinde serverlar kapalı olarak gözüküyor. ama server(bizim makine tarafında hepsi aktif gozukuyor.) oyun sunucusunun consoluna baktığımda aşağıdaki şekilde spoof ip'lerde sayısız erişim gozukmektedir.

Alıntı

RejectConnection: 95.12.157.180:52181 - Invalid cross-play platform id

RejectConnection: 88.234.72.49:54156 - Invalid cross-play platform id

RejectConnection: 88.234.72.49:54156 - Invalid cross-play platform id

RejectConnection: 88.234.72.49:54156 - Invalid cross-play platform id

RejectConnection: 212.175.247.213:54770 - Invalid cross-play platform id

RejectConnection: 212.175.247.213:54770 - Invalid cross-play platform id

RejectConnection: 212.175.247.213:54770 - Invalid cross-play platform id

RejectConnection: 78.175.72.197:52419 - Invalid cross-play platform id

RejectConnection: 78.175.72.197:52419 - Invalid cross-play platform id

RejectConnection: 78.175.72.197:52419 - Invalid cross-play platform id

RejectConnection: 78.172.4.116:50429 - Invalid cross-play platform id

RejectConnection: 78.172.4.116:50429 - Invalid cross-play platform id

RejectConnection: 78.172.4.116:50429 - Invalid cross-play platform id

RejectConnection: 78.161.137.115:52763 - Invalid cross-play platform id

RejectConnection: 78.161.137.115:52763 - Invalid cross-play platform id

RejectConnection: 78.161.137.115:52763 - Invalid cross-play platform id

RejectConnection: 78.186.45.220:53088 - Invalid cross-play platform id

RejectConnection: 78.186.45.220:53088 - Invalid cross-play platform id

RejectConnection: 78.186.45.220:53088 - Invalid cross-play platform id

RejectConnection: 88.228.124.107:50020 - Invalid cross-play platform id

RejectConnection: 88.228.124.107:50020 - Invalid cross-play platform id

RejectConnection: 88.228.124.107:50020 - Invalid cross-play platform id

RejectConnection: 78.181.33.1:50580 - Invalid cross-play platform id

RejectConnection: 78.181.33.1:50580 - Invalid cross-play platform id

RejectConnection: 78.181.33.1:50580 - Invalid cross-play platform id

RejectConnection: 78.169.45.234:51709 - Invalid cross-play platform id

RejectConnection: 78.169.45.234:51709 - Invalid cross-play platform id

RejectConnection: 78.169.45.234:51709 - Invalid cross-play platform id

RejectConnection: 88.239.250.220:51354 - Invalid cross-play platform id

RejectConnection: 88.239.250.220:51354 - Invalid cross-play platform id

RejectConnection: 88.239.250.220:51354 - Invalid cross-play platform id

RejectConnection: 88.233.228.202:54971 - Invalid cross-play platform id

RejectConnection: 88.233.228.202:54971 - Invalid cross-play platform id

RejectConnection: 88.233.228.202:54971 - Invalid cross-play platform id

RejectConnection: 81.213.180.177:54334 - Invalid cross-play platform id

RejectConnection: 81.213.180.177:54334 - Invalid cross-play platform id

RejectConnection: 81.213.180.177:54334 - Invalid cross-play platform id

RejectConnection: 88.248.230.39:53671 - Invalid cross-play platform id

RejectConnection: 88.248.230.39:53671 - Invalid cross-play platform id

RejectConnection: 88.248.230.39:53671 - Invalid cross-play platform id

RejectConnection: 78.190.209.222:51210 - Invalid cross-play platform id

RejectConnection: 78.190.209.222:51210 - Invalid cross-play platform id

RejectConnection: 78.190.209.222:51210 - Invalid cross-play platform id

RejectConnection: 212.156.44.215:54022 - Invalid cross-play platform id

RejectConnection: 212.156.44.215:54022 - Invalid cross-play platform id

RejectConnection: 212.156.44.215:54022 - Invalid cross-play platform id

RejectConnection: 88.230.67.125:52358 - Invalid cross-play platform id

RejectConnection: 88.230.67.125:52358 - Invalid cross-play platform id

RejectConnection: 88.230.67.125:52358 - Invalid cross-play platform id

RejectConnection: 95.8.89.118:54705 - Invalid cross-play platform id

RejectConnection: 95.8.89.118:54705 - Invalid cross-play platform id

RejectConnection: 95.8.89.118:54705 - Invalid cross-play platform id

RejectConnection: 88.231.201.132:52180 - Invalid cross-play platform id

RejectConnection: 88.231.201.132:52180 - Invalid cross-play platform id

RejectConnection: 88.231.201.132:52180 - Invalid cross-play platform id

RejectConnection: 95.15.126.48:50273 - Invalid cross-play platform id

RejectConnection: 95.15.126.48:50273 - Invalid cross-play platform id

RejectConnection: 95.15.126.48:50273 - Invalid cross-play platform id

RejectConnection: 95.1.16.142:51938 - Invalid cross-play platform id

RejectConnection: 95.1.16.142:51938 - Invalid cross-play platform id

RejectConnection: 95.1.16.142:51938 - Invalid cross-play platform id

RejectConnection: 88.225.103.31:54567 - Invalid cross-play platform id

RejectConnection: 88.225.103.31:54567 - Invalid cross-play platform id

RejectConnection: 88.225.103.31:54567 - Invalid cross-play platform id

RejectConnection: 78.179.183.204:53014 - Invalid cross-play platform id

RejectConnection: 78.179.183.204:53014 - Invalid cross-play platform id

RejectConnection: 78.179.183.204:53014 - Invalid cross-play platform id

RejectConnection: 78.168.83.253:53992 - Invalid cross-play platform id

RejectConnection: 78.168.83.253:53992 - Invalid cross-play platform id

RejectConnection: 78.168.83.253:53992 - Invalid cross-play platform id

RejectConnection: 78.163.13.180:51131 - Invalid cross-play platform id

RejectConnection: 78.163.13.180:51131 - Invalid cross-play platform id

RejectConnection: 78.163.13.180:51131 - Invalid cross-play platform id

IP rate limit under distributed packet load (2392 buckets, 15307 global count), rejecting 85.111.16.250:50531.

Bu saldırıyı DGN firewall tespit edemiyor, sadecehosting tarafındada durum bu şekilde. cs:go sunucuları down olarak gozukmekte. gelen saldırıyı bir log dosyasında biriktiriyorum.

console_output.log dosyasında bu ipleri yazdırıyorum sonra bu dosyadan

cat console_output.log | grep "RejectConnection" | uniq -u komutu ile saldıran ipleri süzüyorum.

acaba bu ipleri bir script ile iptables ile otomatik banlamanın bir yolu yokmudur ? bunları nasıl engelleyebiliriz.

Saygılarımla.