search for: icecast_too_many_connect

I ask because I only receive attacks when I activate icecast. I can not do anything at the application level ?. i used ubuntu server 16.04. thanks. 2018-06-05 14:52 GMT-05:00 Alejandro Flores <alex at mordormx.net>: > I think you should contact to your connectivity provider, hopefully they > can provide you the Anti DDOS protection. > > > On Tue, Jun 5, 2018 at 2:16 PM,

...These firewall rules (iptables) could help: *Code:* iptables -A INPUT -p tcp --dport 8000 -m state --state NEW -m recent -i eth0 --set --name ICECAST -j ACCEPT iptables -A INPUT -p tcp --dport 8000 -m recent -i eth0 --update --seconds 60 --hitcount 4 --rttl --name ICECAST -j LOG --log-prefix "ICECAST_too_many_connections" iptables -A INPUT -p tcp --dport 8000 -m recent -i eth0 --update --seconds 60 --hitcount 4 --rttl --name ICECAST -j DROP This allows three connections within a minute by the same IP, the forth will cause the IP to be blocked for another minute. On Tue, Jun 5, 2018 at 3:07 PM, Victor Mo...

...uld help: > > *Code:* > iptables -A INPUT -p tcp --dport 8000 -m state --state NEW -m recent -i > eth0 --set --name ICECAST -j ACCEPT > iptables -A INPUT -p tcp --dport 8000 -m recent -i eth0 --update --seconds > 60 --hitcount 4 --rttl --name ICECAST -j LOG --log-prefix > "ICECAST_too_many_connections" > iptables -A INPUT -p tcp --dport 8000 -m recent -i eth0 --update --seconds > 60 --hitcount 4 --rttl --name ICECAST -j DROP > > This allows three connections within a minute by the same IP, the forth > will cause the IP to be blocked for another minute. > > > On T...