Those of you still running servers older than 1.5...
Geoff Goas
gitman at gmail.com
Sat Jun 28 15:30:23 EDT 2008
If your servers are being crashed due to the 'stat 7' packet exploit, use
the following iptables rules to block that particular packet:
-A PREROUTING -m string --hex-string "|737461747300007907|" --algo kmp --to
65535 -j LOG --log-prefix "COD4STATS_EXPLOIT "
-A PREROUTING -m string --hex-string "|737461747300007907|" --algo kmp --to
65535 -j DROP
The first rule will log the attempt to syslog, the second will drop the
packet.
--
Geoff Goas
Network Engineer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://icculus.org/pipermail/cod/attachments/20080628/8bfd353e/attachment.htm>
More information about the Cod
mailing list