<div>If your servers are being crashed due to the 'stat 7' packet exploit, use the following iptables rules to block that particular packet:</div>
<div> </div>
<div>-A PREROUTING -m string --hex-string "|737461747300007907|" --algo kmp --to 65535 -j LOG --log-prefix "COD4STATS_EXPLOIT "<br>-A PREROUTING -m string --hex-string "|737461747300007907|" --algo kmp --to 65535 -j DROP<br>
</div>
<div>The first rule will log the attempt to syslog, the second will drop the packet.</div>
<div><br>-- <br>Geoff Goas<br>Network Engineer </div>