<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<font size="-1"><font face="Verdana">Hi,<br>
yeah, my bad, had the TCP port open (not dropping) as other
games requires it for the rcon commands and didn't remember COD
is fully UDP ;)</font></font><br>
<br>
I'm having multiple networks "exploited" all of them were targeted
on a TCP port that was corresponding to the UDP port of a cod4
server :(<br>
(probably they pick up random cod4 servers knowing they generally
have good connectivity)<br>
<br>
Additionally these ones are reflection attacks too: all the packets
were obviosly spoofed (invalid TTL... many were from the US and a
252 tll to europe is impossible)<br>
So cod4 server operators: stay alert and check out possible SYN
floods on your boxes ;)<br>
<br>
(I realized only after sending the mail that ACK packets aren't
handled in userspace but by the OS ;) )<br>
<br>
Thanks for your reply :)<br>
</body>
</html>