How do you ban those IP's from your box? Do you add routes to nowhere or have you applied some other techbnique ?
Do you have a windows server ? If you have 2008 try it via the firewall inbound rules, just add the ip and select block incomming connections or something like that Heres a link: http://support.gearhost.com/KB/a520/block-ip-address-with-windows-firewall-2008.aspx
Oh ok tya. I have a 2003 server atm and it doesn't seem to have a per IP blocking firewall. i'll go on with the route add command till I change to 2008.
for rented servers just use Daven's "sv addip" and "sv writeip" commands, that works 100%. I finally found the way to block IP's on 2003 servers without making the route table more heavy. That might be usefull to someone including me when i'll loose the address: Configure the IP Security Policy to block your first IP address Click “Start” and “Run” – type “MMC” and press OK. In the MMC, click “File” and “Add/Remove Snap In.” In the “Standalone” tab, click “Add.” Select “IP Security Policy Management” and click “Add.” Select “Local Computer” and click “Finish.” Close the “Add standalone Snap-in” window and click “OK” on the “Add/Remove Snap-in” window. Now that you are back in the MMC console, right-click on “IP Security Policies on Local Computer” in the left-hand pane and select “Create IP Security Policy.” Click “Next.” Enter a name (ex. IP Block List) and description into the boxes and click “Next.” Leave “Activate the default response rule” checked. Click “Next.” Leave “Active Directory default (Kerberos)” checked. Click “Next.” Leave “Edit properties” checked. Click “Finish.” The Properties box should be open. To add your first IP address, click “Add.” Make sure “Use Add Wizard” is checked beside the button. Click “Next” when the “Create IP Security Rule” wizard opens. Leave “This rule does not specify a tunnel” checked. Click “Next.” Select “All network connections” under Network Type (unless you want to specify by adapter). Click “Next.” You are now at the “IP Filter List.” The “All ICMP Traffic” and “All IP Traffic” options will not meet our needs; we will need to add another. Click “Add.” Name the IP Filter List (ex. Blocked IP List) and enter a description. Click “Add” to enter the first IP address to block. The “IP Filter Wizard” will pop up. Click “Next.” This will be the first IP address or IP range we enter to block. Enter a description (I usually enter the IP itself) and make sure “Mirrored” is selected below. This will ensure packets to/from are blocked, allowing you to create one rule instead of two. Click “Next.” Keep “Source Address” as “My IP Address” and click “Next.” Under “Destination Address” select “A specific IP Address” or “A specific IP Subnet.” If you select “Any IP address” it will block all IPs! Enter in the IP address in the fields below and click “Next.” Under “select protocol type” choose “Any” (means “All”) unless you specifically want to block from RDP (Remote Desktop), TCP or UDP, etc. Click “Next.” Click “Finish.” Now that you are back to the “IP Filter List” click “OK.” You will be back in the “IP Filter List” list in the Security Rule Wizard – make sure you select your new “Blocked IP List” and not “All IP Traffic” or “All ICMP Traffic.” Click “Next.” You will be taken to “Filter Action.” The lists: Permit, Request Security (Optional), and Require Security will not meet our needs. Click “Add.” In the “IP Security Filter Action” wizard, click “Next.” Select a name (ex. Block all Packets) and click “Next.” Select “Block” for the filter action behavior. Click “Next.” Click “Finish.” You are back to the “Filter Action” list. Select your new list (Block All Packets) and click “Next.” Click “Finish.” You are back to your IP Security Policy list (Blocked IP List) Properties. Click “OK.” Back in the “IP Security Policies on Local Computer” snap-in, you’ll need to assign the new policy. In the right-hand pane, right-click on your new list (IP Block List) and select “assign.” To make it easier the next time you wish to block an IP address, save the MMC Snap-in configuration as a shortcut. Go to “File” and “Save As” and save it on your Desktop or Start Menu. To Block Additional IP Addresses Enter the IP Block List snap-in you saved. In the right-hand pane double-click your IP Block List. Under “IP Filter List” select the newly created “Blocked IP List” and click “Edit.” Make sure “Use Add Wizard” is checked. Under “IP Filter Lists” select your “Blocked IP List” (not All ICMP or IP Traffic) and click “Edit.” You are now in the “Add IP wizard” area. You will see the first IP address you blocked in a listing under “IP Filters.” Click “Add.” Follow all previous steps to add the IP address you wish to block. Once finished, exit all dialog boxes. You may need to restart the server for the settings to take effect.
merci mon ami!!!C'est merveilleux!!! I already use it daven before the time it gave me also said how toset it up
Well I guess I am not alone. I use Davens patch but it the getstatus still floods in. All the Ip's come from other servers and a google search has them all using gametracker
I blocked the ip's in server 2008 firewall and it worked. I wonder why Davens patches did not work for me.
yes and all other server browsers too, including downloadable overflowers like those we posted above. That would be beneficial to all if anyone getting overflowed post the IP's asap so other people can block those before getting attacked.
For some reason the 66.150.121.181 is getting around windows 2008 firewall even though its blocked. I also see an occasional 108.61.78.148 : -15046
SV packet 94.23.153.11:22003 : getstatus ...damn everytime I start the server it crush cause of this! one more to add
Rented SH server! Damn tonight it crashed my server again..2 times! This brings me to madness. Also I'm trying to add these IPs in listip.cfg via sv addip command but after some time the listip.cfg delete it's content!
Why do you people have this? I run like 9 servers and not even one crashed because off the get status. Edit: I just searched for port 22003, it looks like its an (FTP) Remote System Access Exploit not for moh but something called Farmers WIFE 4.4 SP1, don't ask me what that is Port 27017: Port used by Valve Steam Friends, an instant messaging protocol that is built into Steam, Counter-Strike, Xpire, MBL TF2 Tango. - Remote Buffer Overflow Exploit - Port 27015: Port used by Steam servers for online gaming, Half-Life and its mods, such as Counter-Strike. Empire: Total War, developer: The Creative Assembly Left 4 Dead, developer: Valve Corporation Team Fortress 2, developer: Valve - Remote Buffer Overflow Exploit -
