
<div><div dir="auto">Server software firewall cannot help with ddos attacks.</div></div><div dir="auto">Basically if those are indeed ddos attacks you’ll have to look into mitigation solutions which are quite expensive. CloudFlare won’t work as well since they do not support streaming.</div><div dir="auto">You should consider getting a server at a data center which provide ddos mitigation, I know that OVH’s mitigation is quite good.</div><div><br><div class="gmail_quote"><div>בתאריך יום ג׳, 5 ביוני 2018 ב-23:10 מאת Alejandro Flores <<a href="mailto:alex@mordormx.net">alex@mordormx.net</a>>:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0.8ex;border-right-width:1px;border-right-style:solid;border-right-color:rgb(204,204,204);padding-right:1ex"><div>may be this url can help<div><br></div><div><a href="https://icecast.imux.net/viewtopic.php?p=7084&sid=6ce1e17b6ad49e0a24be0e60b526f760" target="_blank">https://icecast.imux.net/viewtopic.php?p=7084&sid=6ce1e17b6ad49e0a24be0e60b526f760</a><br></div><div><br></div><div><br></div><div>"</div><table width="100%" border="0" cellspacing="0" cellpadding="0" style="color:rgb(0,0,0);font-family:Verdana,Arial,Helvetica,sans-serif;background-color:rgb(229,229,229)"><tbody><tr><td width="100%" style="font-family:Verdana,Arial,Helvetica,sans-serif"><a href="https://icecast.imux.net/viewtopic.php?p=7579&sid=149783b084f48b41a22bfe472e82d97a#7579" style="color:rgb(0,0,102)" target="_blank"><img src="https://icecast.imux.net/templates/subRebel/images/icon_minipost.gif" width="12" height="9" alt="Post" title="Post" border="0"></a><span class="m_-8505410056051962050gmail-postdetails" style="font-size:10px">Posted: Mon Jan 29, 2007 12:14 pm<span class="m_-8505410056051962050gmail-gen" style="font-size:12px"> </span>   Post subject: </span></td><td valign="top" nowrap style="font-family:Verdana,Arial,Helvetica,sans-serif"><a href="https://icecast.imux.net/posting.php?mode=quote&p=7579&sid=149783b084f48b41a22bfe472e82d97a" style="color:rgb(0,0,102)" target="_blank"><img src="https://icecast.imux.net/templates/subRebel/images/lang_english/icon_quote.gif" alt="Reply with quote" title="Reply with quote" border="0"></a></td></tr><tr><td colspan="2" style="font-family:Verdana,Arial,Helvetica,sans-serif"><hr style="height:0px;border-right-width:0px;border-bottom-width:0px;border-left-width:0px;border-style:solid;border-color:rgb(229,229,229)"></td></tr><tr><td colspan="2" style="font-family:Verdana,Arial,Helvetica,sans-serif"><span class="m_-8505410056051962050gmail-postbody" style="font-size:12px;line-height:18px">These firewall rules (iptables) could help: <br><br></span><table width="90%" cellspacing="1" cellpadding="3" border="0" align="center"><tbody><tr><td style="font-family:Verdana,Arial,Helvetica,sans-serif"><span class="m_-8505410056051962050gmail-genmed" style="font-size:11px"><b>Code:</b></span></td></tr><tr><td class="m_-8505410056051962050gmail-code" style="font-family:Courier,"Courier New",sans-serif;font-size:11px;color:rgb(204,0,0);background-color:rgb(250,250,250);border:1px solid rgb(229,229,229)">iptables -A INPUT -p tcp --dport 8000 -m state --state NEW -m recent -i eth0 --set --name ICECAST -j ACCEPT <br>iptables -A INPUT -p tcp --dport 8000 -m recent -i eth0 --update --seconds 60 --hitcount 4 --rttl --name ICECAST -j LOG --log-prefix "ICECAST_too_many_connections" <br>iptables -A INPUT -p tcp --dport 8000 -m recent -i eth0 --update --seconds 60 --hitcount 4 --rttl --name ICECAST -j DROP</td></tr></tbody></table><span class="m_-8505410056051962050gmail-postbody" style="font-size:12px;line-height:18px"><br><br>This allows three connections within a minute by the same IP, the forth will cause the IP to be blocked for another minute.<br><br></span><span class="m_-8505410056051962050gmail-gensmall" style="font-size:10px"></span></td></tr></tbody></table></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Jun 5, 2018 at 3:07 PM, Victor Moreno <span><<a href="mailto:vitjam@gmail.com" target="_blank">vitjam@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0.8ex;border-right-width:1px;border-right-style:solid;border-right-color:rgb(204,204,204);padding-right:1ex"><div>


<br class="m_-8505410056051962050m_-4659672267889846992gmail-Apple-interchange-newline"><font face="arial, helvetica, sans-serif" size="4"><span style="color:rgb(33,33,33);font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:left;text-indent:0px;text-transform:none;white-space:pre-wrap;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">I ask because I only receive attacks when I activate icecast. I can not do anything at the application level ?.</span>  i used ubuntu server 16.04. thanks.</font><br></div><div class="gmail_extra"><br><div class="gmail_quote">2018-06-05 14:52 GMT-05:00 Alejandro Flores <span><<a href="mailto:alex@mordormx.net" target="_blank">alex@mordormx.net</a>></span>:<br><blockquote class="gmail_quote" style="margin:0px 0px 0.8ex;border-right-width:1px;border-right-style:solid;border-right-color:rgb(204,204,204);padding-right:1ex"><div>I think you should contact to your connectivity provider, hopefully they can provide you the Anti DDOS protection.<div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote"><div><div class="m_-8505410056051962050m_-4659672267889846992h5">On Tue, Jun 5, 2018 at 2:16 PM, Victor Moreno <span><<a href="mailto:vitjam@gmail.com" target="_blank">vitjam@gmail.com</a>></span> wrote:<br></div></div><blockquote class="gmail_quote" style="margin:0px 0px 0.8ex;border-right-width:1px;border-right-style:solid;border-right-color:rgb(204,204,204);padding-right:1ex"><div><div class="m_-8505410056051962050m_-4659672267889846992h5"><div>


<span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">Hi.</span><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial"><br></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial">I have a problem with the icecast. When I activate the service I am having an exesive consumption in the ip queries. It seems like a DDOS attack. How can I mitigate this attack?<br></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial"><br></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial">Thanks.</div>


<div><br></div>

</div>

<br></div></div>_______________________________________________<br>

Icecast mailing list<br>

<a href="mailto:Icecast@xiph.org" target="_blank">Icecast@xiph.org</a><br>

<a href="http://lists.xiph.org/mailman/listinfo/icecast" rel="noreferrer" target="_blank">http://lists.xiph.org/mailman/listinfo/icecast</a><br>

<br></blockquote></div><span class="m_-8505410056051962050m_-4659672267889846992HOEnZb"><font color="#888888"><br><br clear="all"><span class="m_-8505410056051962050HOEnZb"><font color="#888888"><div><br></div>-- <br><div class="m_-8505410056051962050m_-4659672267889846992m_-8245064389153071776gmail_signature" data-smartmail="gmail_signature">Alejandro Flores L.<br>LIA. CEH. VCP.<br>5513998178</div>

</font></span></font></span></div><span class="m_-8505410056051962050HOEnZb"><font color="#888888">

<br>_______________________________________________<br>

Icecast mailing list<br>

<a href="mailto:Icecast@xiph.org" target="_blank">Icecast@xiph.org</a><br>

<a href="http://lists.xiph.org/mailman/listinfo/icecast" rel="noreferrer" target="_blank">http://lists.xiph.org/mailman/listinfo/icecast</a><br>

<br></font></span></blockquote></div><span class="m_-8505410056051962050HOEnZb"><font color="#888888"><br><br clear="all"><div><br></div>-- <br><div class="m_-8505410056051962050m_-4659672267889846992gmail_signature" data-smartmail="gmail_signature"><div><font size="2">Victor Moreno</font><div><font size="2">Ingeniero Electrónico</font></div><div><font size="2">3177684646</font></div></div></div>

</font></span></div>

<br>_______________________________________________<br>

Icecast mailing list<br>

<a href="mailto:Icecast@xiph.org" target="_blank">Icecast@xiph.org</a><br>

<a href="http://lists.xiph.org/mailman/listinfo/icecast" rel="noreferrer" target="_blank">http://lists.xiph.org/mailman/listinfo/icecast</a><br>

<br></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="m_-8505410056051962050gmail_signature" data-smartmail="gmail_signature">Alejandro Flores L.<br>LIA. CEH. VCP.<br>5513998178</div>

</div>

_______________________________________________<br>

Icecast mailing list<br>

<a href="mailto:Icecast@xiph.org" target="_blank">Icecast@xiph.org</a><br>

<a href="http://lists.xiph.org/mailman/listinfo/icecast" rel="noreferrer" target="_blank">http://lists.xiph.org/mailman/listinfo/icecast</a><br>

</blockquote></div></div>-- <br><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr">Yahav Shasha,<br>Web Developer<br>+972-(0)549214421<br><div><a href="http://www.linkedin.com/in/yahavs" target="_blank">http://www.linkedin.com/in/yahavs</a><br></div></div></div>