Hello everybody,
There is 2-3 days an User on KVM did DDOS attack ..
I would you like to know if it's possible to block this , to disable or minimize a bad user.
I think about this :
If an user do more than x SYN_ACK then qm suspend the vmid or iptables ban the ip on UDP , ICMP ..
What i'm doing :
A script to protect the outgoing trafic if anybody want to contribue ..
There is 2-3 days an User on KVM did DDOS attack ..
I would you like to know if it's possible to block this , to disable or minimize a bad user.
I think about this :
If an user do more than x SYN_ACK then qm suspend the vmid or iptables ban the ip on UDP , ICMP ..
What i'm doing :
A script to protect the outgoing trafic if anybody want to contribue ..
Last edited: