Need help with UDP short packet/bad checksum exploit
Someone has been closing important processes/applications on my server using UDP short packet/bad checksum exploit:
Oct 19 23:13:23 ns308xxx kernel: [94000.179795] UDP: bad checksum. From 18.104.22.168:65535 to 94.23.xxx.xxx:1047 ulen 23
Oct 19 23:15:36 ns308xxx kernel: [94132.258814] UDP: bad checksum. From 22.214.171.124:65535 to 94.23.xxx.xxx:1047 ulen 23
ct 19 19:15:47 ns308xxx kernel: [79751.056498] UDP: short packet: From 126.96.36.199:51506 70/67 to 94.23.xxx.xxx:1035
Oct 19 19:15:47 ns308xxx kernel: [79751.076576] UDP: short packet: From 188.8.131.52:51506 70/67 to 94.23.xxx.xxx:1035
Oct 19 20:00:50 ns308xxx kernel: [82452.922808] UDP: short packet: From 184.108.40.206:4358 49320/66 to 94.23.xxx.xxx:1044
I host some call of duty game servers for my own gaming community & some friends also.A few months ago, we had shifted from leaseweb & hetzner to OVH only because of the DDOS protection.But now they are using other exploits to close our servers.
Is there anyway I can secure my server from such exploits? Any help would be highly appreciated.Thank you
You might need to close the ports 1035-1047, if you have an access to your firewall.
But in any case it might expand into a DDoS attack, so best advice is to get a server with ddos protection at some point and just make the hosting tech support to handle this matter.