OVHcloud Community

Welcome to your community space. Ask questions, search for information, post content, and interact with other OVHcloud Community members.

Massive attacks with botnet ( I can't fix this issue, help please )

dedicatedservers

#1

Hello, good morning, i have come to ask for help in this forum, i have been with a problem in my dedicated servers for several weeks and i no longer know what i must to do, i’am desperate with the problem that i come to comment today.

I have a minecraft network, i’m using two dedicated servers, I have tried using ovh servers, soyoustart, and another hosting providers.

The ovh technical service is not able to help me, they have permanently mitigated my servers and the attack persists.

Someone is using a botnet to consume the entire network of my servers, in the ovh panel I have 1gbps in use while the attack persists, the ovh mitigation system cannot stop it, I have verified using some ubuntu tools that the attack comes from From a botnet, thousands of Chinese, Korean, Japanese ips and from many other countries connect to my server at a super fast speed, they saturate my network and make the server go super lagged.

I leave a picture of the network consumption graph :

Days ago they attacked me, but apparently they stopped and I forgot about the problem, yesterday I received an attack of this type again and I no longer know how to protect my server, I have tried using soyoustart and ovh servers, both are unable to stop the attack.

Something that also surprised me a lot, is that while the attack persisted, all the ports were open, I did a scan using nmap and my firewall with iptables or ufw did not work, all the ports were exposed, I think the attack saturated the kernel of ubuntu, I have tried reinstalling the servers several times, trying different operating systems, but I cannot find a solution.

I ask that if someone knows how to solve this problem, to help me, I have been thinking for many hours how to solve it but I do not know what to do, it is a problem that can happen to anyone, every day people look for new methods to attack the servers from ovh and other companies and I think this attack is proof of a new vulnerability.

Thank you for read, i’m Mario, greetings.