How can I drop all packets on windows server that are containing a specific string? The string is: TSource
Windows Firewall doesn't seem to have this kind of option.
Asked
Active
Viewed 181 times
0
-
I wouldn't do anything like this on a firewall and that is the most likely reason it is not available. This will cause unexpected behavior in unexpected places. For example, loading this question via the firewall would cause a partial page to be loaded and then TCP would try to re-send the packet containing the string until it finally gives up. What is the actual problem you are trying to solve? – Tero Kilkanen Aug 22 '16 at 09:17
-
We are under DDoS. It's not powerful, but it makes our game server crash. Fortunately It is an option to completely drop those packet that are containing the word "TSource", as it wouldn't cause any issues, but rather fix our problem. http://i.imgur.com/RHw4RJY.jpg – krisk Aug 22 '16 at 09:37
-
Have you informed your hosting provider about it? They should have DDoS mitigation available... – Tero Kilkanen Aug 22 '16 at 10:39
-
Yes I did. They are working on it, but in the meanwhile I'm looking for alternative solutions. We have more than enough bandwidth (Only the application crashes), so one of them would be to simply drop all packets that are containing the word "TSource". – krisk Aug 22 '16 at 10:55
1 Answers
0
Windows Firewall cannot do this for you because it is working on network and transport layers while your task requires software working on application layer (application firewall).
user1700494
- 1,642
- 2
- 12
- 21
-
I was able to solve this issue on Linux using iptables, so i thought I will be able to achieve the same thing on Windows. – krisk Aug 22 '16 at 14:26