I'm being attacked by 37.59.4.76. It's sending me a great amount of data, which is destroying my dataplan.
I've added the iptables
Chain num pkts bytes target prot opt in out source destination
DENYIN 400 0 0 DROP all -- !lo * 37.59.4.76 0.0.0.0/0
DENYOUT 216 0 0 DROP all -- * !lo 0.0.0.0/0 37.59.4.76
PREROUTING 439 0 0 REDIRECT tcp -- !lo * 37.59.4.76 0.0.0.0/0 multiport dports 80,2082,2095 redir ports 8888
PREROUTING 440 0 0 REDIRECT tcp -- !lo * 37.59.4.76 0.0.0.0/0 multiport dports 21 redir ports 8889
Event after a restart, the connection still persists.
PID USER PROGRAM SENT RECEIVED
? root 37.59.4.76:31108-62.212.77.240:39583 0.000 31.219 KB/sec
What can I do to counter this attack?