Hi
I tried to reach you privately over the support email but I was directed to post here.
My TS3 server was DDoS’d last Friday, with a SYN flood with apparently forged IP’s. This lasted for roughly 8 hours and happened while I was away and couldn’t do anything for it during the event.
Due to this my server is now flagged at https://www.abuseipdb.com/ with loads of reports from various sources, with all having common TS 9987 or 10011 as source port. Also received one abuse report from my host, which they did on their side clear with the coinciding attack where they emailed me and said no action is currently required.
I am now a bit worried if this would happen again and am thinking about alternative ways to remove public access to prevent this altogether, which is a bit of a pickle as we do have >100 people joining us on Fridays so has some logistical challenges.
