UDP Inbound Attacks

2025-04-02

Hi everyone. (newb here)

I'm hoping to seek some help and/or information regarding recent UDP Inbound attacks that have been hammering my dedicated server.

I run one site on my dedicated server, which is from rackshack.net. For the last 3 days, I've been hammered with UDP Inbound attacks that have been non-stop. This morning at around 8am, the attacks stopped, only to start back up again just now.

This is just a portion of the info;

11:43:11.7223 211.23.132.90 -> 216.127.88.94 UDP Source port: 4715
Destination port: 25796
6 2003-01-29 11:43:11.7223 24.54.109.38 -> 216.127.88.94 UDP Source port:
3360 Destination port: 9816
11 2003-01-29 11:43:11.7226 212.38.46.170 -> 216.127.88.94 UDP Source
port: 31747 Destination port: 12962
12 2003-01-29 11:43:11.7226 24.57.33.124 -> 216.127.88.94 UDP Source port:
3719 Destination port: 64249
16 2003-01-29 11:43:11.7230 61.97.141.252 -> 216.127.88.94 UDP Source
port: 1150 Destination port: 50955
19 2003-01-29 11:43:11.7237 211.205.163.77 -> 216.127.88.94 UDP Source
port: 2140 Destination port: 38877
21 2003-01-29 11:43:11.7242 211.23.132.90 -> 216.127.88.94 UDP Source
port: 4716 Destination port: 25669
23 2003-01-29 11:43:11.7243 24.148.92.8 -> 216.127.88.94 UDP Source port:
3529 Destination port: 46001
54 2003-01-29 11:43:11.7256 24.245.0.198 -> 216.127.88.94 UDP Source port:
4431 Destination port: 16871
68 2003-01-29 11:43:11.7264 216.189.163.176 -> 216.127.88.94 UDP Source
port: 4325 Destination port: 7663
72 2003-01-29 11:43:11.7268 24.94.245.74 -> 216.127.88.94 TCP 1217 > 80
[ACK] Seq=214621681 Ack=3050913714 Win=17520 Len=0
73 2003-01-29 11:43:11.7268 24.247.44.251 -> 216.127.88.94 UDP Source
port: 3307 Destination port: 58662
78 2003-01-29 11:43:11.7273 24.207.35.150 -> 216.127.88.94 UDP Source
port: 4719 Destination port: 8990
79 2003-01-29 11:43:11.7274 216.127.88.94 -> 24.94.245.74 HTTP
Continuation

I was told by Rackshack they can't do anything about this because the attacks are outside their perimeter. Basically I was told to wait it out. My server is down, so that I don't end up paying for all this bandwidth the attacks are using.

My question is, with such an attack, is 'waiting it out' the only option that I have? Should I demand anything from Rackshack regarding this issue? This has been a very stressful and frustrating few days having to wait and hope the attacks subside, only to find they haven't.

Any help/info would be appreciated. Thanks.