This topic is locked
Hmmm, just to tell you, today I received more complains from a dumb admin (another u_u ) via my hosting company :S
Waiting for the shelushioooon!
This post has been edited by ipwnn00bs: 09 March 2012 - 06:35 PM
Advertisement
DRDoS
Rate Topic:
1 Votes
Server used as reflector fro DRDoS
MultiQuote
#202
|P|Nitro 
QA member
Posted 09 March 2012 - 06:57 PM
ok I have pm'd the solution to you please read it and if you agree with me on it, then please let me know but for the love of god dont reveal it otherwise we are back in the sh*t :/
Lian Li pc-o11dw Der 8auer Edition · Gigabyte x570 Aorus Xtreme · AMD Ryzen 9 5950x 16-Core
32GB DDR4 3800MHz CL16 · 2x 1TB Samsung NVMe RAID 0 · 16GB Radeon RX 6900XT Liquid Cooled
32GB DDR4 3800MHz CL16 · 2x 1TB Samsung NVMe RAID 0 · 16GB Radeon RX 6900XT Liquid Cooled
#203
ipwnn00bs
Posted 09 March 2012 - 06:59 PM
NITRO, on 09 March 2012 - 06:57 PM, said:
ok I have pm'd the solution to you please read it and if you agree with me on it, then please let me know but for the love of god dont reveal it otherwise we are back in the sh*t :/
Don't worry =)
Reading and answering you...
community dev
#205
Rambetter
Posted 09 March 2012 - 07:31 PM
jahtariii, on 09 March 2012 - 02:18 PM, said:
Hey, thx for your fix!!!
I did some ruff calculations... :) (I hope they are right, hehe)
Your fist fix limited the amount of traffic beeing send to a victim from a single server to 3 msgs per 2 sec. That means 180 msg in 2min from one server.
The latest fix now limits the nr. of msgs send to a victim to 3 msgs in 2min (if the flooder does not lower its sending rate).
This means that with the latest version/fix 98% less unnecessary traffic is beeing send.
-> Thats quite nice!!!
I did some ruff calculations... :) (I hope they are right, hehe)
Your fist fix limited the amount of traffic beeing send to a victim from a single server to 3 msgs per 2 sec. That means 180 msg in 2min from one server.
The latest fix now limits the nr. of msgs send to a victim to 3 msgs in 2min (if the flooder does not lower its sending rate).
This means that with the latest version/fix 98% less unnecessary traffic is beeing send.
-> Thats quite nice!!!
An attacker who understands the latest patch will be able to write an attack that lets the getstatus packets trickly in at a rate of 3 per 2 second period. Then they will be able to successfully project 1.5 getstatus responses per second without triggering the blocking code.
See, this is why there is no real solution to fix this problem other than to modify the Q3 protocol.
ipwnnoobs, don't try to write too much code for this reason.
This post has been edited by Rambetter: 09 March 2012 - 07:34 PM
Advertisement
#206
ipwnn00bs
Posted 09 March 2012 - 07:37 PM
Answered you NITRO
Yes I understand, since you already read it, I will edit my post :P
What do you think about my idea?
Rambetter, on 09 March 2012 - 07:31 PM, said:
An attacker who understands the latest patch will be able to write an attack that lets the getstatus packets trickly in at a rate of 3 per 2 second period. Then they will be able to successfully project 1.5 getstatus responses per second without triggering the blocking code.
See, this is why there is no real solution to fix this problem other than to modify the Q3 protocol.
ipwnnoobs, don't try to write too much code for this reason.
See, this is why there is no real solution to fix this problem other than to modify the Q3 protocol.
ipwnnoobs, don't try to write too much code for this reason.
Yes I understand, since you already read it, I will edit my post :P
What do you think about my idea?
This post has been edited by ipwnn00bs: 09 March 2012 - 07:38 PM
#208
ipwnn00bs
Posted 09 March 2012 - 08:02 PM
Hey Kbar. Thanks
Yes, it helps, but isn't the best solution, since most gameservers aren't hosted in server with access to root accounts to do this.
Is the best way, via iptables, but due to that reason the only way is to block at the game level. In other words, I can do the iptables stuff, but most people and companies renting servers by slot won't do that.
Yes, it helps, but isn't the best solution, since most gameservers aren't hosted in server with access to root accounts to do this.
Is the best way, via iptables, but due to that reason the only way is to block at the game level. In other words, I can do the iptables stuff, but most people and companies renting servers by slot won't do that.
This post has been edited by ipwnn00bs: 09 March 2012 - 08:18 PM
1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users
Advertisement