[bf1942] DoS attack using game servers
Kirk
captain at langasm.com
Sat Jan 18 00:20:09 EST 2003
Thank you, Alex.
-----Original Message-----
From: Alex Lembesis [mailto:alex at elitedesigns.net]
Sent: Friday, January 17, 2003 3:31 PM
To: bf1942 at icculus.org
Subject: RE: [bf1942] DoS attack using game servers
Which is really nothing new. God I hate script kiddies.
-----Original Message-----
From: Scratch Monkey [mailto:ScratchMonkey at SewingWitch.com]
Sent: Friday, January 17, 2003 4:23 PM
To: qstat; Tribes 2 Servers List; BF1942 Server List
Subject: [bf1942] DoS attack using game servers
http://www.pivx.com/press_releases/mk_mk001.html
http://www.pivx.com/kristovich/adv/mk001/
While this advisory discusses BF1942 servers, it looks like any game
server
that uses qstat-style status reporting can be used as a smurf reflector
to
generate a DoS attack, including Half-Life and Tribes.
The advisory doesn't mention it, but one can get even more amplification
by
sending simultaneous queries to multiple servers.
I expect the primary way to stop this will be to install status
throttles
in the affected games, so that queries from the same source address are
accepted only at some reasonable rate.
More information about the Bf1942
mailing list