[bf1942] DoS vulnerability in game servers (including BF1942)

Andrew A. Chen achen-bf1942 at divo.net
Tue Jan 21 12:20:44 EST 2003


There was no one on the BF server at the time.  I monitor player counts, as 
well.  :(

At 12:20 AM 1/21/2003, you wrote:
>That does not look like you have been exploited, it might as well been
>normal gameplay.
>BF consumes a great deal of bandwidth.
>
>With 2 x 40 players on one of our servers, we use almost 10 Mbit. You
>need to take a look at the query trafic, to make sure you have been
>exploited, not the general outbound trafic.
>
>Best regards / Med venlig hilsen
>Morten Striboldt - Game administrator
>Boomtown.net
>
>
> > -----Original Message-----
> > From: Andrew A. Chen [mailto:achen-bf1942 at divo.net]
> > Sent: 21. januar 2003 02:19
> > To: bf1942 at icculus.org
> > Subject: RE: [bf1942] DoS vulnerability in game servers
> > (including BF1942)
> >
> >
> > Woo.  Looks like i've been exploited several times.  These
> > are taken from
> > two different boxes:
> >
>http://du.divo.net/at1.png
>http://du.divo.net/at2.png
>
>Each box is running only 1 bf1942 server.  Damn.  This is going to be
>expensive for hosting companies.  :/
>
>
>At 09:18 PM 1/17/2003, you wrote:
> >From: g8 at the.whole.net [mailto:g8 at the.whole.net]
> >Sent: Friday, January 17, 2003 2:51 PM
> >To: bf1942 at icculus.org
> >Subject: [bf1942] DoS vulnerability in game servers (including BF1942)
> >
> >http://www.pivx.com/press_releases/mk_mk001.html?tag=fd_top%3Cbr%20/%3E
> >
> >"As a basic rule of thumb, if it supports gamespy, it will likely be
> >vulnerable."
> >
> >I assume some of you have seen this.  Of course BF is included in the
> >bunch.  The reasearh into this exploit was done using the bf1942
> >server. Don't know if anything can be done to prevent it at this point
> >but now it's official.
> >
> >-g8




More information about the Bf1942 mailing list