[cod] Query limiting...
Marco Padovan
evcz at evcz.tk
Mon Oct 24 16:21:24 EDT 2011
Hi,
yeah, my bad, had the TCP port open (not dropping) as other games
requires it for the rcon commands and didn't remember COD is fully UDP ;)
I'm having multiple networks "exploited" all of them were targeted on a
TCP port that was corresponding to the UDP port of a cod4 server :(
(probably they pick up random cod4 servers knowing they generally have
good connectivity)
Additionally these ones are reflection attacks too: all the packets were
obviosly spoofed (invalid TTL... many were from the US and a 252 tll to
europe is impossible)
So cod4 server operators: stay alert and check out possible SYN floods
on your boxes ;)
(I realized only after sending the mail that ACK packets aren't handled
in userspace but by the OS ;) )
Thanks for your reply :)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://icculus.org/pipermail/cod/attachments/20111024/0aed8bae/attachment.htm>
More information about the cod
mailing list