Posted 04 October 2011 - 07:19 PM
I need someone from the DEV team to contact me if you can please and i will provide all the information I have; I am going to update to 3.3 however I hope this is not the same problem. Thanks
Posted 04 October 2011 - 07:52 PM
What you are talking about is 'getstatu's exploit. There are no exploits in 0.3.3. getstatus exploit is not mod exploit but ET exploit.
What is your server OS?
Posted 04 October 2011 - 08:07 PM
Posted 04 October 2011 - 08:24 PM
Posted 04 October 2011 - 08:47 PM
The basic problem with the attack is that the engine uses UDP. The attacker creates a simple UDP packet in which he spoofs the source address which is the DoS target. Then the attack keeps sending these getstatus packets, which involve no handshaking, to the server as fast as possible and the server keeps sending the target loads of data in the form of getstatus responses. A single response has a significant size as it includes a lot of information of the server.
There are always some amount of querys happening to the server as soon as it is public. Different game trackers query the master server for the server list and then query all the servers, usually with slow interval. Also, all the possible joining players will query the server. So there is never a moment when there is noone querying. But the amount of an attacker is usually a huge amount of querys.
Posted 05 October 2011 - 08:39 PM
I will pass it along; however when in ETMAIN it has no traffic; but when in Silent it has 100 connections; and no on is on the server
It could have 100 or even 300 or even more... it has nothing to do with silent mod. It's simple Enemy Territory, Quake 3 engine exploit.
Since I know your host, I have applied the getstatus DDoS patch on your server.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users