On 12/01/2012 10:59, RawShark wrote:
I'd like to hear what people think about this. We have shut down our server to avoid the IP being blacklisted until a solution presents itself. I'm thinking ioquake3 should be patched in some way to detect this exploit? I can't really think of any combination of firewall rules to avoid the attack and keep the game server active.
Unless this is a new one or something we have overlooked, this should already be dealt with by ioq3, insofar as is feasibly possible. I assume you're talking about the UDP source address style spoofing attacks? We rate limit various possible attacks to mitigate the effects. Unfortunately the design of the Q3 query protocol is such that preventing the attacks is impossible.
_______________________________________________ ioquake3 mailing list ioquake3@lists.ioquake.org http://lists.ioquake.org/listinfo.cgi/ioquake3-ioquake.org By sending this message I agree to love ioquake3 and libsdl.
