It does not throttle legitimate connections in the process. This patch sets up some reasonable defaults to limit the rate at which the server will send these reply packets to a given IP address. Unlike most packets sent by the server, this reply packet does not require a player with a legitimate connection before sending. There is a class of DDoS attack that can utilize COD4 servers to flood a third party, by spoofing UDP packets so that the game server sends its reply for information to an unsuspecting party, over and over, as fast as it can. If you're doing it faster than the limit, you'll see you don't get a response right away.Īll this info is in README.linux in that tarball, but I'll post it here, too: If you want to see it in action, find your patched server in the in-game server browser, click "Server Info" and keep hitting refresh. The defaults for the new cvars are probably fine, but you can tweak them as you like. You'll need a server updated to 1.7 before applying this, because this is only a replacement cod4_lnxded file. I've got a patch for COD4 for this, and I need admins to test it before I make an official release. Multiply this by however fast you can stuff UDP packets into the server's incoming packet buffer per frame, times 7500+ public COD4 servers, and you can really bring a victim to its knees with a serious flood of unwanted packets.
They send a small UDP packet, and the server replies with a larger packet to the faked address. So we're getting reports of DDoS attacks, where botnets will send infostring queries to COD4 dedicated servers as fast as possible with spoofed addresses.
0 kommentar(er)
