http://www.networksorcery.com/enp/protocol/ip/option009.htm ________________________________________ From: hlds_linux-boun...@list.valvesoftware.com [hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Emil Larsson [ail...@gmail.com] Sent: 28 January 2011 15:20 To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?
Since it requires a handshake, TCP is impossible to spoof (unlike UDP). It would make it a bit easier to block IP's since a handshake will fail if a spoofed IP is used. Of course, most DOS bugs in SRCDS are from bugs and lack of packet caching/priority. However it also have higher overhead, which is why you rarely see gameservers using it as a protocol. On Fri, Jan 28, 2011 at 3:05 PM, Saul Rennison <saul.renni...@gmail.com>wrote: > I thought that TCP would solve the issue for queries and stuff like > that but in practice TCP is just as prone to DDoS as UDP -.- > > On Friday, 28 January 2011, Marco Padovan <evolutioncr...@gmail.com> > wrote: > > TCP for example... > > > > Il 28/01/2011 13:45, frostschutz ha scritto: > > > > On Thu, Jan 27, 2011 at 06:53:08PM -0500, clad iron wrote: > > > > Would there be a way for the engine to identify > > exactly where it's coming from and drop the connection ? > > > > It's UDP, there are no connections and you can't stop others > > from sending packets to you. So the best you can do is drop > > without spending any unnecessary CPU time. > > > > The protocol unfortunately is DDoS by design - if a game has > > a ton of players and in one second 100 people around the > > world refresh their server list at the same time, your server > > has 100 queries to reply to 100 different IPs... per second. > > So all you can do is make those queries faster. > > > > Usually games just don't have enough players for this to be > > a problem, but Valve is a monster in that regard. > > > > The protocol could be designed differently to make it easier > > to drop / delay unwanted packets, but protocol redesign is > > not something you do on a regular basis for gameservers. ;) > > > > Regards > > frostschutz > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > > > -- > > Thanks, > - Saul. > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux