Re: [hlds] SRCDS Connection Limit?
I'm aware of devnull, and it is, we're getting popped everyday by nothing but inbound cod4 ports. I have an ACL ticket awaiting the data-center today, but we've had botnets hit the server multiple times, and srcds still gets dropped without saturating the uplink. - Original Message - From: Connor M. To: Half-Life dedicated Win32 server mailing list Sent: Thursday, February 02, 2012 9:10 AM Subject: Re: [hlds] SRCDS Connection Limit? Sounds like a possible (but less severe in this instance) devnull attack to me. There was a stink about this not too long ago. In fact, it's capable of doing attacks so severe that it caused a GMod server admin to get a $15K bill. The thread about it on Facepunch appears to have been deleted, though. Try getting the IP address(es) blocked. I'll let someone else cover any srcds.exe tweaks if there are any. -- ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
Re: [hlds] SRCDS Connection Limit?
Sounds like a possible (but less severe in this instance) devnull attack to me. There was a stink about this not too long ago. In fact, it's capable of doing attacks so severe that it caused a GMod server admin to get a $15K bill. The thread about it on Facepunch appears to have been deleted, though. Try getting the IP address(es) blocked. I'll let someone else cover any srcds.exe tweaks if there are any. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
[hlds] SRCDS Connection Limit?
Recently I've had a user launching attacks on my servers, we are on a 1000mbit line, and the attack is using up approximatly 15% (~150megabit/sec). However it seems to be enough to flood out the srcds process and deny service even though we have more then enough resources to continue processing requests on the machine. I've looked at many different factors, including examining the servers nic, for packets per second, which appears stable in these situations, I've looked at windows TCP/IP stack to see if I could notice any limitations. (I found threads on this all over google, but they were mainly for XP and were quite outdated, none directly helped in the situation). So I contacted our data-center to see if there was anything on their end that limited certain ports (eg. 27015) to a certain amount of packets per second, they promptly disregarded anything on their end managing port limits. So the question comes down to being, is srcds itself being overloaded by the connections? Anything over 110megabit/sec seems to drop the connectivity of srcds entirely, with the box being completely stable. If so, are there any tweaks I can do to allow SRCDS to use the entire line speed if needed to stay online? ( The switch we're on is a Juniper EX2200, which can easily handle the packets per second that we're seeing. ) Thanks for any help. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds