[hlds_linux] UDP overflow/DoS attack do HLDS ?
I've posted this here before, but as a reply to another thread, and maybe because of that it was slightly ignored. But the problem happened again, so I am bringing this back IN BIG BOLD LETTERS ! for the third time I've found that my hlds service coredumped without a plausible reason. I was at the server room showing things around to a friend of mine when I noticed that the system kernel was reducing the response to net queries to 200 packets per second (bold letters on the console to show you that there is something wrong). this only happens when there is something wrong. Tipically a port scan or something alike. The only detail is that this server is behind a firewall that masquerades that server and reroutes (NATs) only the UDP/27015 traffic from the public address to the HLDS dedicated server, that has a reserverd IP 10.x.y.z. There is nobody else on the LAN, which means this is not an internal work. A supposed general DoS attack would be affecting the firewall computer, and not the HLDS machine behind it; In other words, the firewall computer should be screaming about a DoS/portscan type attack, but it did not, while the HLDS machine did. As I see, this proves that the HLDS server is probably being attacked by people that knows what they are doing. Whenever this happens (the kernel message stating the reduction in the reply rate) my hlds process cores, and a new server instance is brought up by the hlds_run script. So far I was not able to reproduce it myself, but am looking for means to do it. I attempted using standard portscan programs on the server with above-the-average solicitation rates, on the udp/27015 port only, and it did not cause the problem. The next logical step it submitting this to the group and asking for help. If this turns out to be a problem/vulnerability (as I think it is) then VALVe should be warned, so that this can be corrected on 1.6. By now I will be reducing the reply rate from my server to the minimum acceptable by the hlds server, so that I can assure playability and prompt response from the outside world, hoping that this minimum, combined with the OSs built in protections will stop this (net.inet.icmp.icmplim). ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
RE: [hlds_linux] HLBook close to beta release
On Tue, 2003-01-14 at 16:46, Eric (Deacon) wrote: Well at least we know you didn't learn anything from whinge. ?? Again, in english please. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] UDP overflow/DoS attack do HLDS ?
On Tue, 14 Jan 2003, Capriotti wrote: I've posted this here before, but as a reply to another thread, and maybe because of that it was slightly ignored. But the problem happened again, so I am bringing this back IN BIG BOLD LETTERS ! for the third time I've found that my hlds service coredumped without a plausible reason. I was at the server room showing things around to a friend of mine when I noticed that the system kernel was reducing the response to net queries to 200 packets per second (bold letters on the console to show you that there is something wrong). this only happens when there is something wrong. Tipically a port scan or something alike. The only detail is that this server is behind a firewall that masquerades that server and reroutes (NATs) only the UDP/27015 traffic from the public address to the HLDS dedicated server, that has a reserverd IP 10.x.y.z. There is nobody else on the LAN, which means this is not an internal work. A supposed general DoS attack would be affecting the firewall computer, and not the HLDS machine behind it; In other words, the firewall computer should be screaming about a DoS/portscan type attack, but it did not, while the HLDS machine did. As I see, this proves that the HLDS server is probably being attacked by people that knows what they are doing. Whenever this happens (the kernel message stating the reduction in the reply rate) my hlds process cores, and a new server instance is brought up by the hlds_run script. So far I was not able to reproduce it myself, but am looking for means to do it. I attempted using standard portscan programs on the server with above-the-average solicitation rates, on the udp/27015 port only, and it did not cause the problem. The next logical step it submitting this to the group and asking for help. If this turns out to be a problem/vulnerability (as I think it is) then VALVe should be warned, so that this can be corrected on 1.6. By now I will be reducing the reply rate from my server to the minimum acceptable by the hlds server, so that I can assure playability and prompt response from the outside world, hoping that this minimum, combined with the OSs built in protections will stop this (net.inet.icmp.icmplim). Could this be coused by disconnecting users or if the port suddenly is unavailable for a second? If you want to reprocuce it... have a full server.. and press crtl-c in the hlds console.. you will see the same result.. at least you get it if the server is on a real network... could it be that the NAT or firewall is suddenly unavailable, the server tries to send all the data and gets a lot of icmp-hostunreach? !!! log everything that the kern.* and security.* is reporting !!! the limit responce is logged in kern.* Jan 4 20:22:21 myhost /kernel: Limiting icmp unreach response from 54 to 20 packets per second /Bjorn Favourite Comment: Programming is an art form that fights back. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
[hlds_linux] OT: 32 Player cs Maps
Im after some 32 plyer cs maps or some 32 player ent files i know about the default ones a.. cs_aztec a.. de_dust a.. de_dust2 a.. de_inferno a.. de_cbble a.. de_vertigo but i am after some for the more popular maps also Thanks Ugly ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] OT: 32 Player cs Maps
check over here... http://joe.to/32players.html great reference on how to make them. also has premade player spawn entity files. http://maps.joe.to/ents --agenthh On Wed, 15 Jan 2003 09:55:11 +1030 Kingsley Foreman [EMAIL PROTECTED] wrote: Im after some 32 plyer cs maps or some 32 player ent files i know about the default ones a.. cs_aztec a.. de_dust a.. de_dust2 a.. de_inferno a.. de_cbble a.. de_vertigo but i am after some for the more popular maps also Thanks Ugly ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] [AM] Admin Mod security update
Florian Zschocke [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]... | Jules (aka Buddha-Pest) wrote: | | i have a custom build, what tag do i need to update to? (i know i should be | asking in the forums, but as you and i both agreed in that mailing | list/forums thread this is much better medium :) | | I didn't have the time to properly tag it last night so it has no | special tag. Just check out the trunk of module stable. We are | in the process of rearranging the CVS repository and switching to | new modules. So, instead of checking out admin_v2, check out | stable. aw... that means i have to manually merge my changes now. oh well... so is stable what y'all are planning on using from this point on? ~j ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] What is this?
yes, i saw the suspended sg, but i've seen that problem before in demos. i did not see white spots for players, i saw players. lastshooter [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]... | normal? the sg was suspended in air. The engi appeared to be able to | roam.White spots instead of players. This was also the report from two | other peeps that watched it, on different PC's as well. Suspected cheater, | but needed concrete proof. | | From: Jules (aka Buddha-Pest) | oh ya, i watched it. looked 100% normal to me. i'm not sure what your | issue with it is. | | ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] OT: 32 Player cs Maps
On Tue, Jan 14, 2003 at 07:23:49PM -0500, [EMAIL PROTECTED] wrote: check over here... http://joe.to/32players.html great reference on how to make them. also has premade player spawn entity files. http://maps.joe.to/ents --agenthh Seems he even has a bunch for download: http://maps.joe.to/maps/ -- James. On Wed, 15 Jan 2003 09:55:11 +1030 Kingsley Foreman [EMAIL PROTECTED] wrote: Im after some 32 plyer cs maps or some 32 player ent files i know about the default ones a.. cs_aztec a.. de_dust a.. de_dust2 a.. de_inferno a.. de_cbble a.. de_vertigo but i am after some for the more popular maps also Thanks Ugly ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] OT: 32 Player cs Maps
yep tanks all i fond the list and all is good - Original Message - From: James Clark [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, January 15, 2003 2:29 PM Subject: Re: [hlds_linux] OT: 32 Player cs Maps On Tue, Jan 14, 2003 at 07:23:49PM -0500, [EMAIL PROTECTED] wrote: check over here... http://joe.to/32players.html great reference on how to make them. also has premade player spawn entity files. http://maps.joe.to/ents --agenthh Seems he even has a bunch for download: http://maps.joe.to/maps/ -- James. On Wed, 15 Jan 2003 09:55:11 +1030 Kingsley Foreman [EMAIL PROTECTED] wrote: Im after some 32 plyer cs maps or some 32 player ent files i know about the default ones a.. cs_aztec a.. de_dust a.. de_dust2 a.. de_inferno a.. de_cbble a.. de_vertigo but i am after some for the more popular maps also Thanks Ugly ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] OT: 32 Player cs Maps
jezz that was ment to read yep thanks all i found the list and all is good - Original Message - From: Kingsley Foreman [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, January 15, 2003 2:33 PM Subject: Re: [hlds_linux] OT: 32 Player cs Maps yep tanks all i fond the list and all is good - Original Message - From: James Clark [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, January 15, 2003 2:29 PM Subject: Re: [hlds_linux] OT: 32 Player cs Maps On Tue, Jan 14, 2003 at 07:23:49PM -0500, [EMAIL PROTECTED] wrote: check over here... http://joe.to/32players.html great reference on how to make them. also has premade player spawn entity files. http://maps.joe.to/ents --agenthh Seems he even has a bunch for download: http://maps.joe.to/maps/ -- James. On Wed, 15 Jan 2003 09:55:11 +1030 Kingsley Foreman [EMAIL PROTECTED] wrote: Im after some 32 plyer cs maps or some 32 player ent files i know about the default ones a.. cs_aztec a.. de_dust a.. de_dust2 a.. de_inferno a.. de_cbble a.. de_vertigo but i am after some for the more popular maps also Thanks Ugly ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
RE: [hlds_linux] [AM] Admin Mod security update
when is a .51 full release going to come out? or will there? kev --Original Message- -From: [EMAIL PROTECTED] -[mailto:[EMAIL PROTECTED]]On Behalf Of Alfred -Sent: Tuesday, January 14, 2003 11:25 PM -To: [EMAIL PROTECTED] -Subject: Re: [hlds_linux] [AM] Admin Mod security update - - -We have 2 new CVS modules, stable and exp :) -exp will contain the experimental code (i.e latest stuff, but buggy), -stable will contain the source code used to generate stable releases -(i.e rock solid but missing some of the newest features). -This split should help us speed up development by allowing us to release -new versions without affecting server ops who want a rock solid server. - - -Jules (aka Buddha-Pest) wrote: - - Florian Zschocke wrote in message - news:[EMAIL PROTECTED]... - | Jules (aka Buddha-Pest) wrote: - | - | i have a custom build, what tag do i need to update to? (i know i - should be - | asking in the forums, but as you and i both agreed in that mailing - | list/forums thread this is much better medium :) - | - | I didn't have the time to properly tag it last night so it has no - | special tag. Just check out the trunk of module stable. We are - | in the process of rearranging the CVS repository and switching to - | new modules. So, instead of checking out admin_v2, check out - | stable. - - aw... that means i have to manually merge my changes now. -oh well... - so is stable what y'all are planning on using from this point on? - - ~j - - - ___ - To unsubscribe, edit your list preferences, or view the list archives, - please visit: - http://list.valvesoftware.com/mailman/listinfo/hlds_linux - - --- -Alfred Reynolds -[EMAIL PROTECTED] - -___ -To unsubscribe, edit your list preferences, or view the list -archives, please visit: -http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
[hlds_linux] [UA] Cheating-Death v2.1.x Released
UA's Anti-Cheat Team have released their first update to Cheating-Death (CD) since UA acquired the project in December. With this new release, CD now supports the Natural Selection MOD (still in beta, so run in optional mode) and a few additional cheat blocks have been added, which block the latest OGC and OpenGL cheats. The following is a list of cheats that have been confirmed to be blocked by this version of CD: - ak19e - csx multi hack - earthquake 1.1 - edge - esno 1.3 - Joolz 2.0 - lege - Net-Coders Hack v 2.0 - oc - ochack 1.0 - ochack 3.0 - ochack 3.1 - ochack 3.2 - rage - rageogl - ogc 9 - ogc 10 - ogc 10b - open gl hack (no name) - ZHC v1.75 open gl hack Unfortunately, CD still does not work with VAC supported MODs (e.g. Counter-Strike and Day of Defeat) irregardless if the servers don't have VAC enabled. We are currently working with Valve on a possible solution. http://www.UnitedAdmins.com/News.aspx HoundDawg ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] OT: 32 Player cs Maps
i speak that language too ;) Sebastian - [BBR] Gaming Clan http://www.BroadBandReports.com - Original Message - From: Kingsley Foreman [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, January 14, 2003 11:05 PM Subject: Re: [hlds_linux] OT: 32 Player cs Maps jezz that was ment to read yep thanks all i found the list and all is good - Original Message - From: Kingsley Foreman [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, January 15, 2003 2:33 PM Subject: Re: [hlds_linux] OT: 32 Player cs Maps yep tanks all i fond the list and all is good ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] [UA] Cheating-Death v2.1.x Released
HoundDawg, not to be an ass, but irregardless is not a word. Back in high school my driver education teacher used to say that word all the time and it drove me nuts! So I will refer to you HoundDawg from now on as Ms. Medema. :-) On Tue, 2003-01-14 at 22:39, [EMAIL PROTECTED] wrote: irregardless http://www.UnitedAdmins.com/News.aspx HoundDawg -- Brad Schulteis [EMAIL PROTECTED] Lots of campers on your server? Get some Camp Counselors: admin_monster @ http://www.therealaod.com/ ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
RE: [hlds_linux] [AM] Admin Mod security update
We have 2 new CVS modules, stable and exp :) exp will contain the experimental code (i.e latest stuff, but buggy), stable will contain the source code used to generate stable releases I *am* curious as to why you would call it exp instead of experimental. -- Eric (the Deacon remix) ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] [UA] Cheating-Death v2.1.x Released
Brad Schulteis wrote: HoundDawg, not to be an ass, but irregardless is not a word. Back in Depends who you listen to. I happen to agree with your opinion on this one, but Merriam-Webster says: Irregardless originated in dialectal American speech in the early 20th century. Its fairly widespread use in speech called it to the attention of usage commentators as early as 1927. The most frequently repeated remark about it is that there is no such word. There is such a word, however. It is still used primarily in speech, although it can be found from time to time in edited prose. Its reputation has not risen over the years, and it is still a long way from general acceptance. Use regardless instead. Although dictionary.com then says: Usage Note: Irregardless is a word that many mistakenly believe to be correct usage in formal style, when in fact it is used chiefly in nonstandard speech or casual writing. Coined in the United States in the early 20th century, it has met with a blizzard of condemnation for being an improper yoking of irrespective and regardless and for the logical absurdity of combining the negative ir- prefix and -less suffix in a single term. Although one might reasonably argue that it is no different from words with redundant affixes like debone and unravel, it has been considered a blunder for decades and will probably continue to be so. Pick a side :) Just being devil's advocate 3:-) James ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] [UA] Cheating-Death v2.1.x Released
Well, since online gaming is far from professional commercial writings with many 1337 slangs and far-casual writing, it's really no big deal. In fact, you can find it here: http://dictionary.reference.com/search?q=irregardless =P Irregardless (heh), if someone was going to say something, this is definately the correct list for it to be said. So, it's no surprise to me, really. -HD- - Original Message - From: Brad Schulteis [EMAIL PROTECTED] To: HLDS [EMAIL PROTECTED] Sent: Tuesday, January 14, 2003 9:43 PM Subject: Re: [hlds_linux] [UA] Cheating-Death v2.1.x Released HoundDawg, not to be an ass, but irregardless is not a word. Back in high school my driver education teacher used to say that word all the time and it drove me nuts! So I will refer to you HoundDawg from now on as Ms. Medema. :-) On Tue, 2003-01-14 at 22:39, [EMAIL PROTECTED] wrote: irregardless http://www.UnitedAdmins.com/News.aspx HoundDawg -- Brad Schulteis [EMAIL PROTECTED] Lots of campers on your server? Get some Camp Counselors: admin_monster @ http://www.therealaod.com/ ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux