date:20120130

Re: [hlds_linux] No Steam Logon - massive lag

2012-01-30 Thread Michael Johansen


I just ran -verify_all -retry on all the servers, it did not update anything 
(didn't find any updates), and I can confirm that it does show my public IP on 
all the servers. It does also show that it successfully connected to the 
servers and logged in to the gameserver account. Yesterday I was "attacked" 
atleast 10 times, where every one of my servers went down with the dreaded 
connection problem message and when they got up everyone dropped due to "No 
Steam Logon", me and a friend was trying to go trough the .cap files yesterday, 
we couldn't find anything unusual but I did block a few IP's with no success.

> From: fletch...@valvesoftware.com
> To: hlds_linux@list.valvesoftware.com
> Date: Tue, 31 Jan 2012 00:20:37 +
> Subject: Re: [hlds_linux] No Steam Logon - massive lag
> 
> Steam auth sometimes gets the blame when in fact the problem is just a 
> plain-old-fashioned client timeout.  We have changed the messaging recently 
> to make this more clear, but if you are running old binaries.
> 
> I do seem to remember that we fixed a similar DoS attack recently.
> 
> Can you confirm that you are running the latest binaries?  When you boot your 
> server, does it spit out your public IP next to the message when your server 
> connects to Steam?  Can you verify your files and make sure it doesn't pull 
> anything down?
> 
> Your humble servant,
> - Fletch
> 
> -Original Message-
> From: hlds_linux-boun...@list.valvesoftware.com 
> [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Michael 
> Johansen
> Sent: Saturday, January 28, 2012 7:25 AM
> To: hlds_linux@list.valvesoftware.com
> Subject: [hlds_linux] No Steam Logon - massive lag
> 
> 
> Hi guys,
> I'm running 6 TF2 servers which are quite popular. Anyhow, my server laggs, 
> badly sometimes, and right after the spike a lot of players d/c with the "No 
> Steam Logon" message. This is not related to a machine or any plugins I am 
> running. This has happened a lot of times now, and I'm sick of it. What is 
> wrong and why is it happening? Me and a friend were playing on two of our 
> servers when we both lag out (red message in the top right corner) and then 
> it stops and returns to normal, but half of the players are now gone.
> Help?   
> ___
> To unsubscribe, edit your list preferences, or view the list archives, please 
> visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
> 
> ___
> To unsubscribe, edit your list preferences, or view the list archives, please 
> visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
  
___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

Re: [hlds_linux] Respawn Countdown Loop [TF2]

2012-01-30 Thread daniel jokiaho

rcon locker
On 31 Jan 2012 06:24, "Emil Larsson"  wrote:

> Yup, I forgot which plugin did it but I do recall that respawn loops
> happens due to old plugins. I think it was some old outdated plugin we had
> that was for fixing a valve bug... that long been since fixed, and we just
> forgot to remove the plugin.
>
> On Tue, Jan 31, 2012 at 5:31 AM, E3pO  wrote:
>
> > try removing all plugins see if it fixes the problem and then remove each
> > plugin 1 by 1 to find the culprit .
> > On Jan 30, 2012 8:59 PM, "Tres"  wrote:
> >
> > > We recently changed our respawn times to Valve's default. Upon doing
> so,
> > we
> > > started having random respawn countdown loops. The timer counts down
> to 1
> > > then starts over. A player can stop the loop by reselecting a class. It
> > > doesn't happen upon every death but approximately 25% of the time. We
> do
> > > have quite a few plugins. Before I do a wipe and start fresh, I thought
> > I'd
> > > ask if anyone knows of a simple solution.
> > >
> > > Thanks!
> > > ___
> > > To unsubscribe, edit your list preferences, or view the list archives,
> > > please visit:
> > > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
> > >
> > ___
> > To unsubscribe, edit your list preferences, or view the list archives,
> > please visit:
> > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
> >
> ___
> To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>
___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

Re: [hlds_linux] Respawn Countdown Loop [TF2]

2012-01-30 Thread Emil Larsson

Yup, I forgot which plugin did it but I do recall that respawn loops
happens due to old plugins. I think it was some old outdated plugin we had
that was for fixing a valve bug... that long been since fixed, and we just
forgot to remove the plugin.

On Tue, Jan 31, 2012 at 5:31 AM, E3pO  wrote:

> try removing all plugins see if it fixes the problem and then remove each
> plugin 1 by 1 to find the culprit .
> On Jan 30, 2012 8:59 PM, "Tres"  wrote:
>
> > We recently changed our respawn times to Valve's default. Upon doing so,
> we
> > started having random respawn countdown loops. The timer counts down to 1
> > then starts over. A player can stop the loop by reselecting a class. It
> > doesn't happen upon every death but approximately 25% of the time. We do
> > have quite a few plugins. Before I do a wipe and start fresh, I thought
> I'd
> > ask if anyone knows of a simple solution.
> >
> > Thanks!
> > ___
> > To unsubscribe, edit your list preferences, or view the list archives,
> > please visit:
> > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
> >
> ___
> To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>
___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

Re: [hlds_linux] Respawn Countdown Loop [TF2]

2012-01-30 Thread E3pO

try removing all plugins see if it fixes the problem and then remove each
plugin 1 by 1 to find the culprit .
On Jan 30, 2012 8:59 PM, "Tres"  wrote:

> We recently changed our respawn times to Valve's default. Upon doing so, we
> started having random respawn countdown loops. The timer counts down to 1
> then starts over. A player can stop the loop by reselecting a class. It
> doesn't happen upon every death but approximately 25% of the time. We do
> have quite a few plugins. Before I do a wipe and start fresh, I thought I'd
> ask if anyone knows of a simple solution.
>
> Thanks!
> ___
> To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>
___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

[hlds_linux] Respawn Countdown Loop [TF2]

2012-01-30 Thread Tres

We recently changed our respawn times to Valve's default. Upon doing so, we
started having random respawn countdown loops. The timer counts down to 1
then starts over. A player can stop the loop by reselecting a class. It
doesn't happen upon every death but approximately 25% of the time. We do
have quite a few plugins. Before I do a wipe and start fresh, I thought I'd
ask if anyone knows of a simple solution.

Thanks!
___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

Re: [hlds_linux] No Steam Logon - massive lag

2012-01-30 Thread Fletcher Dunn

Steam auth sometimes gets the blame when in fact the problem is just a 
plain-old-fashioned client timeout.  We have changed the messaging recently to 
make this more clear, but if you are running old binaries.

I do seem to remember that we fixed a similar DoS attack recently.

Can you confirm that you are running the latest binaries?  When you boot your 
server, does it spit out your public IP next to the message when your server 
connects to Steam?  Can you verify your files and make sure it doesn't pull 
anything down?

Your humble servant,
- Fletch

-Original Message-
From: hlds_linux-boun...@list.valvesoftware.com 
[mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Michael Johansen
Sent: Saturday, January 28, 2012 7:25 AM
To: hlds_linux@list.valvesoftware.com
Subject: [hlds_linux] No Steam Logon - massive lag


Hi guys,
I'm running 6 TF2 servers which are quite popular. Anyhow, my server laggs, 
badly sometimes, and right after the spike a lot of players d/c with the "No 
Steam Logon" message. This is not related to a machine or any plugins I am 
running. This has happened a lot of times now, and I'm sick of it. What is 
wrong and why is it happening? Me and a friend were playing on two of our 
servers when we both lag out (red message in the top right corner) and then it 
stops and returns to normal, but half of the players are now gone.
Help? 
___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

Re: [hlds_linux] No Steam Logon - massive lag

2012-01-30 Thread voice

This was a log from an attack earlier this year and has already been
reported. It was just the one IP that attacked.

Regards,
Chris
On Jan 30, 2012 9:58 AM, "Michael Johansen"  wrote:

>
> Voice, could you please e-mail me those IP's so I could block them off? If
> they are the same it's worth a shot.
>
> > From: ad...@gamerscrib.net
> > To: hlds_linux@list.valvesoftware.com
> > Date: Mon, 30 Jan 2012 10:41:31 -0500
> > Subject: Re: [hlds_linux] No Steam Logon - massive lag
> >
> > ab...@comcast.net
> > Send all the info you got to them and let them handle it...if something
> such as this is coming from a residential connection thru them then it’s a
> violation of their TOS.
> >
> > -Original Message-
> > From: hlds_linux-boun...@list.valvesoftware.com [mailto:
> hlds_linux-boun...@list.valvesoftware.com] On Behalf Of voice
> > Sent: Monday, January 30, 2012 10:00 AM
> > To: Half-Life dedicated Linux server mailing list
> > Subject: Re: [hlds_linux] No Steam Logon - massive lag
> >
> > Unless Valve is running Steam off of Comcast residential connections I'd
> say no. The IP that attacked me was coming from one of those.
> > On Jan 30, 2012 8:36 AM, "Michael Johansen"  wrote:
> >
> > >
> > > Thanks for the correct command. Anyhow, is there a way to figure out
> > > if it is infact a targeted attack or if it's Steam messing up?
> > >
> > > > From: cladi...@gmail.com
> > > > Date: Sun, 29 Jan 2012 22:57:02 -0500
> > > > To: hlds_linux@list.valvesoftware.com
> > > > Subject: Re: [hlds_linux] No Steam Logon - massive lag
> > > >
> > > > >
> > > > > Michael Johansen ✆ michs...@live.no via<
> > > http://support.google.com/mail/bin/answer.py?hl=en&ctx=mail&answer=131
> > > 1182
> > > >
> > > > >  valvesoftware.com
> > > > > Jan 28 (2 days ago)
> > > > >
> > > > >  to hlds_linux
> > > > >  Hi,
> > > > > How would I find that IP? I've got root access on both the
> machines.
> > > > > Problem is, everyone lagged out on TWO machines, which is in
> > > > > separate datacenters and even in different countrys!
> > > > >
> > > >
> > > > if an attacker is pin-pointing  you directly, all he would have to
> > > > do is attack both.
> > > >
> > > > On Sun, Jan 29, 2012 at 12:53 PM, Joe Brown
> > > > > > >wrote:
> > > >
> > > > >
> > > > > Run tcpdump for a little:
> > > > >
> > > > > > /usr/sbin/tcpdump -i eth0 -w traffic03.cap
> > > > >
> > > > > Control+C when you get enough data, download traffic03.cap to your
> > > > > computer, and load it up in wireshark.
> > > > >
> > > > > > From: michs...@live.no
> > > > > > To: hlds_linux@list.valvesoftware.com
> > > > > > Date: Sun, 29 Jan 2012 17:34:17 +0100
> > > > > > Subject: Re: [hlds_linux] No Steam Logon - massive lag
> > > > > >
> > > > > >
> > > > > > Tbh I have no idea how to find out what this is, how do I even
> > > > > > use
> > > > > tcpdump to output that info? All I get from it is "encrypted" like
> > > > > with some weird chars that Notepad++ can't open.Help please.
> > > > > >
> > > > > > > Date: Sat, 28 Jan 2012 23:57:31 +0100
> > > > > > > From: nowa...@platinum.linux.pl
> > > > > > > To: hlds_linux@list.valvesoftware.com
> > > > > > > Subject: Re: [hlds_linux] No Steam Logon - massive lag
> > > > > > >
> > > > > > > tcpdump of an attack on one of my servers:
> > > > > > >
> > > > > > > 18:01:58.350565 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> > > length 18
> > > > > > >  0x:  4500 002e 1dc1  7711 6a89 5bc0 a579
> > > > >  E...w.j.[..y
> > > > > > >  0x0010:    04f3 6987 001a 0728 3342 4521
> > > > >  ..i(3BE!
> > > > > > >  0x0020:  6f64 7936 5341 4d50 4245 2164 6969
> > > > > ody6SAMPBE!dii
> > > > > > > 18:01:58.351470 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> > > length 18
> > > > > > >  0x:  4500 002e 1dc3  7711 6a87 5bc0 a579
> > > > >  E...w.j.[..y
> > > > > > >  0x0010:    04f3 6987 001a 0728 3342 4521
> > > > >  ..i(3BE!
> > > > > > >  0x0020:  6f64 7936 5341 4d50 4245 2164 6969
> > > > > ody6SAMPBE!dii
> > > > > > > 18:01:58.352542 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> > > length 0
> > > > > > >  0x:  4500 001c 1dc4  7711 6a98 5bc0 a579
> > > > >  E...w.j.[..y
> > > > > > >  0x0010:    04f3 6987 0008 d5ee  
> > > > >  ..i.
> > > > > > >  0x0020:        
> > > > > ..
> > > > > > > 18:01:58.353050 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> > > length 18
> > > > > > >  0x:  4500 002e 1dc5  7711 6a85 5bc0 a579
> > > > >  E...w.j.[..y
> > > > > > >  0x0010:    04f3 6987 001a 0728 3342 4521
> > > > >  ..i(3BE!
> > > > > > >  0x0020:  6f64 7936 5341 4d50 4245 2164 6969
> > > > > ody6SAMPBE!dii
> > > > > > > 18:01:58.353988 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> > > length 18
> > > > > > >  0x:  4500 002e 1dc7  7711 6a83 5bc0 a579
> > > > >  E...

Re: [hlds_linux] CS:GO hostname setting?

2012-01-30 Thread lwf

When adding to favorites, have the client look up the server supplied
domain name and compare it to the current IP address of the server. If
they they're not equal add the IP only, preventing both
misconfigurations and forgery from ruining the users day. If they are
equal, add the domain name as well as the IP and compare again on
future connects.

If they're not equal once added show an error message with both
addresses as well as the current server title and explain to the user
that the server may have moved, and ask the user what action to take.
If the user complies, update the last known IP for that favorite
entry.

Problem solved and we can use DNS exactly what it's for. However, it
does not deal with ports.

On Mon, Jan 30, 2012 at 01:30, Necavi  wrote:
> If I remember correctly, the reason that valve has not done this in the past 
> is to prevent server operators from basically having the power to redirect 
> multiple players to the same server by abusing hostnames. They are able to do 
> this by either starting up a dozen servers, each claiming the same hostname 
> as their main server, meaning that if anyone favorites that particular server 
> they are in fact favoriting the main server. (Note: this particular exploit 
> only really works if the hostname is set by cvar, other exploits exist for 
> other methods). Granted, I'm one of the server operators who wishes that kind 
> of power, but for a different reason, I tend to host servers with RPG 
> elements (such as War3Source) and I've always fantasized about having a 
> server that controls access to all the other ones, sorting players out by 
> their RPG level or something similar, doing almost exactly the opposite of 
> what valve is trying to protect against (phantom servers redirecting to a 
> real one, this is more similar to a single phantom server taking the place of 
> several real ones).
>
> -Original Message-
> From: hlds_linux-boun...@list.valvesoftware.com 
> [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Niko Montonen
> Sent: Sunday, January 29, 2012 16:11
> To: Half-Life dedicated Linux server mailing list
> Subject: Re: [hlds_linux] CS:GO hostname setting?
>
> I completely understand why people want to link servers to SteamID's, but
> it might not be smart to force people to do that.
>
> If you want to force people to attach an identity to a server, public key
> crypto might be a good idea.
>
> That way you can prove you're the owner of all the servers you claim to
> control (key for all servers made out of same private key), while allowing
> people to stay anonymous (new private and public key for every server).
>
> Tools for creating such cryptographic keys are available on most operating
> systems, so that's not a problem.
>
> But I like the idea of being able to link your server to your SteamID.
>
> (Disclaimer: Anything I may have just written may be wrong, it's 2am and
> I'm tired.)
>
> Just my 0,02€
> ___
> To unsubscribe, edit your list preferences, or view the list archives, please 
> visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>
>
> ___
> To unsubscribe, edit your list preferences, or view the list archives, please 
> visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

Re: [hlds_linux] No Steam Logon - massive lag

2012-01-30 Thread Michael Johansen


Voice, could you please e-mail me those IP's so I could block them off? If they 
are the same it's worth a shot.

> From: ad...@gamerscrib.net
> To: hlds_linux@list.valvesoftware.com
> Date: Mon, 30 Jan 2012 10:41:31 -0500
> Subject: Re: [hlds_linux] No Steam Logon - massive lag
> 
> ab...@comcast.net 
> Send all the info you got to them and let them handle it...if something such 
> as this is coming from a residential connection thru them then it’s a 
> violation of their TOS.
> 
> -Original Message-
> From: hlds_linux-boun...@list.valvesoftware.com 
> [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of voice
> Sent: Monday, January 30, 2012 10:00 AM
> To: Half-Life dedicated Linux server mailing list
> Subject: Re: [hlds_linux] No Steam Logon - massive lag
> 
> Unless Valve is running Steam off of Comcast residential connections I'd say 
> no. The IP that attacked me was coming from one of those.
> On Jan 30, 2012 8:36 AM, "Michael Johansen"  wrote:
> 
> >
> > Thanks for the correct command. Anyhow, is there a way to figure out 
> > if it is infact a targeted attack or if it's Steam messing up?
> >
> > > From: cladi...@gmail.com
> > > Date: Sun, 29 Jan 2012 22:57:02 -0500
> > > To: hlds_linux@list.valvesoftware.com
> > > Subject: Re: [hlds_linux] No Steam Logon - massive lag
> > >
> > > >
> > > > Michael Johansen ✆ michs...@live.no via<
> > http://support.google.com/mail/bin/answer.py?hl=en&ctx=mail&answer=131
> > 1182
> > >
> > > >  valvesoftware.com
> > > > Jan 28 (2 days ago)
> > > >
> > > >  to hlds_linux
> > > >  Hi,
> > > > How would I find that IP? I've got root access on both the machines.
> > > > Problem is, everyone lagged out on TWO machines, which is in 
> > > > separate datacenters and even in different countrys!
> > > >
> > >
> > > if an attacker is pin-pointing  you directly, all he would have to 
> > > do is attack both.
> > >
> > > On Sun, Jan 29, 2012 at 12:53 PM, Joe Brown 
> > > > >wrote:
> > >
> > > >
> > > > Run tcpdump for a little:
> > > >
> > > > > /usr/sbin/tcpdump -i eth0 -w traffic03.cap
> > > >
> > > > Control+C when you get enough data, download traffic03.cap to your
> > > > computer, and load it up in wireshark.
> > > >
> > > > > From: michs...@live.no
> > > > > To: hlds_linux@list.valvesoftware.com
> > > > > Date: Sun, 29 Jan 2012 17:34:17 +0100
> > > > > Subject: Re: [hlds_linux] No Steam Logon - massive lag
> > > > >
> > > > >
> > > > > Tbh I have no idea how to find out what this is, how do I even 
> > > > > use
> > > > tcpdump to output that info? All I get from it is "encrypted" like 
> > > > with some weird chars that Notepad++ can't open.Help please.
> > > > >
> > > > > > Date: Sat, 28 Jan 2012 23:57:31 +0100
> > > > > > From: nowa...@platinum.linux.pl
> > > > > > To: hlds_linux@list.valvesoftware.com
> > > > > > Subject: Re: [hlds_linux] No Steam Logon - massive lag
> > > > > >
> > > > > > tcpdump of an attack on one of my servers:
> > > > > >
> > > > > > 18:01:58.350565 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> > length 18
> > > > > >  0x:  4500 002e 1dc1  7711 6a89 5bc0 a579
> > > >  E...w.j.[..y
> > > > > >  0x0010:    04f3 6987 001a 0728 3342 4521
> > > >  ..i(3BE!
> > > > > >  0x0020:  6f64 7936 5341 4d50 4245 2164 6969
> > > > ody6SAMPBE!dii
> > > > > > 18:01:58.351470 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> > length 18
> > > > > >  0x:  4500 002e 1dc3  7711 6a87 5bc0 a579
> > > >  E...w.j.[..y
> > > > > >  0x0010:    04f3 6987 001a 0728 3342 4521
> > > >  ..i(3BE!
> > > > > >  0x0020:  6f64 7936 5341 4d50 4245 2164 6969
> > > > ody6SAMPBE!dii
> > > > > > 18:01:58.352542 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> > length 0
> > > > > >  0x:  4500 001c 1dc4  7711 6a98 5bc0 a579
> > > >  E...w.j.[..y
> > > > > >  0x0010:    04f3 6987 0008 d5ee  
> > > >  ..i.
> > > > > >  0x0020:        
> > > > ..
> > > > > > 18:01:58.353050 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> > length 18
> > > > > >  0x:  4500 002e 1dc5  7711 6a85 5bc0 a579
> > > >  E...w.j.[..y
> > > > > >  0x0010:    04f3 6987 001a 0728 3342 4521
> > > >  ..i(3BE!
> > > > > >  0x0020:  6f64 7936 5341 4d50 4245 2164 6969
> > > > ody6SAMPBE!dii
> > > > > > 18:01:58.353988 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> > length 18
> > > > > >  0x:  4500 002e 1dc7  7711 6a83 5bc0 a579
> > > >  E...w.j.[..y
> > > > > >  0x0010:    04f3 6987 001a 0728 3342 4521
> > > >  ..i(3BE!
> > > > > >  0x0020:  6f64 7936 5341 4d50 4245 2164 6969
> > > > ody6SAMPBE!dii
> > > > > > 18:01:58.354937 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> > length 18
> > > > > >  0x:  4500 002e 1dc9  7711 6a81 5bc0 a579
> > > >  E...w.j.[..y
> > > > > >  0x

Re: [hlds_linux] No Steam Logon - massive lag

2012-01-30 Thread Frank

ab...@comcast.net 
Send all the info you got to them and let them handle it...if something such as 
this is coming from a residential connection thru them then it’s a violation of 
their TOS.

-Original Message-
From: hlds_linux-boun...@list.valvesoftware.com 
[mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of voice
Sent: Monday, January 30, 2012 10:00 AM
To: Half-Life dedicated Linux server mailing list
Subject: Re: [hlds_linux] No Steam Logon - massive lag

Unless Valve is running Steam off of Comcast residential connections I'd say 
no. The IP that attacked me was coming from one of those.
On Jan 30, 2012 8:36 AM, "Michael Johansen"  wrote:

>
> Thanks for the correct command. Anyhow, is there a way to figure out 
> if it is infact a targeted attack or if it's Steam messing up?
>
> > From: cladi...@gmail.com
> > Date: Sun, 29 Jan 2012 22:57:02 -0500
> > To: hlds_linux@list.valvesoftware.com
> > Subject: Re: [hlds_linux] No Steam Logon - massive lag
> >
> > >
> > > Michael Johansen ✆ michs...@live.no via<
> http://support.google.com/mail/bin/answer.py?hl=en&ctx=mail&answer=131
> 1182
> >
> > >  valvesoftware.com
> > > Jan 28 (2 days ago)
> > >
> > >  to hlds_linux
> > >  Hi,
> > > How would I find that IP? I've got root access on both the machines.
> > > Problem is, everyone lagged out on TWO machines, which is in 
> > > separate datacenters and even in different countrys!
> > >
> >
> > if an attacker is pin-pointing  you directly, all he would have to 
> > do is attack both.
> >
> > On Sun, Jan 29, 2012 at 12:53 PM, Joe Brown 
> > >wrote:
> >
> > >
> > > Run tcpdump for a little:
> > >
> > > > /usr/sbin/tcpdump -i eth0 -w traffic03.cap
> > >
> > > Control+C when you get enough data, download traffic03.cap to your
> > > computer, and load it up in wireshark.
> > >
> > > > From: michs...@live.no
> > > > To: hlds_linux@list.valvesoftware.com
> > > > Date: Sun, 29 Jan 2012 17:34:17 +0100
> > > > Subject: Re: [hlds_linux] No Steam Logon - massive lag
> > > >
> > > >
> > > > Tbh I have no idea how to find out what this is, how do I even 
> > > > use
> > > tcpdump to output that info? All I get from it is "encrypted" like 
> > > with some weird chars that Notepad++ can't open.Help please.
> > > >
> > > > > Date: Sat, 28 Jan 2012 23:57:31 +0100
> > > > > From: nowa...@platinum.linux.pl
> > > > > To: hlds_linux@list.valvesoftware.com
> > > > > Subject: Re: [hlds_linux] No Steam Logon - massive lag
> > > > >
> > > > > tcpdump of an attack on one of my servers:
> > > > >
> > > > > 18:01:58.350565 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> length 18
> > > > >  0x:  4500 002e 1dc1  7711 6a89 5bc0 a579
> > >  E...w.j.[..y
> > > > >  0x0010:    04f3 6987 001a 0728 3342 4521
> > >  ..i(3BE!
> > > > >  0x0020:  6f64 7936 5341 4d50 4245 2164 6969
> > > ody6SAMPBE!dii
> > > > > 18:01:58.351470 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> length 18
> > > > >  0x:  4500 002e 1dc3  7711 6a87 5bc0 a579
> > >  E...w.j.[..y
> > > > >  0x0010:    04f3 6987 001a 0728 3342 4521
> > >  ..i(3BE!
> > > > >  0x0020:  6f64 7936 5341 4d50 4245 2164 6969
> > > ody6SAMPBE!dii
> > > > > 18:01:58.352542 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> length 0
> > > > >  0x:  4500 001c 1dc4  7711 6a98 5bc0 a579
> > >  E...w.j.[..y
> > > > >  0x0010:    04f3 6987 0008 d5ee  
> > >  ..i.
> > > > >  0x0020:        
> > > ..
> > > > > 18:01:58.353050 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> length 18
> > > > >  0x:  4500 002e 1dc5  7711 6a85 5bc0 a579
> > >  E...w.j.[..y
> > > > >  0x0010:    04f3 6987 001a 0728 3342 4521
> > >  ..i(3BE!
> > > > >  0x0020:  6f64 7936 5341 4d50 4245 2164 6969
> > > ody6SAMPBE!dii
> > > > > 18:01:58.353988 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> length 18
> > > > >  0x:  4500 002e 1dc7  7711 6a83 5bc0 a579
> > >  E...w.j.[..y
> > > > >  0x0010:    04f3 6987 001a 0728 3342 4521
> > >  ..i(3BE!
> > > > >  0x0020:  6f64 7936 5341 4d50 4245 2164 6969
> > > ody6SAMPBE!dii
> > > > > 18:01:58.354937 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> length 18
> > > > >  0x:  4500 002e 1dc9  7711 6a81 5bc0 a579
> > >  E...w.j.[..y
> > > > >  0x0010:    04f3 6987 001a 0728 3342 4521
> > >  ..i(3BE!
> > > > >  0x0020:  6f64 7936 5341 4d50 4245 2164 6969
> > > ody6SAMPBE!dii
> > > > > 18:01:58.355887 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> length 0
> > > > >  0x:  4500 001c 1dca  7711 6a92 5bc0 a579
> > >  E...w.j.[..y
> > > > >  0x0010:    04f3 6987 0008 d5ee  
> > >  ..i.
> > > > >  0x0020:        
> > > ..
> > > > >
> > >

Re: [hlds_linux] No Steam Logon - massive lag

2012-01-30 Thread Michael Johansen


I would send them the logfile, however, the attacks are 100% random, I have no 
idea whether it happens when all servers are full or whatever. Any ideas or 
should I just play and have the finger on the enter button prepared to send the 
tcpdump command? 

> Date: Mon, 30 Jan 2012 08:59:33 -0600
> From: voic...@gmail.com
> To: hlds_linux@list.valvesoftware.com
> Subject: Re: [hlds_linux] No Steam Logon - massive lag
> 
> Unless Valve is running Steam off of Comcast residential connections I'd
> say no. The IP that attacked me was coming from one of those.
> On Jan 30, 2012 8:36 AM, "Michael Johansen"  wrote:
> 
> >
> > Thanks for the correct command. Anyhow, is there a way to figure out if it
> > is infact a targeted attack or if it's Steam messing up?
> >
> > > From: cladi...@gmail.com
> > > Date: Sun, 29 Jan 2012 22:57:02 -0500
> > > To: hlds_linux@list.valvesoftware.com
> > > Subject: Re: [hlds_linux] No Steam Logon - massive lag
> > >
> > > >
> > > > Michael Johansen ✆ michs...@live.no via<
> > http://support.google.com/mail/bin/answer.py?hl=en&ctx=mail&answer=1311182
> > >
> > > >  valvesoftware.com
> > > > Jan 28 (2 days ago)
> > > >
> > > >  to hlds_linux
> > > >  Hi,
> > > > How would I find that IP? I've got root access on both the machines.
> > > > Problem is, everyone lagged out on TWO machines, which is in separate
> > > > datacenters and even in different countrys!
> > > >
> > >
> > > if an attacker is pin-pointing  you directly, all he would have to do is
> > > attack both.
> > >
> > > On Sun, Jan 29, 2012 at 12:53 PM, Joe Brown  > >wrote:
> > >
> > > >
> > > > Run tcpdump for a little:
> > > >
> > > > > /usr/sbin/tcpdump -i eth0 -w traffic03.cap
> > > >
> > > > Control+C when you get enough data, download traffic03.cap to your
> > > > computer, and load it up in wireshark.
> > > >
> > > > > From: michs...@live.no
> > > > > To: hlds_linux@list.valvesoftware.com
> > > > > Date: Sun, 29 Jan 2012 17:34:17 +0100
> > > > > Subject: Re: [hlds_linux] No Steam Logon - massive lag
> > > > >
> > > > >
> > > > > Tbh I have no idea how to find out what this is, how do I even use
> > > > tcpdump to output that info? All I get from it is "encrypted" like with
> > > > some weird chars that Notepad++ can't open.Help please.
> > > > >
> > > > > > Date: Sat, 28 Jan 2012 23:57:31 +0100
> > > > > > From: nowa...@platinum.linux.pl
> > > > > > To: hlds_linux@list.valvesoftware.com
> > > > > > Subject: Re: [hlds_linux] No Steam Logon - massive lag
> > > > > >
> > > > > > tcpdump of an attack on one of my servers:
> > > > > >
> > > > > > 18:01:58.350565 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> > length 18
> > > > > >  0x:  4500 002e 1dc1  7711 6a89 5bc0 a579
> > > >  E...w.j.[..y
> > > > > >  0x0010:    04f3 6987 001a 0728 3342 4521
> > > >  ..i(3BE!
> > > > > >  0x0020:  6f64 7936 5341 4d50 4245 2164 6969
> > > > ody6SAMPBE!dii
> > > > > > 18:01:58.351470 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> > length 18
> > > > > >  0x:  4500 002e 1dc3  7711 6a87 5bc0 a579
> > > >  E...w.j.[..y
> > > > > >  0x0010:    04f3 6987 001a 0728 3342 4521
> > > >  ..i(3BE!
> > > > > >  0x0020:  6f64 7936 5341 4d50 4245 2164 6969
> > > > ody6SAMPBE!dii
> > > > > > 18:01:58.352542 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> > length 0
> > > > > >  0x:  4500 001c 1dc4  7711 6a98 5bc0 a579
> > > >  E...w.j.[..y
> > > > > >  0x0010:    04f3 6987 0008 d5ee  
> > > >  ..i.
> > > > > >  0x0020:        
> > > > ..
> > > > > > 18:01:58.353050 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> > length 18
> > > > > >  0x:  4500 002e 1dc5  7711 6a85 5bc0 a579
> > > >  E...w.j.[..y
> > > > > >  0x0010:    04f3 6987 001a 0728 3342 4521
> > > >  ..i(3BE!
> > > > > >  0x0020:  6f64 7936 5341 4d50 4245 2164 6969
> > > > ody6SAMPBE!dii
> > > > > > 18:01:58.353988 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> > length 18
> > > > > >  0x:  4500 002e 1dc7  7711 6a83 5bc0 a579
> > > >  E...w.j.[..y
> > > > > >  0x0010:    04f3 6987 001a 0728 3342 4521
> > > >  ..i(3BE!
> > > > > >  0x0020:  6f64 7936 5341 4d50 4245 2164 6969
> > > > ody6SAMPBE!dii
> > > > > > 18:01:58.354937 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> > length 18
> > > > > >  0x:  4500 002e 1dc9  7711 6a81 5bc0 a579
> > > >  E...w.j.[..y
> > > > > >  0x0010:    04f3 6987 001a 0728 3342 4521
> > > >  ..i(3BE!
> > > > > >  0x0020:  6f64 7936 5341 4d50 4245 2164 6969
> > > > ody6SAMPBE!dii
> > > > > > 18:01:58.355887 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> > length 0
> > > > > >  0x:  4500 001c 1dca  7711 6a92 5bc0 a579
> > > >  E...w.j.[..y
> > > > > >  0x0010:    04f3 6987 000

Re: [hlds_linux] No Steam Logon - massive lag

2012-01-30 Thread voice

Unless Valve is running Steam off of Comcast residential connections I'd
say no. The IP that attacked me was coming from one of those.
On Jan 30, 2012 8:36 AM, "Michael Johansen"  wrote:

>
> Thanks for the correct command. Anyhow, is there a way to figure out if it
> is infact a targeted attack or if it's Steam messing up?
>
> > From: cladi...@gmail.com
> > Date: Sun, 29 Jan 2012 22:57:02 -0500
> > To: hlds_linux@list.valvesoftware.com
> > Subject: Re: [hlds_linux] No Steam Logon - massive lag
> >
> > >
> > > Michael Johansen ✆ michs...@live.no via<
> http://support.google.com/mail/bin/answer.py?hl=en&ctx=mail&answer=1311182
> >
> > >  valvesoftware.com
> > > Jan 28 (2 days ago)
> > >
> > >  to hlds_linux
> > >  Hi,
> > > How would I find that IP? I've got root access on both the machines.
> > > Problem is, everyone lagged out on TWO machines, which is in separate
> > > datacenters and even in different countrys!
> > >
> >
> > if an attacker is pin-pointing  you directly, all he would have to do is
> > attack both.
> >
> > On Sun, Jan 29, 2012 at 12:53 PM, Joe Brown  >wrote:
> >
> > >
> > > Run tcpdump for a little:
> > >
> > > > /usr/sbin/tcpdump -i eth0 -w traffic03.cap
> > >
> > > Control+C when you get enough data, download traffic03.cap to your
> > > computer, and load it up in wireshark.
> > >
> > > > From: michs...@live.no
> > > > To: hlds_linux@list.valvesoftware.com
> > > > Date: Sun, 29 Jan 2012 17:34:17 +0100
> > > > Subject: Re: [hlds_linux] No Steam Logon - massive lag
> > > >
> > > >
> > > > Tbh I have no idea how to find out what this is, how do I even use
> > > tcpdump to output that info? All I get from it is "encrypted" like with
> > > some weird chars that Notepad++ can't open.Help please.
> > > >
> > > > > Date: Sat, 28 Jan 2012 23:57:31 +0100
> > > > > From: nowa...@platinum.linux.pl
> > > > > To: hlds_linux@list.valvesoftware.com
> > > > > Subject: Re: [hlds_linux] No Steam Logon - massive lag
> > > > >
> > > > > tcpdump of an attack on one of my servers:
> > > > >
> > > > > 18:01:58.350565 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> length 18
> > > > >  0x:  4500 002e 1dc1  7711 6a89 5bc0 a579
> > >  E...w.j.[..y
> > > > >  0x0010:    04f3 6987 001a 0728 3342 4521
> > >  ..i(3BE!
> > > > >  0x0020:  6f64 7936 5341 4d50 4245 2164 6969
> > > ody6SAMPBE!dii
> > > > > 18:01:58.351470 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> length 18
> > > > >  0x:  4500 002e 1dc3  7711 6a87 5bc0 a579
> > >  E...w.j.[..y
> > > > >  0x0010:    04f3 6987 001a 0728 3342 4521
> > >  ..i(3BE!
> > > > >  0x0020:  6f64 7936 5341 4d50 4245 2164 6969
> > > ody6SAMPBE!dii
> > > > > 18:01:58.352542 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> length 0
> > > > >  0x:  4500 001c 1dc4  7711 6a98 5bc0 a579
> > >  E...w.j.[..y
> > > > >  0x0010:    04f3 6987 0008 d5ee  
> > >  ..i.
> > > > >  0x0020:        
> > > ..
> > > > > 18:01:58.353050 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> length 18
> > > > >  0x:  4500 002e 1dc5  7711 6a85 5bc0 a579
> > >  E...w.j.[..y
> > > > >  0x0010:    04f3 6987 001a 0728 3342 4521
> > >  ..i(3BE!
> > > > >  0x0020:  6f64 7936 5341 4d50 4245 2164 6969
> > > ody6SAMPBE!dii
> > > > > 18:01:58.353988 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> length 18
> > > > >  0x:  4500 002e 1dc7  7711 6a83 5bc0 a579
> > >  E...w.j.[..y
> > > > >  0x0010:    04f3 6987 001a 0728 3342 4521
> > >  ..i(3BE!
> > > > >  0x0020:  6f64 7936 5341 4d50 4245 2164 6969
> > > ody6SAMPBE!dii
> > > > > 18:01:58.354937 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> length 18
> > > > >  0x:  4500 002e 1dc9  7711 6a81 5bc0 a579
> > >  E...w.j.[..y
> > > > >  0x0010:    04f3 6987 001a 0728 3342 4521
> > >  ..i(3BE!
> > > > >  0x0020:  6f64 7936 5341 4d50 4245 2164 6969
> > > ody6SAMPBE!dii
> > > > > 18:01:58.355887 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> length 0
> > > > >  0x:  4500 001c 1dca  7711 6a92 5bc0 a579
> > >  E...w.j.[..y
> > > > >  0x0010:    04f3 6987 0008 d5ee  
> > >  ..i.
> > > > >  0x0020:        
> > > ..
> > > > >
> > > > > Low bandwidth (~250 packets per second) but was severly lagging the
> > > > > game, all clients dropping with no steam logon. Iptables killed it
> but
> > > > > there is something seriously wrong with srcds if it can't just
> ignore
> > > > > those packets.
> > > > >
> > > > > On 2012-01-28 17:31, voice wrote:
> > > > > > Bleh, attached an image and now its pending approval, lesson
> learned.
> > > > > > Instead have a link:
> > > http://projectshadow.randomsonicnet.org/srcds/dos.png
> > > > > >

Re: [hlds_linux] No Steam Logon - massive lag

2012-01-30 Thread David Parker

It's most likely an attack and not Steam, but I bet someone from Valve could 
tell you pretty quickly whether or not it's related to Steam if you sent them a 
portion of the capture file.  Not sure who you would send that to, though.  
Maybe li...@valvesoftware.com ?

- Dave

--
Dave Parker
Systems Administrator
Utica College
(315) 792-3229
Registered Linux User #408177

- Original Message -
> From: "Michael Johansen" 
> To: "hlds linux" 
> Sent: Monday, January 30, 2012 9:34:54 AM
> Subject: Re: [hlds_linux] No Steam Logon - massive lag
> 
> 
> Thanks for the correct command. Anyhow, is there a way to figure out
> if it is infact a targeted attack or if it's Steam messing up?
> 
> > From: cladi...@gmail.com
> > Date: Sun, 29 Jan 2012 22:57:02 -0500
> > To: hlds_linux@list.valvesoftware.com
> > Subject: Re: [hlds_linux] No Steam Logon - massive lag
> > 
> > >
> > > Michael Johansen ✆ michs...@live.no
> > > via
> > >  valvesoftware.com
> > > Jan 28 (2 days ago)
> > >
> > >  to hlds_linux
> > >  Hi,
> > > How would I find that IP? I've got root access on both the
> > > machines.
> > > Problem is, everyone lagged out on TWO machines, which is in
> > > separate
> > > datacenters and even in different countrys!
> > >
> > 
> > if an attacker is pin-pointing  you directly, all he would have to
> > do is
> > attack both.
> > 
> > On Sun, Jan 29, 2012 at 12:53 PM, Joe Brown
> > wrote:
> > 
> > >
> > > Run tcpdump for a little:
> > >
> > > > /usr/sbin/tcpdump -i eth0 -w traffic03.cap
> > >
> > > Control+C when you get enough data, download traffic03.cap to
> > > your
> > > computer, and load it up in wireshark.
> > >
> > > > From: michs...@live.no
> > > > To: hlds_linux@list.valvesoftware.com
> > > > Date: Sun, 29 Jan 2012 17:34:17 +0100
> > > > Subject: Re: [hlds_linux] No Steam Logon - massive lag
> > > >
> > > >
> > > > Tbh I have no idea how to find out what this is, how do I even
> > > > use
> > > tcpdump to output that info? All I get from it is "encrypted"
> > > like with
> > > some weird chars that Notepad++ can't open.Help please.
> > > >
> > > > > Date: Sat, 28 Jan 2012 23:57:31 +0100
> > > > > From: nowa...@platinum.linux.pl
> > > > > To: hlds_linux@list.valvesoftware.com
> > > > > Subject: Re: [hlds_linux] No Steam Logon - massive lag
> > > > >
> > > > > tcpdump of an attack on one of my servers:
> > > > >
> > > > > 18:01:58.350565 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> > > > > length 18
> > > > >  0x:  4500 002e 1dc1  7711 6a89 5bc0 a579
> > >  E...w.j.[..y
> > > > >  0x0010:    04f3 6987 001a 0728 3342 4521
> > >  ..i(3BE!
> > > > >  0x0020:  6f64 7936 5341 4d50 4245 2164 6969
> > > ody6SAMPBE!dii
> > > > > 18:01:58.351470 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> > > > > length 18
> > > > >  0x:  4500 002e 1dc3  7711 6a87 5bc0 a579
> > >  E...w.j.[..y
> > > > >  0x0010:    04f3 6987 001a 0728 3342 4521
> > >  ..i(3BE!
> > > > >  0x0020:  6f64 7936 5341 4d50 4245 2164 6969
> > > ody6SAMPBE!dii
> > > > > 18:01:58.352542 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> > > > > length 0
> > > > >  0x:  4500 001c 1dc4  7711 6a98 5bc0 a579
> > >  E...w.j.[..y
> > > > >  0x0010:    04f3 6987 0008 d5ee  
> > >  ..i.
> > > > >  0x0020:        
> > > ..
> > > > > 18:01:58.353050 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> > > > > length 18
> > > > >  0x:  4500 002e 1dc5  7711 6a85 5bc0 a579
> > >  E...w.j.[..y
> > > > >  0x0010:    04f3 6987 001a 0728 3342 4521
> > >  ..i(3BE!
> > > > >  0x0020:  6f64 7936 5341 4d50 4245 2164 6969
> > > ody6SAMPBE!dii
> > > > > 18:01:58.353988 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> > > > > length 18
> > > > >  0x:  4500 002e 1dc7  7711 6a83 5bc0 a579
> > >  E...w.j.[..y
> > > > >  0x0010:    04f3 6987 001a 0728 3342 4521
> > >  ..i(3BE!
> > > > >  0x0020:  6f64 7936 5341 4d50 4245 2164 6969
> > > ody6SAMPBE!dii
> > > > > 18:01:58.354937 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> > > > > length 18
> > > > >  0x:  4500 002e 1dc9  7711 6a81 5bc0 a579
> > >  E...w.j.[..y
> > > > >  0x0010:    04f3 6987 001a 0728 3342 4521
> > >  ..i(3BE!
> > > > >  0x0020:  6f64 7936 5341 4d50 4245 2164 6969
> > > ody6SAMPBE!dii
> > > > > 18:01:58.355887 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP,
> > > > > length 0
> > > > >  0x:  4500 001c 1dca  7711 6a92 5bc0 a579
> > >  E...w.j.[..y
> > > > >  0x0010:    04f3 6987 0008 d5ee  
> > >  ..i.
> > > > >  0x0020:        
> > > ..
> > > > >
> > > > > Low bandwidth (~250 packets pe

Re: [hlds_linux] No Steam Logon - massive lag

2012-01-30 Thread Michael Johansen


Thanks for the correct command. Anyhow, is there a way to figure out if it is 
infact a targeted attack or if it's Steam messing up?

> From: cladi...@gmail.com
> Date: Sun, 29 Jan 2012 22:57:02 -0500
> To: hlds_linux@list.valvesoftware.com
> Subject: Re: [hlds_linux] No Steam Logon - massive lag
> 
> >
> > Michael Johansen ✆ michs...@live.no 
> > via
> >  valvesoftware.com
> > Jan 28 (2 days ago)
> >
> >  to hlds_linux
> >  Hi,
> > How would I find that IP? I've got root access on both the machines.
> > Problem is, everyone lagged out on TWO machines, which is in separate
> > datacenters and even in different countrys!
> >
> 
> if an attacker is pin-pointing  you directly, all he would have to do is
> attack both.
> 
> On Sun, Jan 29, 2012 at 12:53 PM, Joe Brown wrote:
> 
> >
> > Run tcpdump for a little:
> >
> > > /usr/sbin/tcpdump -i eth0 -w traffic03.cap
> >
> > Control+C when you get enough data, download traffic03.cap to your
> > computer, and load it up in wireshark.
> >
> > > From: michs...@live.no
> > > To: hlds_linux@list.valvesoftware.com
> > > Date: Sun, 29 Jan 2012 17:34:17 +0100
> > > Subject: Re: [hlds_linux] No Steam Logon - massive lag
> > >
> > >
> > > Tbh I have no idea how to find out what this is, how do I even use
> > tcpdump to output that info? All I get from it is "encrypted" like with
> > some weird chars that Notepad++ can't open.Help please.
> > >
> > > > Date: Sat, 28 Jan 2012 23:57:31 +0100
> > > > From: nowa...@platinum.linux.pl
> > > > To: hlds_linux@list.valvesoftware.com
> > > > Subject: Re: [hlds_linux] No Steam Logon - massive lag
> > > >
> > > > tcpdump of an attack on one of my servers:
> > > >
> > > > 18:01:58.350565 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP, length 18
> > > >  0x:  4500 002e 1dc1  7711 6a89 5bc0 a579
> >  E...w.j.[..y
> > > >  0x0010:    04f3 6987 001a 0728 3342 4521
> >  ..i(3BE!
> > > >  0x0020:  6f64 7936 5341 4d50 4245 2164 6969
> > ody6SAMPBE!dii
> > > > 18:01:58.351470 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP, length 18
> > > >  0x:  4500 002e 1dc3  7711 6a87 5bc0 a579
> >  E...w.j.[..y
> > > >  0x0010:    04f3 6987 001a 0728 3342 4521
> >  ..i(3BE!
> > > >  0x0020:  6f64 7936 5341 4d50 4245 2164 6969
> > ody6SAMPBE!dii
> > > > 18:01:58.352542 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP, length 0
> > > >  0x:  4500 001c 1dc4  7711 6a98 5bc0 a579
> >  E...w.j.[..y
> > > >  0x0010:    04f3 6987 0008 d5ee  
> >  ..i.
> > > >  0x0020:        
> > ..
> > > > 18:01:58.353050 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP, length 18
> > > >  0x:  4500 002e 1dc5  7711 6a85 5bc0 a579
> >  E...w.j.[..y
> > > >  0x0010:    04f3 6987 001a 0728 3342 4521
> >  ..i(3BE!
> > > >  0x0020:  6f64 7936 5341 4d50 4245 2164 6969
> > ody6SAMPBE!dii
> > > > 18:01:58.353988 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP, length 18
> > > >  0x:  4500 002e 1dc7  7711 6a83 5bc0 a579
> >  E...w.j.[..y
> > > >  0x0010:    04f3 6987 001a 0728 3342 4521
> >  ..i(3BE!
> > > >  0x0020:  6f64 7936 5341 4d50 4245 2164 6969
> > ody6SAMPBE!dii
> > > > 18:01:58.354937 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP, length 18
> > > >  0x:  4500 002e 1dc9  7711 6a81 5bc0 a579
> >  E...w.j.[..y
> > > >  0x0010:    04f3 6987 001a 0728 3342 4521
> >  ..i(3BE!
> > > >  0x0020:  6f64 7936 5341 4d50 4245 2164 6969
> > ody6SAMPBE!dii
> > > > 18:01:58.355887 IP 91.192.165.121.1267 > x.x.x.x.27015: UDP, length 0
> > > >  0x:  4500 001c 1dca  7711 6a92 5bc0 a579
> >  E...w.j.[..y
> > > >  0x0010:    04f3 6987 0008 d5ee  
> >  ..i.
> > > >  0x0020:        
> > ..
> > > >
> > > > Low bandwidth (~250 packets per second) but was severly lagging the
> > > > game, all clients dropping with no steam logon. Iptables killed it but
> > > > there is something seriously wrong with srcds if it can't just ignore
> > > > those packets.
> > > >
> > > > On 2012-01-28 17:31, voice wrote:
> > > > > Bleh, attached an image and now its pending approval, lesson learned.
> > > > > Instead have a link:
> > http://projectshadow.randomsonicnet.org/srcds/dos.png
> > > > >
> > > > > The thing to see there is the constant stream from port 65098 to the
> > > > > server's port. All UDP traffic in IPTraf gets thrown into that bottom
> > > > > window.
> > > > >
> > > > > Regards,
> > > > > Chris
> > > > >
> > > > > On Sat, Jan 28, 2012 at 10:17 AM, Harry Cann > >wrote:
> > > > >
> > > > >> We get the same on our linux TF2 servers!
> > > > >>
> > > > >> - Reply message -
> > > > >> From: "

Re: [hlds_linux] CS:GO hostname setting?

2012-01-30 Thread Eric Riemers

In the end, it doesn't matter how they would implement it, as long as there
is at least 1 system that handles that.
Some ideas have their pros and cons but I am sure valve can work out
something here.

Would be nice if a valve person could say a word or 2 on how they think
about it.

-Original Message-
From: hlds_linux-boun...@list.valvesoftware.com
[mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Jonas
Stendahl
Sent: maandag 30 januari 2012 11:29
To: Mart-Jan Reeuwijk; Half-Life dedicated Linux server mailing list
Subject: Re: [hlds_linux] CS:GO hostname setting?

We already have our tf_server_identity_token for registered servers (in TF
at least). If adding a server to favorites would associate it with that
token the server wouldn't die because of IP changes.

On Mon, Jan 30, 2012 at 4:15 AM, Mart-Jan Reeuwijk
wrote:

> hmm, must agree on the vulnerability on that.
>
> Valve could do some with ID's there, that a favorited server delivers 
> their ID to "favorite" and valve resolves it to the actual server.
>
>
> But I rather have it linked by IP in steamgroups. Server admins can 
> then put ALL the right IP's in the list, etc. so people get the choice 
> of which server of the group they want to play on. Some groups have like
50 servers.
> Its a pain to add them all manually.
>
>
>
> >
> > From: dmex 
> >To: 'Half-Life dedicated Linux server mailing list' <
> hlds_linux@list.valvesoftware.com>
> >Sent: Monday, 30 January 2012, 3:33
> >Subject: Re: [hlds_linux] CS:GO hostname setting?
> >
> >I think the main reason why Valve disallowed hostnames was due to how 
> >dns allows the assignment of multiple A records to the one name in the
zone.
> >
> >If you had three servers, some would configure their records with all
> three
> >addresses and you could end up on an entirely different server to the 
> >one you actually wanted to connect due to what order these are 
> >returned or due to a few other reasons.
> >
> >One obvious concern would be ISPs who run their own gaming network 
> >like
> here
> >in Australia, they would be able to re-route your DNS entry very 
> >easily
> for
> >their customers back to their servers, it's much harder to re-route 
> >your
> IP
> >address.
> >
> >-Original Message-
> >From: hlds_linux-boun...@list.valvesoftware.com
> >[mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of 
> >Necavi
> >Sent: Monday, 30 January 2012 8:41 AM
> >To: 'Half-Life dedicated Linux server mailing list'
> >Subject: Re: [hlds_linux] CS:GO hostname setting?
> >
> >They have done something about it, they prevented it from being 
> >available
> in
> >the source engine.
> >
> >-Original Message-
> >From: hlds_linux-boun...@list.valvesoftware.com
> >[mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of James 
> >Puckett
> >Sent: Sunday, January 29, 2012 16:40
> >To: Half-Life dedicated Linux server mailing list
> >Subject: Re: [hlds_linux] CS:GO hostname setting?
> >
> >No need to yell, but the 'negative' you proposed is already wild in 
> >counter-strike 1.6 without even exploiting the said proposal and 
> >Valve has yet to do anything about it.
> >___
> >To unsubscribe, edit your list preferences, or view the list 
> >archives, please visit:
> >https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
> >
> >
> >___
> >To unsubscribe, edit your list preferences, or view the list 
> >archives, please visit:
> >https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
> >
> >
> >___
> >To unsubscribe, edit your list preferences, or view the list 
> >archives,
> please visit:
> >https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
> >
> >
> >
> ___
> To unsubscribe, edit your list preferences, or view the list archives, 
> please visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>
___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

Re: [hlds_linux] CS:GO hostname setting?

2012-01-30 Thread Jonas Stendahl

We already have our tf_server_identity_token for registered servers (in TF
at least). If adding a server to favorites would associate it with that
token the server wouldn't die because of IP changes.

On Mon, Jan 30, 2012 at 4:15 AM, Mart-Jan Reeuwijk wrote:

> hmm, must agree on the vulnerability on that.
>
> Valve could do some with ID's there, that a favorited server delivers
> their ID to "favorite" and valve resolves it to the actual server.
>
>
> But I rather have it linked by IP in steamgroups. Server admins can then
> put ALL the right IP's in the list, etc. so people get the choice of which
> server of the group they want to play on. Some groups have like 50 servers.
> Its a pain to add them all manually.
>
>
>
> >
> > From: dmex 
> >To: 'Half-Life dedicated Linux server mailing list' <
> hlds_linux@list.valvesoftware.com>
> >Sent: Monday, 30 January 2012, 3:33
> >Subject: Re: [hlds_linux] CS:GO hostname setting?
> >
> >I think the main reason why Valve disallowed hostnames was due to how dns
> >allows the assignment of multiple A records to the one name in the zone.
> >
> >If you had three servers, some would configure their records with all
> three
> >addresses and you could end up on an entirely different server to the one
> >you actually wanted to connect due to what order these are returned or due
> >to a few other reasons.
> >
> >One obvious concern would be ISPs who run their own gaming network like
> here
> >in Australia, they would be able to re-route your DNS entry very easily
> for
> >their customers back to their servers, it's much harder to re-route your
> IP
> >address.
> >
> >-Original Message-
> >From: hlds_linux-boun...@list.valvesoftware.com
> >[mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Necavi
> >Sent: Monday, 30 January 2012 8:41 AM
> >To: 'Half-Life dedicated Linux server mailing list'
> >Subject: Re: [hlds_linux] CS:GO hostname setting?
> >
> >They have done something about it, they prevented it from being available
> in
> >the source engine.
> >
> >-Original Message-
> >From: hlds_linux-boun...@list.valvesoftware.com
> >[mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of James
> >Puckett
> >Sent: Sunday, January 29, 2012 16:40
> >To: Half-Life dedicated Linux server mailing list
> >Subject: Re: [hlds_linux] CS:GO hostname setting?
> >
> >No need to yell, but the 'negative' you proposed is already wild in
> >counter-strike 1.6 without even exploiting the said proposal and Valve has
> >yet to do anything about it.
> >___
> >To unsubscribe, edit your list preferences, or view the list archives,
> >please visit:
> >https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
> >
> >
> >___
> >To unsubscribe, edit your list preferences, or view the list archives,
> >please visit:
> >https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
> >
> >
> >___
> >To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> >https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
> >
> >
> >
> ___
> To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>
___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

Re: [hlds_linux] No Steam Logon - massive lag

Re: [hlds_linux] Respawn Countdown Loop [TF2]

Re: [hlds_linux] Respawn Countdown Loop [TF2]

Re: [hlds_linux] Respawn Countdown Loop [TF2]

[hlds_linux] Respawn Countdown Loop [TF2]

Re: [hlds_linux] No Steam Logon - massive lag

Re: [hlds_linux] No Steam Logon - massive lag

Re: [hlds_linux] CS:GO hostname setting?

Re: [hlds_linux] No Steam Logon - massive lag

Re: [hlds_linux] No Steam Logon - massive lag

Re: [hlds_linux] No Steam Logon - massive lag

Re: [hlds_linux] No Steam Logon - massive lag

Re: [hlds_linux] No Steam Logon - massive lag

Re: [hlds_linux] No Steam Logon - massive lag

Re: [hlds_linux] CS:GO hostname setting?

Re: [hlds_linux] CS:GO hostname setting?

16 matches

Site Navigation

Mail list logo

Footer information