subject:"Re\: \[hlds_linux\] Is today's TF2\/DODS\/CSS update a required server update\?"

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

2011-01-28 Thread John


On 1/28/2011 2:07 PM, Gary Stanley wrote:
Bottom line is you cannot protect yourself against DDOS. Only thing 
you can do is hope you have more transit than the attackers. 


That's partially true. With DDoS attacks that exceed your transit 
capacity, the link size does come into play. However, many DDoS attacks 
do not, and can still be effective in bringing down targets. The 
distributed UDP query DDoS attacks that many have seen lately are a good 
example of this, in that the application stops responding properly long 
before the line's capacity is exceeded. Similarly, SYN floods can be 
very small and still lead to resource exhaustion, as the OS on the 
target machine expends CPU cycles and dedicates memory to responding to 
each request.


With a DDoS attack that is less than the speed of transit links, 
filtering and other techniques often work well. For instance, simple 
iptables rules (as many have seen) can cut limit attacks based on 
per-source or per-destination rate, packet length, strings inside the 
packet, and so on. Similarly, SYN cookies work extremely well at 
countering SYN floods because they take memory out of the equation, 
allowing most modern machines to handle very large attacks (right up to 
near line rate). There's a solid market niche based around (expensive) 
DDoS-mitigation appliances that attempt to automatically detect inbound 
attacks and filter them, making the process relatively hands-off; these 
work best for tracked TCP traffic.


The real reason that game servers should switch to TCP queries is that 
doing so would cut down on *reflection* attacks. Having a simple spoofed 
UDP query packet that can result in a response that is several times as 
large makes it very easy to harness remote game servers in very large 
attacks -- without requiring a network of compromised machines, and 
without revealing the true source of the attack. This scenario has 
become quite common lately


-John

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

2011-01-28 Thread Gary Stanley


At 09:20 AM 1/28/2011, Emil Larsson wrote:

Since it requires a handshake, TCP is impossible to spoof (unlike UDP). It
would make it a bit easier to block IP's since a handshake will fail if a
spoofed IP is used. Of course, most DOS bugs in SRCDS are from bugs and lack
of packet caching/priority.


Errr.. You can spoof  most of IP, just not the handshakes. That's why 
synfloods multilate servers, because of their sheer PPS. Most ISP's 
don't use BCP38, so it's easier for source-routed IPs to leave their 
network. Bottom line is you cannot protect yourself against DDOS. 
Only thing you can do is hope you have more transit than the attackers.











___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

2011-01-28 Thread Gary Stanley


At 09:20 AM 1/28/2011, Emil Larsson wrote:

Since it requires a handshake, TCP is impossible to spoof (unlike UDP). It
would make it a bit easier to block IP's since a handshake will fail if a
spoofed IP is used. Of course, most DOS bugs in SRCDS are from bugs and lack
of packet caching/priority.


Errr.. You can spoof  most of IP, just not the handshakes. That's why 
synfloods multilate servers, because of their sheer PPS. Most ISP's 
don't use BCP38, so it's easier for source-routed IPs to leave their 
network. Bottom line is you cannot protect yourself against DDOS. 
Only thing you can do is hope you have more transit than the attackers.











___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

2011-01-28 Thread John

SYN floods are a very well-understood attack and SYN cookies provide a 
good defense against them.


One nice thing about TCP connections is that the handshake is done at 
the level of the OS, not the application -- so it can take advantage of 
other resources while the game server continues to chug along 
independently, and there's more opportunity for tweaking.


-John

On 1/28/2011 7:28 AM, Saul Rennison wrote:

Please, read what I initially said.

"TCP would solve the issue for queries"

What's the issue with moving the query system from UDP 27015 to TCP 27016?
:/ However, TCP is also prone to DDoS via SYN floods:

"SYN flood  sends a flood of TCP/SYN
packets, often with a forged sender address. Each of these packets is
handled like a connection request, causing the server to spawn a half-open
connection, by sending
back a TCP/SYN-ACK packet, and waiting for a packet in response from the
sender address. However, because the sender address is forged, the response
never comes. These half-open connections saturate the number of available
connections the server is able to make, keeping it from responding to
legitimate requests until after the attack ends."

(see: http://en.wikipedia.org/wiki/SYN_flood)

Basically, ANY transport-layer protocol can be DDoS'd and brought down with
enough bandwidth-- it's the nature of the internet.

Thanks,
  - Saul.


On 28 January 2011 15:12, Frederic Fortier  wrote:


  Yes, a gameserver on TCP is really a bad idea because the handshake
creates a very high overhead. I'm pretty sure you can test it out by
yourself by adding -tcp to your client's startup line, and see if you enjoy
playing with a choke of about 60. Which is why UDP is used instead: while
it's easier to spoof the IP and DDOS without risking to be IP blocked, it's
still better than not being to play the game at all.

Le 2011-01-28 09:20, Emil Larsson a écrit :

  Since it requires a handshake, TCP is impossible to spoof (unlike UDP). It

would make it a bit easier to block IP's since a handshake will fail if a
spoofed IP is used. Of course, most DOS bugs in SRCDS are from bugs and
lack
of packet caching/priority.

However it also have higher overhead, which is why you rarely see
gameservers using it as a protocol.

On Fri, Jan 28, 2011 at 3:05 PM, Saul Rennison
wrote:

  I thought that TCP would solve the issue for queries and stuff like

that but in practice TCP is just as prone to DDoS as UDP -.-

On Friday, 28 January 2011, Marco Padovan
wrote:


TCP for example...

Il 28/01/2011 13:45, frostschutz ha scritto:

On Thu, Jan 27, 2011 at 06:53:08PM -0500, clad iron wrote:

Would there be a way for the engine to identify
exactly where it's coming from and drop the connection ?

It's UDP, there are no connections and you can't stop others
from sending packets to you. So the best you can do is drop
without spending any unnecessary CPU time.

The protocol unfortunately is DDoS by design - if a game has
a ton of players and in one second 100 people around the
world refresh their server list at the same time, your server
has 100 queries to reply to 100 different IPs... per second.
So all you can do is make those queries faster.

Usually games just don't have enough players for this to be
a problem, but Valve is a monster in that regard.

The protocol could be designed differently to make it easier
to drop / delay unwanted packets, but protocol redesign is
not something you do on a regular basis for gameservers. ;)

Regards
frostschutz

___
To unsubscribe, edit your list preferences, or view the list archives,


please visit:


http://list.valvesoftware.com/mailman/listinfo/hlds_linux

___
To unsubscribe, edit your list preferences, or view the list archives,


please visit:


http://list.valvesoftware.com/mailman/listinfo/hlds_linux

  --

Thanks,
  - Saul.

___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux

  ___

To unsubscribe, edit your list preferences, or view the list archives,
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux




___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux


___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux



___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

2011-01-28 Thread Saul Rennison

Please, read what I initially said.

"TCP would solve the issue for queries"

What's the issue with moving the query system from UDP 27015 to TCP 27016?
:/ However, TCP is also prone to DDoS via SYN floods:

"SYN flood  sends a flood of TCP/SYN
packets, often with a forged sender address. Each of these packets is
handled like a connection request, causing the server to spawn a half-open
connection , by sending
back a TCP/SYN-ACK packet, and waiting for a packet in response from the
sender address. However, because the sender address is forged, the response
never comes. These half-open connections saturate the number of available
connections the server is able to make, keeping it from responding to
legitimate requests until after the attack ends."

(see: http://en.wikipedia.org/wiki/SYN_flood)

Basically, ANY transport-layer protocol can be DDoS'd and brought down with
enough bandwidth-- it's the nature of the internet.

Thanks,
 - Saul.

On 28 January 2011 15:12, Frederic Fortier  wrote:

>
>  Yes, a gameserver on TCP is really a bad idea because the handshake
> creates a very high overhead. I'm pretty sure you can test it out by
> yourself by adding -tcp to your client's startup line, and see if you enjoy
> playing with a choke of about 60. Which is why UDP is used instead: while
> it's easier to spoof the IP and DDOS without risking to be IP blocked, it's
> still better than not being to play the game at all.
>
> Le 2011-01-28 09:20, Emil Larsson a écrit :
>
>  Since it requires a handshake, TCP is impossible to spoof (unlike UDP). It
>> would make it a bit easier to block IP's since a handshake will fail if a
>> spoofed IP is used. Of course, most DOS bugs in SRCDS are from bugs and
>> lack
>> of packet caching/priority.
>>
>> However it also have higher overhead, which is why you rarely see
>> gameservers using it as a protocol.
>>
>> On Fri, Jan 28, 2011 at 3:05 PM, Saul Rennison> >wrote:
>>
>>  I thought that TCP would solve the issue for queries and stuff like
>>> that but in practice TCP is just as prone to DDoS as UDP -.-
>>>
>>> On Friday, 28 January 2011, Marco Padovan
>>> wrote:
>>>
 TCP for example...

 Il 28/01/2011 13:45, frostschutz ha scritto:

 On Thu, Jan 27, 2011 at 06:53:08PM -0500, clad iron wrote:

 Would there be a way for the engine to identify
 exactly where it's coming from and drop the connection ?

 It's UDP, there are no connections and you can't stop others
 from sending packets to you. So the best you can do is drop
 without spending any unnecessary CPU time.

 The protocol unfortunately is DDoS by design - if a game has
 a ton of players and in one second 100 people around the
 world refresh their server list at the same time, your server
 has 100 queries to reply to 100 different IPs... per second.
 So all you can do is make those queries faster.

 Usually games just don't have enough players for this to be
 a problem, but Valve is a monster in that regard.

 The protocol could be designed differently to make it easier
 to drop / delay unwanted packets, but protocol redesign is
 not something you do on a regular basis for gameservers. ;)

 Regards
 frostschutz

 ___
 To unsubscribe, edit your list preferences, or view the list archives,

>>> please visit:
>>>
 http://list.valvesoftware.com/mailman/listinfo/hlds_linux

 ___
 To unsubscribe, edit your list preferences, or view the list archives,

>>> please visit:
>>>
 http://list.valvesoftware.com/mailman/listinfo/hlds_linux

  --
>>>
>>> Thanks,
>>>  - Saul.
>>>
>>> ___
>>> To unsubscribe, edit your list preferences, or view the list archives,
>>> please visit:
>>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux
>>>
>>>  ___
>> To unsubscribe, edit your list preferences, or view the list archives,
>> please visit:
>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux
>>
>>
>>
> ___
> To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> http://list.valvesoftware.com/mailman/listinfo/hlds_linux
>
___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

2011-01-28 Thread Frederic Fortier



 Yes, a gameserver on TCP is really a bad idea because the handshake 
creates a very high overhead. I'm pretty sure you can test it out by 
yourself by adding -tcp to your client's startup line, and see if you 
enjoy playing with a choke of about 60. Which is why UDP is used 
instead: while it's easier to spoof the IP and DDOS without risking to 
be IP blocked, it's still better than not being to play the game at all.


Le 2011-01-28 09:20, Emil Larsson a écrit :

Since it requires a handshake, TCP is impossible to spoof (unlike UDP). It
would make it a bit easier to block IP's since a handshake will fail if a
spoofed IP is used. Of course, most DOS bugs in SRCDS are from bugs and lack
of packet caching/priority.

However it also have higher overhead, which is why you rarely see
gameservers using it as a protocol.

On Fri, Jan 28, 2011 at 3:05 PM, Saul Rennisonwrote:


I thought that TCP would solve the issue for queries and stuff like
that but in practice TCP is just as prone to DDoS as UDP -.-

On Friday, 28 January 2011, Marco Padovan
wrote:

TCP for example...

Il 28/01/2011 13:45, frostschutz ha scritto:

On Thu, Jan 27, 2011 at 06:53:08PM -0500, clad iron wrote:

Would there be a way for the engine to identify
exactly where it's coming from and drop the connection ?

It's UDP, there are no connections and you can't stop others
from sending packets to you. So the best you can do is drop
without spending any unnecessary CPU time.

The protocol unfortunately is DDoS by design - if a game has
a ton of players and in one second 100 people around the
world refresh their server list at the same time, your server
has 100 queries to reply to 100 different IPs... per second.
So all you can do is make those queries faster.

Usually games just don't have enough players for this to be
a problem, but Valve is a monster in that regard.

The protocol could be designed differently to make it easier
to drop / delay unwanted packets, but protocol redesign is
not something you do on a regular basis for gameservers. ;)

Regards
frostschutz

___
To unsubscribe, edit your list preferences, or view the list archives,

please visit:

http://list.valvesoftware.com/mailman/listinfo/hlds_linux

___
To unsubscribe, edit your list preferences, or view the list archives,

please visit:

http://list.valvesoftware.com/mailman/listinfo/hlds_linux


--

Thanks,
  - Saul.

___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux


___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux




___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

2011-01-28 Thread Saint K .

http://www.networksorcery.com/enp/protocol/ip/option009.htm

From: hlds_linux-boun...@list.valvesoftware.com 
[hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Emil Larsson 
[ail...@gmail.com]
Sent: 28 January 2011 15:20
To: Half-Life dedicated Linux server mailing list
Subject: Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server  
update?

Since it requires a handshake, TCP is impossible to spoof (unlike UDP). It
would make it a bit easier to block IP's since a handshake will fail if a
spoofed IP is used. Of course, most DOS bugs in SRCDS are from bugs and lack
of packet caching/priority.

However it also have higher overhead, which is why you rarely see
gameservers using it as a protocol.

On Fri, Jan 28, 2011 at 3:05 PM, Saul Rennison wrote:

> I thought that TCP would solve the issue for queries and stuff like
> that but in practice TCP is just as prone to DDoS as UDP -.-
>
> On Friday, 28 January 2011, Marco Padovan 
> wrote:
> > TCP for example...
> >
> > Il 28/01/2011 13:45, frostschutz ha scritto:
> >
> > On Thu, Jan 27, 2011 at 06:53:08PM -0500, clad iron wrote:
> >
> > Would there be a way for the engine to identify
> > exactly where it's coming from and drop the connection ?
> >
> > It's UDP, there are no connections and you can't stop others
> > from sending packets to you. So the best you can do is drop
> > without spending any unnecessary CPU time.
> >
> > The protocol unfortunately is DDoS by design - if a game has
> > a ton of players and in one second 100 people around the
> > world refresh their server list at the same time, your server
> > has 100 queries to reply to 100 different IPs... per second.
> > So all you can do is make those queries faster.
> >
> > Usually games just don't have enough players for this to be
> > a problem, but Valve is a monster in that regard.
> >
> > The protocol could be designed differently to make it easier
> > to drop / delay unwanted packets, but protocol redesign is
> > not something you do on a regular basis for gameservers. ;)
> >
> > Regards
> > frostschutz
> >
> > ___
> > To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> > http://list.valvesoftware.com/mailman/listinfo/hlds_linux
> >
> > ___
> > To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> > http://list.valvesoftware.com/mailman/listinfo/hlds_linux
> >
>
> --
>
> Thanks,
>  - Saul.
>
> ___
> To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> http://list.valvesoftware.com/mailman/listinfo/hlds_linux
>
___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

2011-01-28 Thread Emil Larsson

Since it requires a handshake, TCP is impossible to spoof (unlike UDP). It
would make it a bit easier to block IP's since a handshake will fail if a
spoofed IP is used. Of course, most DOS bugs in SRCDS are from bugs and lack
of packet caching/priority.

However it also have higher overhead, which is why you rarely see
gameservers using it as a protocol.

On Fri, Jan 28, 2011 at 3:05 PM, Saul Rennison wrote:

> I thought that TCP would solve the issue for queries and stuff like
> that but in practice TCP is just as prone to DDoS as UDP -.-
>
> On Friday, 28 January 2011, Marco Padovan 
> wrote:
> > TCP for example...
> >
> > Il 28/01/2011 13:45, frostschutz ha scritto:
> >
> > On Thu, Jan 27, 2011 at 06:53:08PM -0500, clad iron wrote:
> >
> > Would there be a way for the engine to identify
> > exactly where it's coming from and drop the connection ?
> >
> > It's UDP, there are no connections and you can't stop others
> > from sending packets to you. So the best you can do is drop
> > without spending any unnecessary CPU time.
> >
> > The protocol unfortunately is DDoS by design - if a game has
> > a ton of players and in one second 100 people around the
> > world refresh their server list at the same time, your server
> > has 100 queries to reply to 100 different IPs... per second.
> > So all you can do is make those queries faster.
> >
> > Usually games just don't have enough players for this to be
> > a problem, but Valve is a monster in that regard.
> >
> > The protocol could be designed differently to make it easier
> > to drop / delay unwanted packets, but protocol redesign is
> > not something you do on a regular basis for gameservers. ;)
> >
> > Regards
> > frostschutz
> >
> > ___
> > To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> > http://list.valvesoftware.com/mailman/listinfo/hlds_linux
> >
> > ___
> > To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> > http://list.valvesoftware.com/mailman/listinfo/hlds_linux
> >
>
> --
>
> Thanks,
>  - Saul.
>
> ___
> To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> http://list.valvesoftware.com/mailman/listinfo/hlds_linux
>
___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

2011-01-28 Thread Saul Rennison

I thought that TCP would solve the issue for queries and stuff like
that but in practice TCP is just as prone to DDoS as UDP -.-

On Friday, 28 January 2011, Marco Padovan  wrote:
> TCP for example...
>
> Il 28/01/2011 13:45, frostschutz ha scritto:
>
> On Thu, Jan 27, 2011 at 06:53:08PM -0500, clad iron wrote:
>
> Would there be a way for the engine to identify
> exactly where it's coming from and drop the connection ?
>
> It's UDP, there are no connections and you can't stop others
> from sending packets to you. So the best you can do is drop
> without spending any unnecessary CPU time.
>
> The protocol unfortunately is DDoS by design - if a game has
> a ton of players and in one second 100 people around the
> world refresh their server list at the same time, your server
> has 100 queries to reply to 100 different IPs... per second.
> So all you can do is make those queries faster.
>
> Usually games just don't have enough players for this to be
> a problem, but Valve is a monster in that regard.
>
> The protocol could be designed differently to make it easier
> to drop / delay unwanted packets, but protocol redesign is
> not something you do on a regular basis for gameservers. ;)
>
> Regards
> frostschutz
>
> ___
> To unsubscribe, edit your list preferences, or view the list archives, please 
> visit:
> http://list.valvesoftware.com/mailman/listinfo/hlds_linux
>
> ___
> To unsubscribe, edit your list preferences, or view the list archives, please 
> visit:
> http://list.valvesoftware.com/mailman/listinfo/hlds_linux
>

-- 

Thanks,
 - Saul.

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

2011-01-28 Thread Marco Padovan


TCP for example...

Il 28/01/2011 13:45, frostschutz ha scritto:

On Thu, Jan 27, 2011 at 06:53:08PM -0500, clad iron wrote:

Would there be a way for the engine to identify
exactly where it's coming from and drop the connection ?

It's UDP, there are no connections and you can't stop others
from sending packets to you. So the best you can do is drop
without spending any unnecessary CPU time.

The protocol unfortunately is DDoS by design - if a game has
a ton of players and in one second 100 people around the
world refresh their server list at the same time, your server
has 100 queries to reply to 100 different IPs... per second.
So all you can do is make those queries faster.

Usually games just don't have enough players for this to be
a problem, but Valve is a monster in that regard.

The protocol could be designed differently to make it easier
to drop / delay unwanted packets, but protocol redesign is
not something you do on a regular basis for gameservers. ;)

Regards
frostschutz

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

2011-01-28 Thread frostschutz

On Thu, Jan 27, 2011 at 06:53:08PM -0500, clad iron wrote:
> Would there be a way for the engine to identify
> exactly where it's coming from and drop the connection ?

It's UDP, there are no connections and you can't stop others 
from sending packets to you. So the best you can do is drop 
without spending any unnecessary CPU time.

The protocol unfortunately is DDoS by design - if a game has 
a ton of players and in one second 100 people around the 
world refresh their server list at the same time, your server 
has 100 queries to reply to 100 different IPs... per second.
So all you can do is make those queries faster.

Usually games just don't have enough players for this to be 
a problem, but Valve is a monster in that regard.

The protocol could be designed differently to make it easier 
to drop / delay unwanted packets, but protocol redesign is 
not something you do on a regular basis for gameservers. ;)

Regards
frostschutz

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

2011-01-27 Thread Tony Paloma

Check the value of your max global queries per sec and related cvars. After
the max global queries limit is hit it will block queries until it's back
under limit for the sample window and this may be what you're saying. 

-Original Message-
From: hlds_linux-boun...@list.valvesoftware.com
[mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Arie
Sent: Thursday, January 27, 2011 3:17 PM
To: Half-Life dedicated Linux server mailing list
Subject: Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server
update?

Well, the new update seems to be effective at blocking the DoS attacks.

Too effective even, because after an attack it won't allow anyone to connect
any more, even though it's still running and not frozen.




On 28 January 2011 00:01, Kyle Sanderson  wrote:

> Doesn't look like it. I was surprised that nothing was announced on 
> the list. Maybe they're pushing a bigger update later in the day that 
> is required?.
>
> Kyle.
>
> On Thu, Jan 27, 2011 at 2:53 PM, Ross Bemrose 
> wrote:
> > I always update my servers if I see a client update.
> >
> > Today's update updated just one file on the server side: engine.so 
> > in the
> OB
> > Linux Dedicated Server package.
> >
> > Does the fact that it's engine.so mean this is a required server update?
> >
> > ___
> > To unsubscribe, edit your list preferences, or view the list 
> > archives, please visit:
> > http://list.valvesoftware.com/mailman/listinfo/hlds_linux
> >
>
> ___
> To unsubscribe, edit your list preferences, or view the list archives, 
> please visit:
> http://list.valvesoftware.com/mailman/listinfo/hlds_linux
>
___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux


___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

2011-01-27 Thread Kyle Sanderson

Basically the same thing that ServerSecure2 does, minus the inflated
ping. Looks like there is some progress being made, but it's still the
equivalent of monkeying around.

On Thu, Jan 27, 2011 at 3:56 PM, Eric Riemers  wrote:
> So can we conclude that it doesn't solve the issues with attacks?
>
> -Original Message-
> From: hlds_linux-boun...@list.valvesoftware.com
> [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Arie
> Sent: vrijdag 28 januari 2011 0:34
> To: Half-Life dedicated Linux server mailing list
> Subject: Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server
> update?
>
> Just checked another server and it was fine. Only during the attack
> connecting was impossible, but that was expected.
>
>
>
> On 28 January 2011 00:29, Ross Bemrose  wrote:
>
>> I have no problem connecting to one of my servers
>> (red.ocrtf2.com:27015) post-update.
>>
>> However, my servers aren't being DoSed either...
>>
>>
>> On 1/27/2011 6:17 PM, Arie wrote:
>>
>>> Well, the new update seems to be effective at blocking the DoS attacks.
>>>
>>> Too effective even, because after an attack it won't allow anyone to
>>> connect any more, even though it's still running and not frozen.
>>>
>>>
>>>
>>>
>>> On 28 January 2011 00:01, Kyle Sanderson  wrote:
>>>
>>>  Doesn't look like it. I was surprised that nothing was announced on
>>>> the list. Maybe they're pushing a bigger update later in the day
>>>> that is required?.
>>>>
>>>> Kyle.
>>>>
>>>> On Thu, Jan 27, 2011 at 2:53 PM, Ross Bemrose
>>>> wrote:
>>>>
>>>>> I always update my servers if I see a client update.
>>>>>
>>>>> Today's update updated just one file on the server side: engine.so
>>>>> in the
>>>>>
>>>> OB
>>>>
>>>>> Linux Dedicated Server package.
>>>>>
>>>>> Does the fact that it's engine.so mean this is a required server
> update?
>>>>>
>>>>> ___
>>>>> To unsubscribe, edit your list preferences, or view the list
>>>>> archives, please visit:
>>>>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux
>>>>>
>>>>>  ___
>>>> To unsubscribe, edit your list preferences, or view the list
>>>> archives, please visit:
>>>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux
>>>>
>>>>  ___
>>> To unsubscribe, edit your list preferences, or view the list
>>> archives, please visit:
>>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux
>>>
>>
>>
>> ___
>> To unsubscribe, edit your list preferences, or view the list archives,
>> please visit:
>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux
>>
> ___
> To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> http://list.valvesoftware.com/mailman/listinfo/hlds_linux
>
>
> ___
> To unsubscribe, edit your list preferences, or view the list archives, please 
> visit:
> http://list.valvesoftware.com/mailman/listinfo/hlds_linux
>

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

2011-01-27 Thread PryMaL


On 28/01/2011 10:26 AM, Eric Riemers wrote:

So can we conclude that it doesn't solve the issues with attacks?

From what I've seen...
it's helped but not SOLVED the issue.

--
PryMaL

email: pry...@geekout.info
twitter: prymal1981


___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

2011-01-27 Thread Eric Riemers

So can we conclude that it doesn't solve the issues with attacks?

-Original Message-
From: hlds_linux-boun...@list.valvesoftware.com
[mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Arie
Sent: vrijdag 28 januari 2011 0:34
To: Half-Life dedicated Linux server mailing list
Subject: Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server
update?

Just checked another server and it was fine. Only during the attack
connecting was impossible, but that was expected.



On 28 January 2011 00:29, Ross Bemrose  wrote:

> I have no problem connecting to one of my servers 
> (red.ocrtf2.com:27015) post-update.
>
> However, my servers aren't being DoSed either...
>
>
> On 1/27/2011 6:17 PM, Arie wrote:
>
>> Well, the new update seems to be effective at blocking the DoS attacks.
>>
>> Too effective even, because after an attack it won't allow anyone to 
>> connect any more, even though it's still running and not frozen.
>>
>>
>>
>>
>> On 28 January 2011 00:01, Kyle Sanderson  wrote:
>>
>>  Doesn't look like it. I was surprised that nothing was announced on
>>> the list. Maybe they're pushing a bigger update later in the day 
>>> that is required?.
>>>
>>> Kyle.
>>>
>>> On Thu, Jan 27, 2011 at 2:53 PM, Ross Bemrose
>>> wrote:
>>>
>>>> I always update my servers if I see a client update.
>>>>
>>>> Today's update updated just one file on the server side: engine.so 
>>>> in the
>>>>
>>> OB
>>>
>>>> Linux Dedicated Server package.
>>>>
>>>> Does the fact that it's engine.so mean this is a required server
update?
>>>>
>>>> ___
>>>> To unsubscribe, edit your list preferences, or view the list 
>>>> archives, please visit:
>>>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux
>>>>
>>>>  ___
>>> To unsubscribe, edit your list preferences, or view the list 
>>> archives, please visit:
>>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux
>>>
>>>  ___
>> To unsubscribe, edit your list preferences, or view the list 
>> archives, please visit:
>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux
>>
>
>
> ___
> To unsubscribe, edit your list preferences, or view the list archives, 
> please visit:
> http://list.valvesoftware.com/mailman/listinfo/hlds_linux
>
___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux


___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

2011-01-27 Thread clad iron

i have no idea if this is even possible, but if the Dos attacks are now
being able to be blocked. Would there be a way for the engine to identify
exactly where it's coming from and drop the connection ?
I mean a hacker can flood it enough to drop everyone, so it seems there
should be some type of built in optimization that would compensate or fix
the issue.

On Thu, Jan 27, 2011 at 6:33 PM, Arie  wrote:

> Just checked another server and it was fine. Only during the attack
> connecting was impossible, but that was expected.
>
>
>
> On 28 January 2011 00:29, Ross Bemrose  wrote:
>
> > I have no problem connecting to one of my servers (red.ocrtf2.com:27015)
> > post-update.
> >
> > However, my servers aren't being DoSed either...
> >
> >
> > On 1/27/2011 6:17 PM, Arie wrote:
> >
> >> Well, the new update seems to be effective at blocking the DoS attacks.
> >>
> >> Too effective even, because after an attack it won't allow anyone to
> >> connect
> >> any more, even though it's still running and not frozen.
> >>
> >>
> >>
> >>
> >> On 28 January 2011 00:01, Kyle Sanderson  wrote:
> >>
> >>  Doesn't look like it. I was surprised that nothing was announced on
> >>> the list. Maybe they're pushing a bigger update later in the day that
> >>> is required?.
> >>>
> >>> Kyle.
> >>>
> >>> On Thu, Jan 27, 2011 at 2:53 PM, Ross Bemrose
> >>> wrote:
> >>>
>  I always update my servers if I see a client update.
> 
>  Today's update updated just one file on the server side: engine.so in
>  the
> 
> >>> OB
> >>>
>  Linux Dedicated Server package.
> 
>  Does the fact that it's engine.so mean this is a required server
> update?
> 
>  ___
>  To unsubscribe, edit your list preferences, or view the list archives,
>  please visit:
>  http://list.valvesoftware.com/mailman/listinfo/hlds_linux
> 
>   ___
> >>> To unsubscribe, edit your list preferences, or view the list archives,
> >>> please visit:
> >>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux
> >>>
> >>>  ___
> >> To unsubscribe, edit your list preferences, or view the list archives,
> >> please visit:
> >> http://list.valvesoftware.com/mailman/listinfo/hlds_linux
> >>
> >
> >
> > ___
> > To unsubscribe, edit your list preferences, or view the list archives,
> > please visit:
> > http://list.valvesoftware.com/mailman/listinfo/hlds_linux
> >
> ___
> To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> http://list.valvesoftware.com/mailman/listinfo/hlds_linux
>
___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

2011-01-27 Thread Arie

Just checked another server and it was fine. Only during the attack
connecting was impossible, but that was expected.



On 28 January 2011 00:29, Ross Bemrose  wrote:

> I have no problem connecting to one of my servers (red.ocrtf2.com:27015)
> post-update.
>
> However, my servers aren't being DoSed either...
>
>
> On 1/27/2011 6:17 PM, Arie wrote:
>
>> Well, the new update seems to be effective at blocking the DoS attacks.
>>
>> Too effective even, because after an attack it won't allow anyone to
>> connect
>> any more, even though it's still running and not frozen.
>>
>>
>>
>>
>> On 28 January 2011 00:01, Kyle Sanderson  wrote:
>>
>>  Doesn't look like it. I was surprised that nothing was announced on
>>> the list. Maybe they're pushing a bigger update later in the day that
>>> is required?.
>>>
>>> Kyle.
>>>
>>> On Thu, Jan 27, 2011 at 2:53 PM, Ross Bemrose
>>> wrote:
>>>
 I always update my servers if I see a client update.

 Today's update updated just one file on the server side: engine.so in
 the

>>> OB
>>>
 Linux Dedicated Server package.

 Does the fact that it's engine.so mean this is a required server update?

 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds_linux

  ___
>>> To unsubscribe, edit your list preferences, or view the list archives,
>>> please visit:
>>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux
>>>
>>>  ___
>> To unsubscribe, edit your list preferences, or view the list archives,
>> please visit:
>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux
>>
>
>
> ___
> To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> http://list.valvesoftware.com/mailman/listinfo/hlds_linux
>
___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

2011-01-27 Thread Ross Bemrose

I have no problem connecting to one of my servers (red.ocrtf2.com:27015) 
post-update.


However, my servers aren't being DoSed either...

On 1/27/2011 6:17 PM, Arie wrote:

Well, the new update seems to be effective at blocking the DoS attacks.

Too effective even, because after an attack it won't allow anyone to connect
any more, even though it's still running and not frozen.




On 28 January 2011 00:01, Kyle Sanderson  wrote:


Doesn't look like it. I was surprised that nothing was announced on
the list. Maybe they're pushing a bigger update later in the day that
is required?.

Kyle.

On Thu, Jan 27, 2011 at 2:53 PM, Ross Bemrose
wrote:

I always update my servers if I see a client update.

Today's update updated just one file on the server side: engine.so in the

OB

Linux Dedicated Server package.

Does the fact that it's engine.so mean this is a required server update?

___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux


___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux


___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux



___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

2011-01-27 Thread Arie

Well, the new update seems to be effective at blocking the DoS attacks.

Too effective even, because after an attack it won't allow anyone to connect
any more, even though it's still running and not frozen.




On 28 January 2011 00:01, Kyle Sanderson  wrote:

> Doesn't look like it. I was surprised that nothing was announced on
> the list. Maybe they're pushing a bigger update later in the day that
> is required?.
>
> Kyle.
>
> On Thu, Jan 27, 2011 at 2:53 PM, Ross Bemrose 
> wrote:
> > I always update my servers if I see a client update.
> >
> > Today's update updated just one file on the server side: engine.so in the
> OB
> > Linux Dedicated Server package.
> >
> > Does the fact that it's engine.so mean this is a required server update?
> >
> > ___
> > To unsubscribe, edit your list preferences, or view the list archives,
> > please visit:
> > http://list.valvesoftware.com/mailman/listinfo/hlds_linux
> >
>
> ___
> To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> http://list.valvesoftware.com/mailman/listinfo/hlds_linux
>
___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

2011-01-27 Thread Kyle Sanderson

Doesn't look like it. I was surprised that nothing was announced on
the list. Maybe they're pushing a bigger update later in the day that
is required?.

Kyle.

On Thu, Jan 27, 2011 at 2:53 PM, Ross Bemrose  wrote:
> I always update my servers if I see a client update.
>
> Today's update updated just one file on the server side: engine.so in the OB
> Linux Dedicated Server package.
>
> Does the fact that it's engine.so mean this is a required server update?
>
> ___
> To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> http://list.valvesoftware.com/mailman/listinfo/hlds_linux
>

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?

20 matches

Site Navigation

Mail list logo

Footer information