-boun...@list.valvesoftware.com] On Behalf Of Hüseyin
Cerik
Sent: Tuesday, February 03, 2009 4:24 PM
To: Half-Life dedicated Linux server mailing list
Subject: Re: [hlds_linux] Counterstrike Source DDos Attack !!! NO JOKE !!!
hey, you can download this from
http://sourceop.com/modules.php?name
, February 03, 2009 4:24 PM
To: Half-Life dedicated Linux server mailing list
Subject: Re: [hlds_linux] Counterstrike Source DDos Attack !!! NO JOKE !!!
hey, you can download this from
http://sourceop.com/modules.php?name=Downloadsd_op=viewdownloadcid=9
nice night...
Patrick Shelley schrieb:
I
Sent: Wednesday, February 04, 2009 5:24 AM
To: Half-Life dedicated Linux server mailing list
Subject: Re: [hlds_linux] Counterstrike Source DDos Attack !!! NO JOKE !!!
This wasnt a command Tony, this is the little crash application where you
put in the IP and it sends 'packets'? to flood the server
Sent: Wednesday, January 21, 2009 6:16 AM
Subject: Re: [hlds_linux] Counterstrike Source DDos Attack !!! NO JOKE
!!!
Btw, that IP address you posted matched a previously connected player
on
my
servers:
cunt biscuit
STEAM_0:1:19343424
173.71.55.57
- Original Message -
From: Tony Paloma drunkenf...@hotmail.com
To: 'Half-Life dedicated Linux server mailing list'
hlds_linux@list.valvesoftware.com
Sent: Wednesday, January 21, 2009 6:16 AM
Subject: Re: [hlds_linux] Counterstrike Source DDos Attack !!! NO JOKE
dedicated Linux server mailing list
Subject: Re: [hlds_linux] Counterstrike Source DDos Attack !!! NO JOKE !!!
hey, you can download this from
http://sourceop.com/modules.php?name=Downloadsd_op=viewdownloadcid=9
nice night...
Patrick Shelley schrieb:
I think this is being done to my tf2 servers
...@hotmail.com
To: 'Half-Life dedicated Linux server mailing list'
hlds_linux@list.valvesoftware.com
Sent: Wednesday, January 21, 2009 6:16 AM
Subject: Re: [hlds_linux] Counterstrike Source DDos Attack !!! NO JOKE !!!
Btw, that IP address you posted matched a previously connected player on
my
servers
, January 21, 2009 6:16 AM
Subject: Re: [hlds_linux] Counterstrike Source DDos Attack !!! NO JOKE !!!
Btw, that IP address you posted matched a previously connected player on
my
servers:
cunt biscuit
STEAM_0:1:19343424
173.71.55.57
-Original Message-
From: hlds_linux-boun
...@hotmail.com
To: 'Half-Life dedicated Linux server mailing list'
hlds_linux@list.valvesoftware.com
Sent: Wednesday, January 21, 2009 6:16 AM
Subject: Re: [hlds_linux] Counterstrike Source DDos Attack !!! NO JOKE
!!!
Btw, that IP address you posted matched a previously connected player
Thanks Neph, as always. :)
Drek
Nephyrin Zey wrote:
Linux/iptables users- this firewall rule will completely stop the
attack (tested):
-A INPUT -p udp -m udp --dport 27015 -m length --length 28 -j DROP
Repeat for any ports your servers run on besides 27015
- Neph
Hi:
Please STOP posting the crash program to prevent even more scriptkiddies.
Dear Huseyin Cerik please block acces to your link.
Thx a lot
___
To unsubscribe, edit your list preferences, or view the list archives, please
visit:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
actually this program is really well spread outside of this mailinglist.
a quick search gave 20+ rapidshare and the like links.
so if it is spread here so that people can patch it. (as already
happening with iptable filters) it is a good thing no?
I've given you the program so that is what we do ... I would be nasty if
I would not announce here or ... somehow we must try as the program is,
therefore, we need the program
Andres Pozos schrieb:
Hi:
Please STOP posting the crash program to prevent even more scriptkiddies.
Dear Huseyin
dedicated Linux server mailing list
Subject: Re: [hlds_linux] Counterstrike Source DDos Attack !!! NO JOKE !!!
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
actually this program is really well spread outside of this mailinglist.
a quick search gave 20+ rapidshare and the like links.
so if it is spread
:04 PM
To: Half-Life dedicated Linux server mailing list
Subject: Re: [hlds_linux] Counterstrike Source DDos Attack !!! NO JOKE !!!
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
actually this program is really well spread outside of this mailinglist.
a quick search gave 20+ rapidshare
hello neph we tested this script one he gives a error
iptables -A INPUT -p udp -m udp --dport 27015 -m length --length 28 -j DROP
- iptables: No chain/target/match by that name
can u help me ?
Nephyrin Zey schrieb:
Linux/iptables users- this firewall rule will completely stop the
attack
It sounds like you either don't have a chain named INPUT, or you don't
have support for the DROP target. Both of those are pretty standard
things to have. If you are using a vendor-delivered version of iptables
(like a stock install from Red Hat or CentOS), you might have a chain
called
Sorry, I re-read the error and it's more likely a match problem. Try
taking out the -m udp:
iptables -A INPUT -p udp --dport 27015 -m length --length 28 -j DROP
- Dave
David A. Parker wrote:
It sounds like you either don't have a chain named INPUT, or you don't
have support for the
On Tue, 20 Jan 2009 20:27:28 +0100, Hüseyin Cerik
azrail.2...@gmail.com said:
hello neph we tested this script one he gives a error
iptables -A INPUT -p udp -m udp --dport 27015 -m length --length 28 -j
DROP
- iptables: No chain/target/match by that name
can u help me ?
What is the output
hello neph we tested this script one he gives a error
iptables -A INPUT -p udp -m udp --dport 27015 -m length --length 28 -j
DROP
- iptables: No chain/target/match by that name
can u help me ?
Do you have iptables properly loaded and running?
On most distros checking this is something
You guys are freaking legends - i have no idea what your talking about LOL -
soz, had a drink.
___
To unsubscribe, edit your list preferences, or view the list archives, please
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux
This is becoming really annoying.
Here's an IP of one of the asshats who just did it to my servers. Ban him
with your firewall if you don't have yourself protected:
173.71.55.57
On Tue, Jan 20, 2009 at 8:18 PM, Patrick Shelley sidest...@gmail.comwrote:
You guys are freaking legends - i have no
Subject: Re: [hlds_linux] Counterstrike Source DDos Attack !!! NO JOKE !!!
This is becoming really annoying.
Here's an IP of one of the asshats who just did it to my servers. Ban him
with your firewall if you don't have yourself protected:
173.71.55.57
On Tue, Jan 20, 2009 at 8:18 PM, Patrick
, January 20, 2009 8:57 PM
To: Half-Life dedicated Linux server mailing list
Subject: Re: [hlds_linux] Counterstrike Source DDos Attack !!! NO JOKE !!!
This is becoming really annoying.
Here's an IP of one of the asshats who just did it to my servers. Ban him
with your firewall if you don't have yourself
Seems to work on fine on Team Fortress 2 as well :(.
On Sun, Jan 18, 2009 at 11:53 PM, J T jtr...@gmail.com wrote:
You would have to look at the packet's datagram and see what is being sent
to the server to successfully filter the offensive packets correctly.
On Sun, Jan 18, 2009 at 10:11
[mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of 1nsane
Sent: Tuesday, 20 January 2009 9:14 AM
To: Half-Life dedicated Linux server mailing list
Subject: Re: [hlds_linux] Counterstrike Source DDos Attack !!! NO JOKE !!!
Seems to work on fine on Team Fortress 2 as well :(.
On Sun, Jan 18, 2009 at 11
I'd be wary that a program like this would contain something to decode your
clientregistry.blob.
On Mon, Jan 19, 2009 at 4:14 PM, 1nsane 1nsane...@gmail.com wrote:
Seems to work on fine on Team Fortress 2 as well :(.
On Sun, Jan 18, 2009 at 11:53 PM, J T jtr...@gmail.com wrote:
You would
We have to hope that everyone on this list is smart enough to run it in
a sandboxed vm
Cc2iscooL wrote:
I'd be wary that a program like this would contain something to decode your
clientregistry.blob.
On Mon, Jan 19, 2009 at 4:14 PM, 1nsane 1nsane...@gmail.com wrote:
Seems to work
I was under the impression that you had to run it with the actual game
running.
On Mon, Jan 19, 2009 at 5:00 PM, Tom Leighton
tomrleigh...@googlemail.comwrote:
We have to hope that everyone on this list is smart enough to run it in
a sandboxed vm
Cc2iscooL wrote:
I'd be wary that a
No. You do not. It's remote.
On Mon, Jan 19, 2009 at 6:06 PM, Cc2iscooL cc2isc...@gmail.com wrote:
I was under the impression that you had to run it with the actual game
running.
On Mon, Jan 19, 2009 at 5:00 PM, Tom Leighton
tomrleigh...@googlemail.comwrote:
We have to hope that everyone
Leighton
Sent: 19 January 2009 23:00
To: Half-Life dedicated Linux server mailing list
Subject: Re: [hlds_linux] Counterstrike Source DDos Attack !!! NO JOKE !!!
We have to hope that everyone on this list is smart enough to run it in
a sandboxed vm
Cc2iscooL wrote:
I'd be wary that a program
PM
To: 'Half-Life dedicated Linux server mailing list'
Subject: Re: [hlds_linux] Counterstrike Source DDos Attack !!! NO JOKE !!!
Do you have a copy of the captured data?
I think the smarter thing to do would be to e-mail one of the Valve devs so
that they can investigate and block how
Linux/iptables users- this firewall rule will completely stop the
attack (tested):
-A INPUT -p udp -m udp --dport 27015 -m length --length 28 -j DROP
Repeat for any ports your servers run on besides 27015
- Neph
___
To unsubscribe, edit your list
It's actually DoS, not DDoS...
Somebody tried that file?
- Marcel
___
To unsubscribe, edit your list preferences, or view the list archives, please
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux
sorry have overseen this:
Hüseyin Cerik | HBHK.eU schrieb:
Please help us we pay per year to 2000 € for the server but there are 100 th
of servers with the same time have trouble
2k eur/yr? guy, you can't be seriousthis has to be a machine from
hell or somebody just sucks you out :D
i pay 120 euros a month n it comes with 3 war servers and i am not
including 1 public deathmatchle gungame server our rootserver can find
that money annualy. i am not talking about the money i am here to
talking about if you guys or any1 to help me find any programs that can
crash down
I tried it on my servers. It is working. Players felt huge spikes and after
5 minutes from 20/20 players it had 0/20 :
On Sun, Jan 18, 2009 at 1:29 PM, Marcel hlds_li...@vermasslt.de wrote:
It's actually DoS, not DDoS...
Somebody tried that file?
- Marcel
Never tried it out but had this issue with my server a few times lags like a
mother then everyone leaves. Need a fix for it.
Date: Sun, 18 Jan 2009 15:11:45 +0100
From: tra...@gmail.com
To: hlds_linux@list.valvesoftware.com
Subject: Re: [hlds_linux] Counterstrike Source DDos Attack
for it.
Date: Sun, 18 Jan 2009 15:11:45 +0100
From: tra...@gmail.com
To: hlds_linux@list.valvesoftware.com
Subject: Re: [hlds_linux] Counterstrike Source DDos Attack !!! NO JOKE !!!
I tried it on my servers. It is working. Players felt huge spikes and after
5 minutes from 20/20
Subject: Re: [hlds_linux] Counterstrike Source DDos Attack !!! NO JOKE !!!
think about it i am a bad person and im playin a game in a server and
because i dont obey with the rules they ban me so i suggest to use the
programs i have in my hands and crash down the servers. now our days
people
...@gmail.com; Half-Life dedicated Linux server mailing list
Subject: Re: [hlds_linux] Counterstrike Source DDos Attack !!! NO JOKE !!!
Analyze the network traffic and setup appropriate firewall rules. It's not
that hard to prevent it.
- Original Message -
From: Hüseyin Cerik azrail.2
: Wolfie - Cybernetic a...@cybernetic-servers.co.uk
To: 'Half-Life dedicated Linux server mailing list'
hlds_linux@list.valvesoftware.com
Sent: Sunday, January 18, 2009 7:17 PM
Subject: Re: [hlds_linux] Counterstrike Source DDos Attack !!! NO JOKE !!!
The problem is when this happens the ddos
Sent: Sunday, January 18, 2009 7:17 PM
Subject: Re: [hlds_linux] Counterstrike Source DDos Attack !!! NO JOKE !!!
The problem is when this happens the ddos is done on the udp css port, so
it's not easy to filter out.
-Original Message-
From: hlds_linux-boun
.
-Original Message-
From: hlds_linux-boun...@list.valvesoftware.com
[mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Ronny
Schedel
Sent: 18 January 2009 18:28
To: Half-Life dedicated Linux server mailing list
Subject: Re: [hlds_linux] Counterstrike Source DDos Attack !!! NO JOKE
@list.valvesoftware.com
Sent: Sunday, January 18, 2009 7:17 PM
Subject: Re: [hlds_linux] Counterstrike Source DDos Attack !!! NO JOKE !!!
The problem is when this happens the ddos is done on the udp css port, so
it's not easy to filter out.
-Original Message-
From: hlds_linux-boun
list'
hlds_linux@list.valvesoftware.com
Sent: Sunday, January 18, 2009 7:46 PM
Subject: Re: [hlds_linux] Counterstrike Source DDos Attack !!! NO JOKE !!!
Its still not that simple, udp is obviously lots of small packets, as soon
as you get some kind of firewall opening that many packets before
Message -
From: Pawel tra...@gmail.com
To: Half-Life dedicated Linux server mailing list
hlds_linux@list.valvesoftware.com
Sent: Sunday, January 18, 2009 7:41 PM
Subject: Re: [hlds_linux] Counterstrike Source DDos Attack !!! NO JOKE !!!
Hmm are there any logs in linux? That we can find user
...
- Original Message -
From: Pawel tra...@gmail.com
To: Half-Life dedicated Linux server mailing list
hlds_linux@list.valvesoftware.com
Sent: Sunday, January 18, 2009 7:41 PM
Subject: Re: [hlds_linux] Counterstrike Source DDos Attack !!! NO JOKE !!!
Hmm are there any logs in linux? That we
Message - From: Hüseyin Cerik
azrail.2...@gmail.com
To: Half-Life dedicated Linux server mailing list
hlds_linux@list.valvesoftware.com
Sent: Sunday, January 18, 2009 8:06 PM
Subject: Re: [hlds_linux] Counterstrike Source DDos Attack !!! NO JOKE
!!!
we have written a script over the ip
Sent: Sunday, January 18, 2009 11:32 AM
To: Ronny Schedel
Cc: Half-Life dedicated Linux server mailing list
Subject: Re: [hlds_linux] Counterstrike Source DDos Attack !!! NO JOKE !!!
our servers are already linux and ip tables i bought from a company
called crowfire which they are based in germany
I would like to see this file, I have been looking for something to
work on with iptables for a while now.
2009/1/18 Tony Paloma drunkenf...@hotmail.com:
I can't download the file because the limit was reached. Can you upload it
somewhere else so I can check out what it's doing with Wireshark?
http://www.jgknet.eu/crashprogrami/Crash.zip
Pete schrieb:
I would like to see this file, I have been looking for something to
work on with iptables for a while now.
2009/1/18 Tony Paloma drunkenf...@hotmail.com:
I can't download the file because the limit was reached. Can you upload it
...@list.valvesoftware.com
[mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Hüseyin
Cerik
Sent: Sunday, January 18, 2009 11:32 AM
To: Ronny Schedel
Cc: Half-Life dedicated Linux server mailing list
Subject: Re: [hlds_linux] Counterstrike Source DDos Attack !!! NO JOKE !!!
our servers
...@list.valvesoftware.com
[mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Hüseyin
Cerik
Sent: Sunday, January 18, 2009 11:32 AM
To: Ronny Schedel
Cc: Half-Life dedicated Linux server mailing list
Subject: Re: [hlds_linux] Counterstrike Source DDos Attack !!! NO JOKE !!!
our servers are already
www.jgknet.eu/crashprogrami/Crash.zip
here ist the file
Pete schrieb:
I would like to see this file, I have been looking for something to
work on with iptables for a while now.
2009/1/18 Tony Paloma drunkenf...@hotmail.com:
I can't download the file because the limit was reached.
We got it the first time.
On Sun, Jan 18, 2009 at 7:32 PM, Hüseyin Cerik azrail.2...@gmail.comwrote:
www.jgknet.eu/crashprogrami/Crash.zip
here ist the file
Pete schrieb:
I would like to see this file, I have been looking for something to
work on with iptables for a while now.
You would have to look at the packet's datagram and see what is being sent
to the server to successfully filter the offensive packets correctly.
On Sun, Jan 18, 2009 at 10:11 AM, Ronny Schedel i...@ronny-schedel.dewrote:
Analyze the network traffic and setup appropriate firewall rules. It's not
Hello, we have a problem with a valve Counter Strike Source server. 've
Spoken with the providers who say the attack on the valve content server and
then goes to the game server will then go to the pings 500 - 2000 high then
the server crashed.
I have found the program must be the man ip port
that files looks dodgy as hell.. I am not touching it without a sandboxed
VM.. even if it is a valid exploit .. why would you send it to the entire
list?
Hello, we have a problem with a valve Counter Strike Source server. 've
Spoken with the providers who say the attack on the valve content
* the reason that i am giving you this program is because steam support
advised me about you! they said they could not help us in anyway and advised
you. isnt there anyway against these programs such as ip version, port or
you put down the intervall (ms) down to 200 and then start to put down
But upload it to some other host. In rpaidshare there is a limit for 10
person only and 11,12 ... won't download it.
On Fri, Jan 16, 2009 at 11:33 PM, Hüseyin C. azrail.2...@gmail.com wrote:
* the reason that i am giving you this program is because steam support
advised me about you! they said
Yes the more people abuse it the more likely it will be fixed or something
:S.
On Fri, Jan 16, 2009 at 6:06 PM, Pawel tra...@gmail.com wrote:
But upload it to some other host. In rpaidshare there is a limit for 10
person only and 11,12 ... won't download it.
On Fri, Jan 16, 2009 at 11:33 PM,
62 matches
Mail list logo