I think a good way to prevent a amplification is to send a unique id and the receiver has to request package for package with this id until the iteration stops.
2014-02-26 13:04 GMT+01:00 Dmitri Ionin <[email protected]>: > Vitaliy's reply here earlier was to inquiry about console error with > discovery that it is caused by requesting server status with php lib or > hlsw. > > S2A_RULES is internal variable name used by PHP library that queried > server status. (sending packet header A2S_RULES = 0x56; receiving packet > header S2A_RULES = 0x45) > > Goal may have been to eliminate amplification attacks as challenge > component was bypassed by some servers with modified netcode. I don't know > if CSGO server did that, but if it did, this is another nuke fix for ant > problem. > And if devs feel that challenge is predictable and can be bypassed, > limiting requests from single ip would be a solution if not fixing > challenge predictability. > > If CSGO uses another protocol for getting server's friendlyfire, team > collision, etc settings without actually connecting with game client, and > this protocol is intended to be used in future, someone from valve should > make it public so we could use it with this kind of software. > > I think valve never considered that code they publish may actually be > useful and used by other applications. If Steam doesn't seem to use that, > they will just break it. > (I believe steam actually does use this packet at least in TF2 quickplay, > so we shall wait code sync that breaks it in turn.) > > /Dmitri > > > 26.02.2014 13:21, Steven Hartland kirjoitti: > >> This is used by loads of applications, utilities and rcon tools. >> >> Breaking it and expecting everyone to fix it over night is not >> really practical. >> >> What was the reason for making this change? >> >> I'm assuming its to try and eliminate amplification attacks? >> >> If so the query protocol for which A2S_RULES (I'm assuming >> S2A_RULES was a typo) is a component already protects against >> this as it requires a valid prior challenge. >> >> If all this is true then I'd echo others responses in that this >> needs to be either fixed to allow this or reverted until a >> better solution can be found. >> >> Regards >> Steve >> >> ----- Original Message ----- From: "Vitaliy Genkin" < >> [email protected]> >> To: <[email protected]> >> Sent: Friday, February 21, 2014 5:48 PM >> Subject: Re: [Csgo_servers] CSGO 1.32.3.0 >> >> >> Do server operators need S2A_RULES response from game servers? Previously >> S2A_RULES response included names and values of all server convars flagged >> as "FCVAR_NOTIFY", but nothing in Steam uses this packet type anymore so I >> don't think any services are affected. >> >> If you have control of your tool(s)/webpage(s) you can stop requesting >> rules from the game server(s) (e.g. don't generate PHP GetRules() request). >> If you really need something in response we can come up with ideas, or we >> can just stop spamming the console and still not respond to that packet. >> >> The spew comes up because the server can no longer send more than one >> packet in response to a single packet external request, and if the response >> is exceeding MTU size the server will not send anything at all instead of >> sending a partial truncated packet. This is the message that is spewed to >> server console to inform about response that was not sent out and its >> estimated bytelength - >> [NET] Cannot send connectionless packet to xxx.xxx.xxx.xxx:58353 '0x45' >> exceeding MTU (2447) >> >> Also replying to a question asked earlier -- threaded socket processing >> is on by default. Official servers are operated by Valve, unless server >> operators install special server plug-ins game servers should no longer >> record or transmit client IP addresses. >> >> Hope this helps, >> -Vitaliy >> >> >> >> -------------------------------------------------------------------------------- >> >> >> >> _______________________________________________ >>> Csgo_servers mailing list >>> [email protected] >>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >>> >> >> >> ================================================ >> This e.mail is private and confidential between Multiplay (UK) Ltd. and >> the person or entity to whom it is addressed. In the event of misdirection, >> the recipient is prohibited from using, copying, printing or otherwise >> disseminating it or any information contained in it. >> In the event of misdirection, illegible or incomplete transmission please >> telephone +44 845 868 1337 >> or return the E.mail to [email protected]. >> >> >> _______________________________________________ >> Csgo_servers mailing list >> [email protected] >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >> > > > _______________________________________________ > Csgo_servers mailing list > [email protected] > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >
_______________________________________________ Csgo_servers mailing list [email protected] https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
