It is and it will be always possible to DDOS any csgo server if it does not use some kind of two-way ddos protection. You can drop packets with specific length / not contain specific string...but is is very easy to copy legit srcds packet with legit length and flood any srcds server in the world with the legit packets....Those packts are for example qconnect or ...U.. packet...This is a common issue of SRCDS.
On Mon, Oct 5, 2015 at 9:22 AM, Don Park <[email protected]> wrote: > Could you please explain how its outdated then? Because it addresses the > theoretical maximum bandwidth use within actual physical limitations of > networking. The math is still the same. Its still used for insurgency > game servers and they share a fair amount of networking code. > On Oct 5, 2015 4:17 PM, "Nomaan Ahmad" <[email protected]> wrote: > >> That wiki is really old and isn't for CS:GO. >> >> On 5 October 2015 at 08:09, Don Park <[email protected]> wrote: >> >>> Oh also. This is probably something you want for your iptables >>> configuration if you do go that route. >>> >>> >>> https://steamcommunity.com/linkfilter/?url=http://whisper.ausgamers.com/wiki/index.php/Tickrate#Server_Bandwidth_Calculation_for_Dummies >>> On Oct 5, 2015 4:06 PM, "Don Park" <[email protected]> wrote: >>> >>>> Banning the ip through the server firewall still has the traffic coming >>>> to your server therefore using your bandwidth (since its server side >>>> deciding if it wants to drop the traffic). >>>> >>>> For example, in a very simple terms, if your server has 100 mbit uplink >>>> and you block via iptables an IP thats DoSing you at 50 mbit, your >>>> resources are still being used up since it still hits the server and the >>>> server decided if it wants to pass it to the application or not. That is a >>>> little bit of mitigation but won't stop the problem. >>>> >>>> Same thing can be applied to the datacenter level. Iptables are >>>> helpful for the smaller DoS and DDoS, but in the end I don't think it >>>> solves the actual core issue. >>>> >>>> We're going to need more detail, like the tcpdump information or >>>> something since all we have to go off of are nonessential information and >>>> vague descriptions. Also there's no detail as to what kind of DoS it is >>>> (e.g. layer 7 or 3) and if it really is distributed or not. >>>> On Oct 5, 2015 3:49 PM, "Левинчук Федор" <[email protected]> >>>> wrote: >>>> >>>>> yep >>>>> I think better way it to ban IP that have more trafic to server than >>>>> it should >>>>> but i don`t know what params i need >>>>> for example >>>>> at one server i have 4 128 tick public servers with 20 slots each >>>>> at second server i have 4 128 tick public compatitive with 11 slots >>>>> and gotv(128 snapshot_rate) each >>>>> >>>>> how to calculate rate rules in iptables and then ban ddos-ers at >>>>> fail2ban? >>>>> >>>>> 05.10.2015, 16:30, "Bruno Garcia" <[email protected]>: >>>>> > fail2ban uses iptables for banning... >>>>> > >>>>> > On Mon, Oct 5, 2015 at 2:42 AM, Левинчук Федор < >>>>> [email protected]> wrote: >>>>> >> Hi >>>>> >> >>>>> >> before it i just block 0:32 byte packages ("connect" flood bug) >>>>> >> but someone dropdown my servers by make them do a lot of IO >>>>> operations >>>>> >> I used this guide >>>>> >> >>>>> https://github.com/ulrichblock/bash-scripts-gameserver/blob/master/iptables.sh >>>>> >> it helps, but not good enough >>>>> >> >>>>> >>> /Srcds Hardening guide on Alliedmodders >>>>> >> It`s outdated for today ddos bugs >>>>> >> >>>>> >>> Run a tcpdump and post that here. >>>>> >> have one, a lot of packages from one IP with different length, drop >>>>> link to dump later >>>>> >> >>>>> >>> tcpdump -i any -c 30000 -w dump1.pcap >>>>> >> better >>>>> >> tcpdump -i any -C 100 -W 50 -w dump1.pcap >>>>> >> >>>>> >> it will rollover dump in 50 files by 100mb >>>>> >> >>>>> >> does someone use iptables & fail2ban combination? >>>>> >> >>>>> >> 04.10.2015, 21:31, "Calvin J" <[email protected]>: >>>>> >>> Hi, >>>>> >>> >>>>> >>> Nobody can help you with the information you have provided. Run a >>>>> tcpdump and post that here. Though, chances are unlikely that you're going >>>>> to be able to block this with IPTables unless it's small. (If the attack >>>>> is >>>>> exceeding the line speed, run the tcpdump over IPMI.) >>>>> >>> >>>>> >>> Also, you should dump those firewall rules in the meantime as >>>>> they're likely causing you more harm than good. I assume you followed that >>>>> IPTables/Srcds Hardening guide on Alliedmodders. And while some of those >>>>> rules may be useful, it's extremely unlikely that you needed to copy and >>>>> paste everything in that thread. >>>>> >>> >>>>> >>> Example usage of tcpdump. >>>>> >>> >>>>> >>> tcpdump -i any -c 30000 -w dump1.pcap >>>>> >>> >>>>> >>> On 10/4/2015 5:12 AM, Левинчук Федор wrote: >>>>> >>>> Hi everyone >>>>> >>>> >>>>> >>>> need your help >>>>> >>>> i have this in iptables >>>>> >>>> http://pastebin.com/RX955Vjq >>>>> >>>> i have 128 tik servers >>>>> >>>> maybe some params in iptable are wrong or missing >>>>> >>>> but somehow attacker ddos my MM servers >>>>> >>>> can someone give advice? >>>>> >>>> thx in advance >>>>> >>>> >>>>> >>>> _______________________________________________ Csgo_servers >>>>> mailing list [email protected] >>>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >>>>> >>> >>>>> >>> -- >>>>> >>> Calvin Judy >>>>> >>> Founder & CEO >>>>> >>> PH#: (843) 410-8486 >>>>> >>> Mail: [email protected] >>>>> >>> >>>>> >>> , >>>>> >>> >>>>> >>> _______________________________________________ >>>>> >>> Csgo_servers mailing list >>>>> >>> [email protected] >>>>> >>> >>>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >>>>> >> >>>>> >> _______________________________________________ >>>>> >> Csgo_servers mailing list >>>>> >> [email protected] >>>>> >> >>>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >>>>> > >>>>> > , >>>>> > >>>>> > _______________________________________________ >>>>> > Csgo_servers mailing list >>>>> > [email protected] >>>>> > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >>>>> >>>>> _______________________________________________ >>>>> Csgo_servers mailing list >>>>> [email protected] >>>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >>>> >>>> >>> _______________________________________________ >>> Csgo_servers mailing list >>> [email protected] >>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >>> >> >> >> _______________________________________________ >> Csgo_servers mailing list >> [email protected] >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >> > > _______________________________________________ > Csgo_servers mailing list > [email protected] > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers > -- S pozdravom / Sincerely, Roland Mondek
_______________________________________________ Csgo_servers mailing list [email protected] https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
