For the larger replies there is already a handshake/challenge system in place, don't suppose you have a capture of some of the data you were being hit with?
Regards, Asher On Sun, Mar 25, 2012 at 6:23 PM, Harry Strongburg <[email protected]> wrote: > On Sun, Mar 25, 2012 at 12:20:37PM -0400, Joe Brown wrote: >> Are you sure it was from SRCDS servers and not just from boxes running >> both Quake3 and SRCDS? I know Quake3 protocol (servers) allows for an >> unlimited number of queries, so it's very easy to slam an IP with >> several gbps of queries in a short amount of time. There really is no >> easy way to block the reflected attack that I know of. Either get a >> DDoS protected host or block all Quake3 based servers. > > I am pretty sure they are only running srcds. I only did a quick search > though. In either case my issue here isn't blocking it since I run Linux > on my firewall, it's just seeing if Valve is ever going to work more to > "fix it at the source". Stricter rate limiting, required TCP handshake > before sending any data to the "connecting" IP, etc. Just those are some > quick ways I'd guess would work, but I'm not sure how practical they'd > be. > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
