> I agree, this is a really old problem, but security through obscurity > rarely works for long and this one may become a problem now. I can think > of at least one relatively transparent way to solve the problem, which is > to implement some traffic-shaping within the game server application. Rate > limit query/status/info responses to queries from the same source to some > reasonable level. No challenge would be required, and all the client-side > applications could remain unchanged. Seems like a limit of one or two > query responses every five or ten seconds to the same IP address would be > sufficient for just about anything I can think of.
The problem with your solution is that (if IP spoofing is really used), you don't KNOW the source (the source IP address is bogus). The real solution to this is for IP providers to block packets at the router front end when the source address in the packet does NOT match the network that the packet came from. If Cisco, Bay Networks (now Nortel), 3Com and the other network vendors would get off their asses and implement proper filtering (and if monkey brained ISPs would turn on the filters), we wouldn't have this type of attacks. Jeffrey "botman" Broome _______________________________________________ hlds_apps mailing list [EMAIL PROTECTED] http://list.valvesoftware.com/mailman/listinfo/hlds_apps
