Kendokan wrote:
The problem with your solution is that (if IP spoofing is really used),
you don't KNOW the source (the source IP address is bogus).
This is true, but since all responses are rate-limited it won't matter if
the destination is spoofed or not. Of course, an attacker hits enough
You really missed botman's point...if the SOURCE is spoofed then how can
you set rate limits? They call it a DDOS attack because you use more than
one server to flood the victim. Using one server would simply be ineffective.
servers (maybe a hundred or so) with DDOS packets they could still flood a
victim from those servers, but this is a much more difficult attack.
It is quite simple to do, it isn't any more difficult. A simple perl
script could be made to do this quickly and efficienty, I don't see how
you can call it difficult. And so you can see with 65000 HL servers alone
out there it is a quite feasible and easy attack to accomplish.
-Stan
_______________________________________________
hlds_apps mailing list
[EMAIL PROTECTED]
http://list.valvesoftware.com/mailman/listinfo/hlds_apps
