> > This is true, but since all responses are rate-limited it won't matter if > > the destination is spoofed or not. Of course, an attacker hits enough > > You really missed botman's point...if the SOURCE is spoofed then how can > you set rate limits? They call it a DDOS attack because you use more than > one server to flood the victim. Using one server would simply be > ineffective.
I think he meant, you just limit how often the server responds to requests (regardless of where they came from). For example, have a cvar that you can set to limit how many server commands you will respond to per minute. If requests are coming in faster than this rate, you just ignore them. You can't stop the requests coming in, but you can prevent something being sent out in return (especially when the incoming to outgoing bandwidth usage is so lopsided, as it is in this case). Jeffrey "botman" Broome _______________________________________________ hlds_apps mailing list [EMAIL PROTECTED] http://list.valvesoftware.com/mailman/listinfo/hlds_apps
