> It is quite simple to do, it isn't any more difficult. A simple perl
> script could be made to do this quickly and efficienty, I don't see how
> you can call it difficult. And so you can see with 65000 HL servers
> alone out there it is a quite feasible and easy attack to accomplish.
Yes, you are right. Sending one status query to every server (or even just
a dozen or so) would indeed flood a victim. Not good. I'm no Perl guru,
but I think even I could write a script to do this in an hour or two.
My original traffic shaping idea wouldn't be effective. I know when I'm
wrong. Don't like it much, dammit! :P
Sending every available server one status query using the same victim IP
address as the source would probably generate enough responses to kill a
large chunk of bandwidth of the victim, and each server would only be
responding to a single query, so per-destination rate limiting on a
per-server basis would be useless. Even allowing only one single query per
server every ten or twenty seconds would be enough to cause some very
serious problems, and I would think that is the bare minimum that is
needed for status queries to be legitimately usable at all.
Perhaps another way to solve the problem would be to only allow status
queries from authorized sources, which would mean all the client-side
applications would be forced to query through an "authorized"
gateway/proxy. This solution obviously sucks, especially for developers.
If I were Microsoft, I'd buy GSI, set up exclusives with game publishers
and do exactly that. <insert evil empire theory here>
Maybe switching to TCP for status queries would be the best solution after
all. The downside is lots of session setup and teardown, plus making
servers vulnerable to SYN attacks. Now we're chewing bandwidth _and_ CPU,
but at least the server can't be used to attack someone else. And, of
course, I'd guess that most game servers have at least one or two TCP
ports open (ftp, http, rsync, etc.), so this wouldn't really be
introducing any new vulnerabilities to those servers. Switching to TCP for
regular game traffic is, of course, a Really Bad Idea.
I know, this vulnerability has been around a long time. However, as time
goes by it is more and more likely that it will be exploited. Left long
enough, it _will_ be exploited. Just wait until someone writes a Windows
app to launch this attack. I have half a mind to write a Perl app myself
just to see how it would work. The other half of my mind is busy kicking
my ass for even thinking it, but it sure would be interesting to see it
work.
Hey, CS cheats were not much of a problem until the cheat developers
started releasing packaged solutions with installers, GUI front-ends, etc.
None of us (I don't think) would ever do that, but you've seen the talent
out there that would release this sort of thing in a heartbeat just for
the notoriaty. Better to find a solution now than scramble later.
Sorry to bludgeon you guys with my lengthy email.
-doug/kendokan
_______________________________________________
hlds_apps mailing list
[EMAIL PROTECTED]
http://list.valvesoftware.com/mailman/listinfo/hlds_apps
