Re: [hlds_apps] preventing DDoS

Fri, 24 Jan 2003 12:26:59 -0800 

Then, here are the options I can think of right now:

1) Fix the issue in HLDS which will cause all query programs to be fixed.
2) Provide a server cvar switch for the fix.  So, the server admin can
optionally activate the additional protection.  This will leave the decision
up to the admin.
3) Fix the issue in the next HL engine.  If a planned future fix, it would
be good to notify the community that it will be fixed in the future.
4) Don't fix it at all.

HoundDawg

----- Original Message -----
From: "Alfred" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, January 24, 2003 12:07 PM
Subject: Re: [hlds_apps] preventing DDoS


> This would be the ideal solution to the problem (the rcon protocol under
> HL does this). The only problem is that it breaks every query program
> ever written.... Ahhh, the wonders of supporting legacy programs.
>
> Jan Kleinsorge wrote:
> > All this wouldn't be a problem if there'd some kind of validation of the
> > origin of the message. I think of some kind of handshake. An example:
> > The client performs an 'helloserver' and appends a random id-number to
it.
> > The server in turn will then send back a message with an own random id
to
> > the client ('helloclient')
> > The final step is, that the client has to respond with an id which is a
> > combination of both id's (XOR'ed .. whatever). The server compares this
with
> > it's own client/server-id.
> > If the server agrees, then it will send the previously requested
information
> > to the client.
> >
> > This way, there can't be any flood-attacks on a gameserver since the
> > clienthello-msg will only be a few bytes long. Problem is of course the
fact
> > that all this works through UDP. So there wouldn't be
> >
> >
> > Maybe this is a little contribution to this discussion.
> >
> >
> > Good luck
> >
> > Jan
> >
> > _______________________________________________
> > hlds_apps mailing list
> > [EMAIL PROTECTED]
> > http://list.valvesoftware.com/mailman/listinfo/hlds_apps
>
> _______________________________________________
> hlds_apps mailing list
> [EMAIL PROTECTED]
> http://list.valvesoftware.com/mailman/listinfo/hlds_apps
>
>

_______________________________________________
hlds_apps mailing list
[EMAIL PROTECTED]
http://list.valvesoftware.com/mailman/listinfo/hlds_apps

Reply via email to