Servers of my HL2 (Orange Box) mod receive these UDP packets: FFFFFFFF71303030303030303030303030303000 (20 bytes long) with spoofed source IP. Linux servers can easily firewall these but it's harder on Windows. I also don't know if attacker can use a different packet data to achieve the same result. Result of the attack is server disappearing from Steam browser, ticks run per second go down to ~1 and CPU use skyrockets. As far as I know attacked server doesn't receive a lot of these packets. Something around 100 per second.
I'm sending it to hlds_linux because I'm not registered on hlds list. :) _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
