How to fight "a2s_player spam" script? (IP rate limit sustained)
There has been many reports from server owners experiencing "IP rate limit sustained" attacks.
Notice that they started appearing in September 2015. I think I've found the exact script that is used by the attackers and the place where they get it from. It was posted on "Hack Forums" on the 6th of September. It's a free registration forum, so any kid can make an account there, find this script and use it to abuse servers. [C] Source Player Query Spam (a2s_player spam) PHP Code:
We need your help, dear AlliedModders masterminds! :o I'm a Linux noob myself, but I will try this and that iptables guides and report here if it helps. |
Re: How to fight "a2s_player spam" script? (IP rate limit sustained)
Dont post the exploit here.
U should email this directly to valve or pm senior / trusted admins on alliedmods. Remove the code from your post. Your enabling ppl to use it. |
Re: How to fight "a2s_player spam" script? (IP rate limit sustained)
Neuro Toxin, you're right, I will try to write to CS:GO devs now, but I won't remove the code, because I want to draw more attention to it so that it can be fixed faster.
I'll let admins/moderators decide if it should be removed or not. I was hoping posting the code here would allow some cool C++ developers to help find a way to defend from it. UPD: sent an e-mail to [email protected]. Seems like it's the only way you can report such things, because writing about it on the official CS:GO forums is useless (several scripts are already posted there). And even registration is not working. |
Re: How to fight "a2s_player spam" script? (IP rate limit sustained)
Dont leave that code here. More ppl are getting it / using it. Dont make this open to public. Remove the code please.
|
Re: How to fight "a2s_player spam" script? (IP rate limit sustained)
PHP Code:
I would start by setting up a good set of iptables with things like Martians removed by default to help slow this kind of attack down (Due to the way this is coded its spoof code allows loopbacks, Martians, etc). I would expect a better version to be found in the wild shortly. Off the top of my head I can see a few areas that could be easily improved to make this much more dangerous. |
Re: How to fight "a2s_player spam" script? (IP rate limit sustained)
I was attacked by a different dos attack.
But thought yours was interesting and decided to help. Try this: https://forums.alliedmods.net/showpo...1&postcount=35 This apparently helps. Of course I am a complete noob so you can correct me if I'm wrong. |
Re: How to fight "a2s_player spam" script? (IP rate limit sustained)
Quote:
This isn't exactly new either, the same class of DoS attacks have been around since the first Source servers. |
Re: How to fight "a2s_player spam" script? (IP rate limit sustained)
My question is how got you that code? So i can say maybe you have used it self too? I had time ago same problem and due this shit my server is dead. But did not knew that this a little shit script was.
Is that a script for attack? I searched many weeks on internet and could not find out what it was. So DDOS protection not helping too. I am waiting more than 1 week on a answer from my host how to fix this. No answer yet. I think you have to remove that shit here. There are enough crazy people who can use it. |
Re: How to fight "a2s_player spam" script? (IP rate limit sustained)
Quote:
LE: With qcache_mm the server is still online but the player will see offline. |
Re: How to fight "a2s_player spam" script? (IP rate limit sustained)
Quote:
|
| All times are GMT -4. The time now is 00:17. |
Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.