[lickshot]

Just to say that stopping the international chanell from the ISP didn't help. The attack with 1400 length packets stopped but now another started with different lengths (6 and 7) but this time it hits server ports and comes from 27005. What is strange is that the packets are still coming from outside my country (or at least the logs say so). So you are right . I think that the attack with 1400 length is some kind of exploit that uses real cs servers, because they can't do it now when I don't have international traffic, but the attack with 6-7 lengths is some kind of spoofed ip adresses because the IPs are again foreign. Any ideas ?!

[lickshot]

Hey guys Valve has made a test fix for this flood which is included in the yesterday's HLDS platform update. Big thanks to Alfred Reynolds.

He said that it will take some time for everyone to update their platforms. So please update your platforms!

Spread the news to your local communities!

[S0m3Th1nG_AwFul]

Quote:

Originally Posted by lickshot Alse the update fixes another exploit which allows downloading of server files.

That was fixed in previous update.

[YamiKaitou]

Quote:

Originally Posted by lickshot Hey guys Valve has made a test fix for this flood which is included in the yesterday's HLDS platform update. Big thanks to Alfred Reynolds.

You are assuming that the "attack" you originally mentioned in this thread is indeed the malformed A2S attack, you didn't seem too willing to accept this earlier. Also, it wasn't a test fix. If it was, it would have been pushed to hlbeta first.

Quote:

He said that it will take some time for everyone to update their platforms.

No he didn't

[lickshot]

Quote:

Originally Posted by YamiKaitou You are assuming that the "attack" you originally mentioned in this thread is indeed the malformed A2S attack, you didn't seem too willing to accept this earlier. Also, it wasn't a test fix. If it was, it would have been pushed to hlbeta first. No he didn't

Quote:

Originally Posted by Alfred Reynolds Thanks for the details, based on your tcpdump logs I have a theory about what the issue may be, we will be releasing an update for Half-Life 1 dedicated servers tomorrow that will apply a potential fix. It requires servers to update for it to apply, so it will take some time for the change to move through the user base.

[Powerlord]

I really wish Valve would mark server-only updates as required. This would solve the issue of servers not being updated in two ways:

1. -autoupdate would work on them (sorry, I'm just assuming Goldsrc has -autoupdate like Source does... for Linux anyway)
2. Clients would bitch at server owners to update. ;)

[guven5]

i am not sure update solve flood attack, i did update but all looks like same

[xPaw]

Quote:

Originally Posted by Powerlord I really wish Valve would mark server-only updates as required. This would solve the issue of servers not being updated in two ways: -autoupdate would work on them (sorry, I'm just assuming Goldsrc has -autoupdate like Source does... for Linux anyway) Clients would bitch at server owners to update. ;)

Alfred was planning to updating CS client… Let's just hope they will change protocol number to break all old servers

[hyphen]

Quote:

Alfred was planning to updating CS client… Let's just hope they will change protocol number to break all old servers

That will be cool. Once done most of servers cant run dproto I guess.

[S0m3Th1nG_AwFul]

It will happen only if this 'new' protocol will strongly differ from old ones (NOT like 48 from 47). Otherwise we have a possibility, that someone will invent, to example, TProto (Triple Protocol)