does smac protect from the dos exploit ?

s.m.a.c head · **Author**

is the scrds dos exploit protected by smac (not DDoS)
and if not can it be included ?

XAFAfterShock · 08-08-2013 , 10:34 Re: does smac protect from the dos exploit ?

you mean the problem of getting spammed by 25000 connections from the same ip address? if so then no, there isn't anything that can be done to stop it except dealing with it at the router level.

s.m.a.c head · 08-09-2013 , 17:36 Re: does smac protect from the dos exploit ?

Quote:

Originally Posted by XAFAfterShock

you mean the problem of getting spammed by 25000 connections from the same ip address? if so then no, there isn't anything that can be done to stop it except dealing with it at the router level.

i mean the dos exploit on scrds that windows is protected from with ProtectSRCDS Denial of Service (you see it can be protected against) but it does not work for linux , im wondering if it could be included in SMAC as it is an exploit and rather than wait for someone to make a new plugin I thought id ask here

GoD-Tony · 08-10-2013 , 17:44 Re: does smac protect from the dos exploit ?

SMAC does not include the DoS protection provided by those C++ addons.

Quote:

Originally Posted by s.m.a.c head

i mean the dos exploit on scrds that windows is protected from with ProtectSRCDS Denial of Service (you see it can be protected against) but it does not work for linux , im wondering if it could be included in SMAC as it is an exploit and rather than wait for someone to make a new plugin I thought id ask here

Which game isn't it working for?

s.m.a.c head · 08-13-2013 , 15:43 Re: does smac protect from the dos exploit ?

l4d2 on linux

Mavrick4283 · 08-17-2013 , 01:55 Re: does smac protect from the dos exploit ?

Add this to your firewall

Code:

iptables -A INPUT -p udp --dport 27015 -m length --length 28 -j DROP
iptables -A INPUT -p udp --dport 27015 -m length --length 46 -j DROP

Just change 27015 to w/e port your server is running on.

s.m.a.c head · 08-19-2013 , 05:51 Re: does smac protect from the dos exploit ?

Quote:

Originally Posted by Mavrick4283

Add this to your firewall

Code:

iptables -A INPUT -p udp --dport 27015 -m length --length 28 -j DROP
iptables -A INPUT -p udp --dport 27015 -m length --length 46 -j DROP

Just change 27015 to w/e port your server is running on.

ok thanks i did use iptables and it works fine

eyes of hunter · 08-22-2013 , 02:14 Re: does smac protect from the dos exploit ?

What do those commands do? We also receive attacks and are very interested in trying whatever we can find.

Mavrick4283 · 08-25-2013 , 23:10 Re: does smac protect from the dos exploit ?

Quote:

Originally Posted by eyes of hunter

What do those commands do? We also receive attacks and are very interested in trying whatever we can find.

The Iptables commands I posted are for Linux based systems that have the userspace program installed, if you are running any major distro then you have this installed and enabled by default but it is set to allow everything. So the commands add to the netfilter kernel module anything on the INPUT steam to drop if it has a size of 28 and 46 bytes.

So in basic terms, those add 2 rules to the Linux firewall to slow down the SRCDS DoS attack.

s.m.a.c head · *Last edited by s.m.a.c head; 09-08-2013 at 11:12.*

we now use these

Code:

 
iptables -A INPUT -p udp --destination-port 27015 -m length --length 0:28 -j DROP
iptables -A INPUT -p udp --destination-port 27015 -m length --length 30:32 -j DROP
iptables -A INPUT -p udp --destination-port 27015 -m length --length 46 -j DROP
iptables -A INPUT -p udp --destination-port 27015 -m length --length 2521:65535 -j DROP