Archived

This topic is now archived and is closed to further replies.

Nurgle

DoS in multiplayer games

Recommended Posts

A recent topic on the vunl-dev mailing list has been about game servers being used as DoS amplifiers (in the same way that smurf works). I thought the ppl here might be interested in what is being said:
quote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dave Booth wrote: [...] > Game client makes tcp connection to server and requests to join the > game. > Server responds (as part of the same tcp session) with a unique token, > remembers it and the clients IP then signs off. > Client initiates normal UDP game connection including the token in > every datagram. > Server silently ignores all incoming datagrams where there isnt a valid > token that matches up with the IP address the datagram claims to come > from. This thread was originally about the use of game servers as traffic amplifiers for smurf-type DoS attacks. The problem is that a game server can be tricked into sending relatively large amounts of data in response to a blindly spoofed request to join the game, thereby flooding the spoofed address. It seems to me that your suggested protocol would indeed solve the problem, but I think it''s overkill. The same result is achieved by having the server reply to the initial contact attempt with a packet containing essentially nothing but the token. After that, continue like you propose. Much simpler and cleaner, IMHO. Taneli Huuskonen -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use Charset: noconv iQA/AwUBOU8Zf1+t0CYLfLaVEQI0/wCeMskkhh15C5RP0xv5SYn4l5RWPUoAoNXE MKROy4DS5n5C7ITAS3fo6nuw =4BsF -----END PGP SIGNATURE----- -- I don''t / All messages will be PGP signed, / Fight for your right to speak for / encrypted mail preferred. Keys: / use sealed envelopes. the Uni. / http://www.helsinki.fi/~huuskone/ / http://www.gilc.org/
Mark Collins (aka Nurgle) me@thisisnurgle.org.uk

Share this post


Link to post
Share on other sites