Jump to content
  • Advertisement


This topic is now archived and is closed to further replies.


DoS in multiplayer games

This topic is 6667 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

A recent topic on the vunl-dev mailing list has been about game servers being used as DoS amplifiers (in the same way that smurf works). I thought the ppl here might be interested in what is being said:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dave Booth wrote: [...] > Game client makes tcp connection to server and requests to join the > game. > Server responds (as part of the same tcp session) with a unique token, > remembers it and the clients IP then signs off. > Client initiates normal UDP game connection including the token in > every datagram. > Server silently ignores all incoming datagrams where there isnt a valid > token that matches up with the IP address the datagram claims to come > from. This thread was originally about the use of game servers as traffic amplifiers for smurf-type DoS attacks. The problem is that a game server can be tricked into sending relatively large amounts of data in response to a blindly spoofed request to join the game, thereby flooding the spoofed address. It seems to me that your suggested protocol would indeed solve the problem, but I think it''s overkill. The same result is achieved by having the server reply to the initial contact attempt with a packet containing essentially nothing but the token. After that, continue like you propose. Much simpler and cleaner, IMHO. Taneli Huuskonen -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use Charset: noconv iQA/AwUBOU8Zf1+t0CYLfLaVEQI0/wCeMskkhh15C5RP0xv5SYn4l5RWPUoAoNXE MKROy4DS5n5C7ITAS3fo6nuw =4BsF -----END PGP SIGNATURE----- -- I don''t / All messages will be PGP signed, / Fight for your right to speak for / encrypted mail preferred. Keys: / use sealed envelopes. the Uni. / http://www.helsinki.fi/~huuskone/ / http://www.gilc.org/
Mark Collins (aka Nurgle) me@thisisnurgle.org.uk

Share this post

Link to post
Share on other sites

  • Advertisement

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

We are the game development community.

Whether you are an indie, hobbyist, AAA developer, or just trying to learn, GameDev.net is the place for you to learn, share, and connect with the games industry. Learn more About Us or sign up!

Sign me up!