SA-MP Forums Archive
Connection flood - Printable Version

+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Server (https://sampforum.blast.hk/forumdisplay.php?fid=6)
+--- Forum: Server Support (https://sampforum.blast.hk/forumdisplay.php?fid=19)
+--- Thread: Connection flood (/showthread.php?tid=639868)

Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17

Re: Connection flood - djshadowxm81 - 30.08.2017

So is there any difference in the bad packets from legitimate traffic? Because if there is filtering packets at a firewall level could work. But if not, is there away we can fix this and ad some sort of checksum?

Re: Connection flood - Romz - 30.08.2017

good

Re: Connection flood - iLearner - 30.08.2017

with new version my npc's dont connect (linux)

Re: Connection flood - wallee - 30.08.2017

Quote:
Originally Posted by iLearner
Посмотреть сообщение
with new version my npc's dont connect (linux)
Isn't FCNPC a memory hacking plugin?

Re: Connection flood - iLearner - 30.08.2017

Quote:
Originally Posted by wallee
Посмотреть сообщение
Isn't FCNPC a memory hacking plugin?
oh damn! yes!

Ziggi please!

Re: Connection flood - Redirect Left - 31.08.2017

Still getting cookie mass requests, and eventually the server crashing, but process still running, if this is related to the issue people are having?

Can't quite tell if the update even worked, as the server log just says R2 loaded instead of R2-2

Re: Connection flood - RoberteDl - 31.08.2017

Quote:
Originally Posted by Redirect Left
Посмотреть сообщение
Still getting cookie mass requests, and eventually the server crashing, but process still running, if this is related to the issue people are having?

Can't quite tell if the update even worked, as the server log just says R2 loaded instead of R2-2
This functioning perfectly, verify that you have updated the files correctly.

Re: Connection flood - Ghazal - 31.08.2017

Quote:
Originally Posted by Redirect Left
Посмотреть сообщение
Still getting cookie mass requests, and eventually the server crashing, but process still running, if this is related to the issue people are having?

Can't quite tell if the update even worked, as the server log just says R2 loaded instead of R2-2
It only fixes the server querying, it does not prevent their requests.

Re: Connection flood - criticalerror - 31.08.2017

Quote:
Originally Posted by Kalcor
Посмотреть сообщение
I've been working on a temporary fix. Anything better than this would require a client/server update, which would take a lot longer to get out to players. I want to be clear again that nothing added to the SA-MP server code can stop network attacks. There's a point where your host will fold from too many packets, no matter whether you're running a SA-MP server, an IRC server, a MUD, linx, a usenet mirror, color terminal, bitchx etc.

Feedback is requested.

Update 0.3.7 R2-2 (testing):

- Changes the query flood control to deal with different query types independently.
- Connection cookie logging is disabled by default.

Downloads (testing):

SA-MP 0.3.7 R2-2 Linux Server: http://files.sa-mp.com/samp037svr_R2-2.tar.gz
SA-MP 0.3.7 R2-2 Windows Server: http://files.sa-mp.com/samp037_svr_R2-2_win32.zip
When I run server on this version, in client rules are invisible (linux).


Re: Connection flood - adri[4]Life - 31.08.2017

Quote:
Originally Posted by Kalcor
Посмотреть сообщение
I've been working on a temporary fix. Anything better than this would require a client/server update, which would take a lot longer to get out to players. I want to be clear again that nothing added to the SA-MP server code can stop network attacks. There's a point where your host will fold from too many packets, no matter whether you're running a SA-MP server, an IRC server, a MUD, linx, a usenet mirror, color terminal, bitchx etc.

Feedback is requested.

Update 0.3.7 R2-2 (testing):

- Changes the query flood control to deal with different query types independently.
- Connection cookie logging is disabled by default.

Downloads (testing):

SA-MP 0.3.7 R2-2 Linux Server: http://files.sa-mp.com/samp037svr_R2-2.tar.gz
SA-MP 0.3.7 R2-2 Windows Server: http://files.sa-mp.com/samp037_svr_R2-2_win32.zip
Tested, Didn't work |

Re: Connection flood - Stiles - 31.08.2017

Ну наконец-то. Помолимся за новую версию SA-MP. Аминь.

Re: Connection flood - RDM - 31.08.2017

Quote:
Originally Posted by adrianlouise
Посмотреть сообщение
Tested, Didn't work |
Yes it's working! If your network does not support the attack!
Hire a vps with a better link, I'm with 1gbps and I have no problems with the attack!

Re: Connection flood - dugi - 31.08.2017

Quote:
Originally Posted by adrianlouise
Посмотреть сообщение
Tested, Didn't work |
You should provide some more information.

Re: Connection flood - RDM - 31.08.2017

Quote:
Originally Posted by Chaprnks
Посмотреть сообщение
Thank you! I had over 200gb's of server_log.txt from those floods. I'm interested in weather they're actual IP's (like a MASSIVE botnet), or a crafty spoofed IP's.. cause the floods never used a same IP twice (not even after 100,000 IP's).
In the previous version it was enough to add in your server.cfg the following lines:

conncookies 1
cookielogging 0


This will cause the server to not save the cookie connection logs



The attacks are totally spoofed! They will never repeat the same ip!

Re: Connection flood - Battlezone - 31.08.2017

Quote:
Originally Posted by Kalcor
Посмотреть сообщение
I've been working on a temporary fix. Anything better than this would require a client/server update, which would take a lot longer to get out to players. I want to be clear again that nothing added to the SA-MP server code can stop network attacks. There's a point where your host will fold from too many packets, no matter whether you're running a SA-MP server, an IRC server, a MUD, linx, a usenet mirror, color terminal, bitchx etc.

Feedback is requested.

Update 0.3.7 R2-2 (testing):

- Changes the query flood control to deal with different query types independently.
- Connection cookie logging is disabled by default.

Downloads (testing):

SA-MP 0.3.7 R2-2 Linux Server: http://files.sa-mp.com/samp037svr_R2-2.tar.gz
SA-MP 0.3.7 R2-2 Windows Server: http://files.sa-mp.com/samp037_svr_R2-2_win32.zip
Works for us.

Re: Connection flood - iLearner - 31.08.2017

Quote:
Originally Posted by RDM
Посмотреть сообщение
Add the following lines to your server.cfg:

Conncookies 1
Cookielogging 0


This will cause the server to not save the cookie connection logs
It was disabled by default in latest version.

Works great so far.

Re: Connection flood - Christofski - 31.08.2017

Kalcor coming thru with the goodies, even though i've known about this flood for like 5+ months and it was only selectively used to attack servers for the longest time

Re: Connection flood - TommyB - 31.08.2017

Seems to be working great so far. Good work!

Re: Connection flood - niCe - 31.08.2017

It works fine with my servers. Thank you for releasing this patch!

Re: Connection flood - Redirect Left - 31.08.2017

Quote:
Originally Posted by Ghazal
Посмотреть сообщение
It only fixes the server querying, it does not prevent their requests.
so then what does this fix? Because it doesn't stop the server from crashing to the point where you can't connect, even though the process is still running, and the server's network traffic is fine, it can be accessed as normal, so it isn't the server running out of bandwidth.