SA-MP Forums Archive
New Exploit? - Printable Version

+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Server (https://sampforum.blast.hk/forumdisplay.php?fid=6)
+--- Forum: Server Support (https://sampforum.blast.hk/forumdisplay.php?fid=19)
+--- Thread: New Exploit? (/showthread.php?tid=505826)



New Exploit? - DJ_Shocker - 10.04.2014

Is anyone experiencing or aware of a new server exploit that causes massive lag and in few instances, crashes?

Basically, what's going on is there are several sa-mp servers hosted on one machine, but only one experiences random massive lag, even with only 4 people on it.

For example, this morning there were over 20 people on the server, everything was fine. Then, suddenly, massive lag which renders the server pretty much unplayable. It's not a DDOS attack. The server is not using too much resources, it's normal.

All other servers are running normal on this machine.


Re: New Exploit? - CePaX - 10.04.2014

and I have this problem

messageholelimit 1250 in server.cfg, fix.


Re: New Exploit? - niCe - 10.04.2014

I can also confirm the problems with my servers. Suddenly the server uses 100% of CPU, no players can't connect to it. Only termination of process in SSH (SIGKILL) helps. I tried setting messageholelimit to 1000, didn't help though.


Re: New Exploit? - d0 - 10.04.2014

Try this for now:

1.) /rcon messageholelimit 1250 (can be lower too if it's still not working)

2.) IPtable firewall rule: (blocks the current attack tool)
Code:
iptables -A INPUT -p udp --match length --length 604:608 -j DROP



Re: New Exploit? - DJ_Shocker - 10.04.2014

Quote:
Originally Posted by d0
View Post
Try this for now:

1.) /rcon messageholelimit 1250

2.) IPtable firewall rule: (blocks the current attack tool)
Code:
iptables -A INPUT -p udp --match length --length 604:608 -j DROP
We'll give this a shot. Thanks d0! I'll post back if this resolves it.


Re: New Exploit? - Jimmy0wns - 10.04.2014

Had the same as well, we'll try that out 'd0'.


Re: New Exploit? - linuxthefish - 10.04.2014

Quote:
Originally Posted by d0
View Post
IPtable firewall rule: (blocks the current attack tool)
Code:
iptables -A INPUT -p udp --match length --length 604:608 -j DROP
This helps, the message limit thing does not, even at low numbers like 500. Thanks.


Re: New Exploit? - d0 - 10.04.2014

Quote:
Originally Posted by linuxthefish
View Post
This helps, the message limit thing does not, even at low numbers like 500. Thanks.
it does help for something else, just use it for now


Fix -:
Quote:
Originally Posted by d0
View Post
Try this for now:

1.) /rcon messageholelimit 1250 (can be lower too if it's still not working)

2.) IPtable firewall rule: (blocks the current attack tool)
Code:
iptables -A INPUT -p udp --match length --length 604:608 -j DROP



Re: New Exploit? - DEMON91052 - 10.04.2014

does not work


Re: New Exploit? - cm666 - 10.04.2014

Quote:
Originally Posted by DEMON91052
View Post
does not work
me to. My server use CPU 100%