[MohanedZzZ]

Quote:

Originally Posted by Abagail That isn't the solution. If it was that easy... That just limits the intervals at which the exploit can be executed. Still won't prevent this.

This means that each player will be able to login each 1000ms to the server.
Other connections will be ignored

[enigma513]

same problem

http://forum.sa-mp.com/showpost.php?...&postcount=117

[Sparke]

Quote:

Originally Posted by DiDok Judging by fact that NGRP is down because of it - it will be fixed soon

That doesn't make the bug a bigger priority... Lol

[Dairyll]

Quote:

Originally Posted by Sparke That doesn't make the bug a bigger priority... Lol

It sorta positions the bug higher on the priority list. Popular servers getting affected will bring more attention to the bug/exploit. Heaps more people are going to demand for a fix ASAP.

[Lumabd]

My server checks the Name and the number of players are in 0/0 what WHAT IS THAT?

[Ocirne]

Server goes down, by having millions of UDP connections, even with good protection diode, comes to using 100% CPU of the machine ...

[Locky_]

About the attacks, my server did not give exactly "server full" but every time was increasing lag. Log: http://pastebin.com/wLUCciTv

[0day]

My post got deleted, clearly one of the moderators or administrators has something against freedom of speech.

It now looks clear that it's all about the money.

[Lumabd]

I see LS-RP on.. how did they fix it? The owners are beta testers of SAMP, they will share the solution?

[0day]

Quote:

Originally Posted by Y_Less This topic is about (as the topic indicates) "server full attacks". Your post was deleted because it was nothing to do with those attacks. Also, deleting an off-topic post is not stifling free speech - that's a common misconception. Limiting WHERE and WHEN something is said is not the same as banning it being said entirely. Even "Everything and Nothing" has rules about what can't be posted, even though some of those things have been classified as free speech - that doesn't mean you aren't allowed to talk about them (free speech), it just means you can't talk about them here (on topic).

It had to do with the topic, because if it wasn't for the attacks I would keep paying for hosted tab.

So you saying that I'm not allowed to say "I don't want to keep paying for hosted tab starting from december"

But I would be allow to say: "I don't want to keep paying for hosted tab starting from december, REGARDING this topic?"

I mean, isn't it clear? do I really have to link the reason to the topic?

Or are you saying that only HELPFUL posts to the ISSUE is allowed? because none are so far so you mind as well delete them all.

[Lumabd]

Quote:

Originally Posted by Y_Less This topic is about (as the topic indicates) "server full attacks". Your post was deleted because it was nothing to do with those attacks. Also, deleting an off-topic post is not stifling free speech - that's a common misconception. Limiting WHERE and WHEN something is said is not the same as banning it being said entirely. Even "Everything and Nothing" has rules about what can't be posted, even though some of those things have been classified as free speech - that doesn't mean you aren't allowed to talk about them (free speech), it just means you can't talk about them here (on topic).

Why nobody of your team give a solution of this problem

[iSanchez]

ServerFull attack 72hrs - Server on Hosted Tab:

0% Solutions.

HELP!

[MohanedZzZ]

My 4 servers are fucked up,
Thanks for the beta-testers and developers.
+ Servers on the hosted tab.

[XLeoX]

The only callback that is called is public OnIncomingConnection(playerid, ip_address[], port) so you are going to say "block the ip" but the IPs never are the same. Making a white-list script doesn't work too because the connections use all the available slots to check if that ip is in or out in white-list and the atack connects to the server in miliseconds so it's faster than a human so the players can't connect to the server because when they try to use a slot, a "bot/attacker" uses it before

Sorry if you don't understand me, I don't have practise speaking english.

[Jachu]

I have found a solution:
1. Send raw ping after receiving incoming connection packet from client.
2. Wait for response from ip that requested slot.
3. When u get response from that ip then it's not fake, so pass incoming connection packet for further processing.

Works like a charm for me. It filters all fake IPs and does not reserve slot for, but this solution involves a little bit hacking server memory, so I won't post plugin I made on this forum, sorry.

EDIT:

And "ping" is not ICMP ping, but rather built in network engine raw udp ping that should result "pong" from client/server.

[0day]

Quote:

Originally Posted by Jachu I have found a solution: 1. Send raw ping after receiving incoming connection packet from client. 2. Wait for response from ip that requested slot. 3. When u get response from that ip then it's not fake, so pass incoming connection packet for further processing. Works like a charm for me. It filters all fake IPs and does not reserve slot for, but this solution involves a little bit hacking server memory, so I won't post plugin I made on this forum, sorry.

What if the player's router is blocking icmp packets?

[Jachu]

Quote:

Originally Posted by 0day What if the player's router is blocking icmp packets?

Quote:

Originally Posted by Jachu And "ping" is not ICMP ping, but rather built in network engine raw udp ping that should result "pong" from client/server.

This ^

[0day]

Quote:

Originally Posted by Jachu This ^

Thanks

http://en.wikipedia.org/wiki/Ping_%2...ing_utility%29

Next time just say "send a raw/udp packet" because ping only uses icmp.

[Jon_De]

Quote:

Originally Posted by Jachu I have found a solution: 1. Send raw ping after receiving incoming connection packet from client. 2. Wait for response from ip that requested slot. 3. When u get response from that ip then it's not fake, so pass incoming connection packet for further processing. Works like a charm for me. It filters all fake IPs and does not reserve slot for, but this solution involves a little bit hacking server memory, so I won't post plugin I made on this forum, sorry. EDIT: And "ping" is not ICMP ping, but rather built in network engine raw udp ping that should result "pong" from client/server.

and where you store 100k+ ips? i think it veryyy slow. do you tested it with real attack?
can you give me your server's ip?

[Faskis]

What I will say is that the attackers are using modified packet data to accomplish all of this, and it is possible to block this using iptables. I can check the specific rule being used to do this, or at least describe the process on how to accomplish these rules later today.