07.03.2012, 10:45
I have never heard of such a thing happening.
My main questions would be:
- What are the targets of the attack? Have these addresses previously queried or connected to the sa-mp server? You can enable query logging with rcon 'logqueries' variable.
- Can you provide bandwidth graphs that show 300Mbit of outgoing traffic? It seems difficult to get to 300Mbit from 14 byte UDP packet logs you provided.
I'm not ready to accept your conclusion at this point. The SA-MP server does not send out packets on its own.
My main questions would be:
- What are the targets of the attack? Have these addresses previously queried or connected to the sa-mp server? You can enable query logging with rcon 'logqueries' variable.
- Can you provide bandwidth graphs that show 300Mbit of outgoing traffic? It seems difficult to get to 300Mbit from 14 byte UDP packet logs you provided.
I'm not ready to accept your conclusion at this point. The SA-MP server does not send out packets on its own.