[Onfroi]

Quote:

Originally Posted by Jake187 That's a bad idea because than it is easier to actually flood the server because than it's simple as flooding the server and not trying to make a fake attempt to get a connection cookie. For all you know the connection cookie could be blocking out these attempted connections to where once he removes it there won't be any more attempts the flood will always connect making it even more effective. My suggestion is mess with minconnectiontime and get a script which bans a IP after a certain amount of attempted connections.

I just know that the cookie system is very vulnerable, so if it is blocking something, it's not doing a very good job.

[Jake187]

Quote:

Originally Posted by pivetesgames Is there any function of samp for that? If there is please let me know better.

There are plenty of scripts out there that will ban a IP after a certain amount of connections or attempts, I am not a scripter so I can't really explain well enough on how this actually works but simple thing is the fact the person attacking your server is showing up on the logs means you can use a script to prevent this flood.

Now this is not a permanent solution because if someone floods your port it won't be detected as a connection by the server, as no fake client is attempting a connection its simply just flooding the port. But this solution would solve your problem mostly, specially because this attacker is only using two IP addresses.

Quote:

Originally Posted by Onfroi I just know that the cookie system is very vulnerable, so if it is blocking something, it's not doing a very good job.

It is very vulnerable but not using it is even more vulnerable.