29.08.2017, 22:29
Quote:
About "servers from hosted-tab are disappearing": Someone is sniffing the hosted tab and using it to spoof fake packets back to the SA-MP client.
Original response: https://image.prntscr.com/image/52r5...TZ4SZAcQww.png Fake response: https://image.prntscr.com/image/ZDEw...2KwvVkWD3Q.png (I think*) This is possible because the SA-MP Client are sending queries to all servers with the same source-port, maybe a client update can help us with this problem, or just remove the sniff server from hosted-tab. I didn't read the sv-spoof script already, but I'll do soon. About the query and cookies attack, it's not a new attack, we received it in 0.3z and now again on 0.3.7. I don't see big problems to block it. My services are stable and users can query it as well. I see servers being attacked with query packets since 0.3a. |
My network is stable
I disabled my hardware firewall rules, and tested the iptables script I developed link: https://sampforum.blast.hk/showthread.php?tid=639962
And the script is enough to block the attack! Although I have to consider that the ovh drop a part of the attack!
Do what you can to help others, but it seems their problem is that the attack is flooding the network of servers! This way iptables can not help!