Anonymous | Login | Signup for a new account | 2024-04-24 08:17 UTC |
My View | View Issues | Change Log | Roadmap | Zandronum Issue Support Ranking | Rules | My Account |
View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||
ID | Project | Category | View Status | Date Submitted | Last Update | ||||
0000680 | Zandronum | [All Projects] Bug | public | 2012-02-19 15:59 | 2018-09-30 22:38 | ||||
Reporter | AlexMax | ||||||||
Assigned To | Torr Samaho | ||||||||
Priority | normal | Severity | major | Reproducibility | have not tried | ||||
Status | closed | Resolution | fixed | ||||||
Platform | OS | OS Version | |||||||
Product Version | 98d | ||||||||
Target Version | Fixed in Version | ||||||||
Summary | 0000680: Connection DDoS Mitigation | ||||||||
Description | It seems that Skulltag 98d is vulnerable to a DDoS where someone connects and repeatedly passes bad version information. I think that temporarily banning IP's that make X bad connection attempts in Y amount of time would be a good idea. It should be a short ban, but the 'start time' of the ban should automatically update for as long as the flood from that IP is going on. | ||||||||
Attached Files | |||||||||
Notes | |
(0002645) AlexMax (developer) 2012-02-19 15:59 |
Here is the original topic where someone reported this issue: 'http://www.skulltag.com/forum/viewtopic.php?f=172&t=30906 [^]' |
(0002646) Konar6 (reporter) 2012-02-19 16:49 |
Note that this attack is immune from server bans. The connection is still processed and logged, which sends the server to a lagging hell and makes the logs tens of megabytes big within seconds. Possible solution - ban and ignore the offending IP completely. Have the server check whether the client is banned prior to further communicating with it. Currently it checks other stuff before that. Also don't log those "X bad connection attempts in Y amount of time". |
(0002647) Dusk (developer) 2012-02-19 19:54 edited on: 2012-02-19 19:59 |
I whipped up a throttle system to mitigate too quickly reconnecting clients as an afternoon challenge of sorts :P . If a client connects twice every sv_throttlethreshold seconds, they get ignored for 10 seconds. 'https://bitbucket.org/CrimsonDusk/notebola/changeset/12cdaab115bb [^]' Not sure how well it works in practice or if there's a better way to implement this, I can only test this on my local machine and that's not really good enough, other than that it technically works. If I reconnect too quickly to my server I do get throttled but does it help under a real DDOS? |
(0002648) Torr Samaho (administrator) 2012-02-19 23:32 |
I don't think that this kind of throttling is better than Skulltag's existing anti-flood mechanism. So I extended the existing mechanism to take care of this by ignoring any further net packet from an IP of a client that was disconnected due to an error for 10 seconds:'https://bitbucket.org/Torr_Samaho/skulltag/changeset/977a8d543834 [^]' |
(0002649) Dusk (developer) 2012-02-19 23:33 edited on: 2012-02-19 23:34 |
Ah damn. How come I never thought of that...? Oh well... still good practice. :) |
(0002650) Torr Samaho (administrator) 2012-02-19 23:59 |
> How come I never thought of that...? Don't worry. Considering that you only have access to the source since one week you're doing pretty well :). |
(0013377) Dusk (developer) 2015-09-01 21:00 edited on: 2015-09-01 21:00 |
Was addressed in Skulltag 98e but never closed for whatever reason. Man, I look so naive in my posting in this ticket. |
This issue is already marked as resolved. If you feel that is not the case, please reopen it and explain why. |
|
Supporters: | No one explicitly supports this issue yet. |
Opponents: | No one explicitly opposes this issue yet. |
Issue History | |||
Date Modified | Username | Field | Change |
2012-02-19 15:59 | AlexMax | New Issue | |
2012-02-19 15:59 | AlexMax | Note Added: 0002645 | |
2012-02-19 16:49 | Konar6 | Note Added: 0002646 | |
2012-02-19 19:54 | Dusk | Note Added: 0002647 | |
2012-02-19 19:55 | Dusk | Note Edited: 0002647 | View Revisions |
2012-02-19 19:59 | Dusk | Note Edited: 0002647 | View Revisions |
2012-02-19 23:32 | Torr Samaho | Note Added: 0002648 | |
2012-02-19 23:33 | Torr Samaho | Assigned To | => Torr Samaho |
2012-02-19 23:33 | Torr Samaho | Status | new => feedback |
2012-02-19 23:33 | Dusk | Note Added: 0002649 | |
2012-02-19 23:34 | Dusk | Note Edited: 0002649 | View Revisions |
2012-02-19 23:59 | Torr Samaho | Note Added: 0002650 | |
2012-06-09 13:22 | Torr Samaho | Category | General => Bug |
2015-09-01 21:00 | Dusk | Note Added: 0013377 | |
2015-09-01 21:00 | Dusk | Status | feedback => resolved |
2015-09-01 21:00 | Dusk | Resolution | open => fixed |
2015-09-01 21:00 | Dusk | Note Edited: 0013377 | View Revisions |
2018-09-30 22:38 | Blzut3 | Status | resolved => closed |
Copyright © 2000 - 2024 MantisBT Team |