Slashdot Mirror

← Back to Stories (view on slashdot.org)

Multi-vendor Game Server (GameSpy) DDoS Attack

Posted by Hemos on from the how-many-games-do-you-have dept.

w4rl5ck writes "PivX has this security advisory about DDoS attacks using a single modem line and some game servers (i.e. Counter Strike, QuakeX, Battlefield 1942 - in short, those supporting GameSpy). Works via spoofed udp packages querying the server stats, and because udp is connectionless, the server simply answers - to the spoofed address, of course. Funny thing, isn't it? (originally found on heise.de)"

2 of 188 comments (clear)

  1. Egress filtering by yggdrazil · · Score: 5, Insightful

    Part of the problem is all the totally clueless ISPs which don't do proper egress filtering. That is, they don't filter out outgoing packets with falsified sender addresses.

    They've had years to do that, and still don't.

  2. Re:Well You Have To Give Them Credit by quakeroatz · · Score: 5, Insightful

    Way to go GameSpy, yet another ounce of proof of a useless service for idjits.

    Sorry? Yes, I'd be the first to bash Gamespy for their heavyhanded marketing approaches and Microsoftesque software pushing... but... they merely supply a tool that uses a service built into just about every FPS on the planet. This is an extremely useful service that's essential to find buddies, favourite maps and most importantly, the lowest pinging servers. Even "open" server browsers such as the All Seeing Eye use the same service as Gamespy3D/GamespyArcade and are equally susceptible to the same vulnerability.

    Yes it's time to rethink client/server game querying, but not the time to bash M$, Gamespy or any other corporate scapegoat.

    And to think Carmack didn't think about this years ago.... Shudder.