 sl.Home |
 sl.Search |
 sl.Forum |
 sl.Settings |
 sl.Serverlist |
 sl.Maplist |
 sl.Team |
 sl.Wiki |
» RtCW/Enemy Territory
» Bug-Tracker
Rules / Regeln
- no copy 'n paste, only your own words (quoting is possible)- please write in English which sounds sense (orthography should be recognizable) - no rumours, no clan-news (except larger events) - always with list of reference/originator - please create compact news, 4-10 lines, colors, bold and cursive fontype is allowed (*) We decide finally which news will be published or not. Not published news remains here only if it is acceptable. |
- kein Copy&Paste, nur eigene Worte (Zitat möglich)- bitte vernünftiges Deutsch mit erkennbarer Rechtschreibung ;) - keine Gerüchte, keine Clannews (ausgenommen größere Veranstaltungen) - immer mit Quellen- oder Urheberangabe - bitte kompakte News, 4-10 Zeilen, Farbe, fett, kursiv möglich (*) Wir entscheiden letztlich, welche News veröffentlicht wird und welche nicht. Nicht veröffentlichte News bleiben hier in diesem Forum bestehen, es sei denn sie sind für uns inakzeptabel. |
- pas de copier coller, vos propres mots (citations possible)- lisible et sans fautes ;) - pas de "on dit", pa de news des clans (sauf les grandes manifs) - toujours citer les sources - essaies de faire compact, 4 - 10 lignes, couleur, gras possible (*) On decide a la fin, laquelle des news va etre publie und laquelle non. News non publies restent dans ce forum, sauf si elle est inacceptable! |
  |
| POTENTIONAL FIX: etded.x86 getstatus exploit |
 Oct 19 2011, 09:38 AM
Post
#31
|
|
  Master SergeantGroup: Members Joined: 4-January 09 From: Hinterm Mond :P Member No.: 80261  |
i have 16 bots now
i disabled the master server list last night i get now a cpu usage from 22 % //set sv_master1 "etmaster.idsoftware.com" //set sv_master2 "master.gamespy.com:27900" //set sv_master3 "master0.gamespy.com" //set sv_master4 "clanservers.net" //set sv_master5 "master3.idsoftware.com" //set sv_master6 "wolfmaster.idsoftware.com" hm maybe they are right with master server list  ich bekomm den kack nicht über Plesk geblockt........ka warum hab die IP der Domain rausgefunden rx: 102.67 kB/s 1729 p/s tx: 698.75 kB/s 551 p/s thats my traffic This post has been edited by AmericanPie1979: Oct 19 2011, 10:00 AM --------------------    |
 |
 
|
|
Oct 19 2011, 10:42 AM
Post
#32
|
|
 CorporalGroup: Members Joined: 25-December 09 Member No.: 89191 |
ZITAT(AmericanPie1979 @ Oct 19 2011, 10:38 AM)  ich bekomm den kack nicht über Plesk geblockt........ka warum hab die IP der Domain rausgefunden Die domain die dort steht verweist nicht zwangsläufig auf die dazugehöre IP. Das liegt daran, dass der Name dem reverse DNS Eintrag der IP entspricht, nicht umgekehrt. Wenn du iftop aufmachst drück einfach mal N auf der Tastatur. Dann zeigt iftop keine reverse DNS Namen mehr an, sondern die ursprünglichen IPs. |
|
|
|
|
Oct 19 2011, 10:52 AM
Post
#33
|
|
|
Master Sergeant Group: Members Joined: 4-January 09 From: Hinterm Mond :P Member No.: 80261 |
hab gesehen das es auf 3 roots die gleichen flood Attacken sind schon komisch oder ^^
ist die IP die ich rausgefunden hatte ^^ naja wenn man in Plesk nur die IP reinmacht bannt man doch den dazugehörigen Provider oder ?? seh ich das falsch ^^ hab was gefunden ^^ 11.11.11.11/32 <- just the host 11.11.11.11 11.11.11.0/24 <- the whole 11.11.11.0 network (254 ips) 11.11.0.0/16 <- the 11.11.0.0 network (64k ips) 11.0.0.0/8 <- the 11.0.0.0 network (16million ips) This post has been edited by AmericanPie1979: Oct 19 2011, 11:19 AM -------------------- |
|
|
|
|
Oct 19 2011, 12:36 PM
Post
#34
|
|
  Master of DesasterGroup: Management Joined: 7-March 06 From: Wehr Member No.: 23716 |
Das Problem ist doch, dass die Angreiffer IP gespooft ist. Die ändert sich z.T. minütlich. Statische IP Bans werden da auf Lange Sicht nicht viel nützen.
Deshalb bevorzuge ich die von OldMan modifizerte Lösung durch das getstatus_ban Skript. Einen höheren CPU load erhalte ich jedoch kaum wenn ich die Firewall deaktiviere, auch wenn der Traffic extremst hochrast. ---------------------------------------------------------------------------------------------------- The main problem is that the offenders IP is spoofed and changes very fast. Static IP bans will not help for a long duration. This is why I prefer the getstatus_ban script modified by OldMan. Nevertheless I couldn`t recognize any significant CPU load increase when I disable the firewall, even if the traffic raises extremly. --------------------    |
|
|
|
| Guest_Dutchman_* |
Oct 19 2011, 01:31 PM
Post
#35
|
|
Guests |
American, i see you are running your game on a linux machine. Ever tried the patch i've posted at the very beginning of this topic?
Works fine for me:) That is if you are running a 2.60b server. Or at least test it. You can backup the original etded if it ain't working for you but it should work. |
|
|
|
|
Oct 19 2011, 03:27 PM
Post
#36
|
|
|
Master Sergeant Group: Members Joined: 4-January 09 From: Hinterm Mond :P Member No.: 80261 |
Dutchman :) thx for info but i have 2.55+ so all patches can connect 2.55 - 2.60b
it would be great when the patch works on this one too :) etded.x86 Gruss von Opa :) :P This post has been edited by AmericanPie1979: Oct 19 2011, 03:31 PM -------------------- |
|
|
|
| Guest_Dutchman_* |
Oct 19 2011, 03:36 PM
Post
#37
|
|
Guests |
I don't know wich etded.x86 version you have "hochgeladen" but i ran the patch on your etded.x86 without any problems:
CODE et@*******:~$ ./etfix_getstatus etded.x86 ------------------------------------------------ ** limit getstatus patch 0.2 for etded.x86 2.60b yada // staatsschutz.org // jan. 2011 ------------------------------------------------ Patching: 23 bytes at offset 71BC0. Patching: 117 bytes at offset 71BE0. Patching: 11 bytes at offset E4EF. Patching: 5 bytes at offset E507. Patching: 4 bytes at offset 10C13. Success: etded.x86 patched. So ,you should patch it on your linux box and try it. If you don't know how to do it, we can help:) This post has been edited by Dutchman: Oct 19 2011, 03:49 PM |
|
|
|
|
Oct 19 2011, 03:45 PM
Post
#38
|
|
|
Master Sergeant Group: Members Joined: 4-January 09 From: Hinterm Mond :P Member No.: 80261 |
it says unknown etded.x86 version
 can you send me the patched version ???.......please :) xfire : wildehilde1979 :)  PS : it worked now ^^ v-v Version is patched now ^^ i try it out :P This post has been edited by AmericanPie1979: Oct 19 2011, 04:12 PM -------------------- |
|
|
|
|
Oct 19 2011, 04:12 PM
Post
#39
|
|
 Second LieutenantGroup: Members Joined: 10-November 08 From: US Member No.: 78526 |
English please so others having same issue can understand? Also possible to make windows patch for it? Also possible to make 3 request per IP every 4 sec because then HLSW will perfectly well. If it works with 1 request per 4 seconds, please let me know.
Thanks This post has been edited by daredevil: Oct 19 2011, 06:32 PM -------------------- Fearless Assassins Multi Gaming Community running servers for W:ET, COD4, BF3, CS:S, TF2, Minecraft and Teamspeak
  |
|
|
|
|
Oct 19 2011, 04:17 PM
Post
#40
|
|
|
Master Sergeant Group: Members Joined: 4-January 09 From: Hinterm Mond :P Member No.: 80261 |
i am writing english but sry its little bad :P
THX Dutchman ^^ 
This post has been edited by AmericanPie1979: Oct 19 2011, 04:26 PM -------------------- |
|
|
|
| Guest_Dutchman_* |
 Oct 19 2011, 05:58 PM
Post
#41
|
|
Guests |
QUOTE (AmericanPie1979 @ Oct 19 2011, 05:17 PM) i am writing english but sry its little bad :P THX Dutchman ^^ Glad it worked AmericanPie:) Any results on the cpu load or network usage? |
|
|
|
|
Oct 19 2011, 06:25 PM
Post
#42
|
|
|
Master Sergeant Group: Members Joined: 4-January 09 From: Hinterm Mond :P Member No.: 80261 |
cpu is on 21 - 22 %
network is now ok rx: 130.66 kB/s 2191 p/s tx: 14.47 kB/s 74 p/s ^^ Danke :) Ich weiß nicht ob du ihn noch kennst aber Opa hat nach dir gefragt ^^ PS : old network usage ^^ rx: 102.67 kB/s 1729 p/s tx: 698.75 kB/s 551 p/s lG This post has been edited by AmericanPie1979: Oct 19 2011, 06:32 PM -------------------- |
|
|
|
| Guest_Dutchman_* |
Oct 19 2011, 06:43 PM
Post
#43
|
|
Guests |
QUOTE (AmericanPie1979 @ Oct 19 2011, 07:25 PM) cpu is on 21 - 22 % network is now ok rx: 130.66 kB/s 2191 p/s tx: 14.47 kB/s 74 p/s ^^ Danke :) Ich weiß nicht ob du ihn noch kennst aber Opa hat nach dir gefragt ^^ PS : old network usage ^^ rx: 102.67 kB/s 1729 p/s tx: 698.75 kB/s 551 p/s lG OPA hehe...yes and his fellow "MOERDER" ....offcourse i know them, they were a while on our server.....4 years ago? ...crazy people :-D We can PM about this but please say hello to him :) Well, glad it worked for ya dude :-) and ps. with the linux command 'top' you can check wich process uses most of the cpu. |
|
|
|
|
Oct 19 2011, 06:46 PM
Post
#44
|
|
|
Master Sergeant Group: Members Joined: 4-January 09 From: Hinterm Mond :P Member No.: 80261 |
they are both on my Teamspeak ^^ Opa and Mörder ;)
i try this command ^^ most usage is etded.x86 23 % ^^ This post has been edited by AmericanPie1979: Oct 19 2011, 06:48 PM -------------------- |
|
|
|
|
Oct 23 2011, 02:03 PM
Post
#45
|
|
  SergeantGroup: Members Joined: 6-August 05 From: Italy Member No.: 12451 |
The scripts against that getstatus exploit works fine. But I don't understand one thing.
I give an example: All Attackers are banned through iptables, but they keep to send packets. I can see it through iptraf: CODE │ Incoming rates: 3385.7 kbits/sec │ 6555.2 packets/sec │ IP checksum errors: 0 │ Outgoing rates: 1811.4 kbits/sec │ 581.2 packets/sec Results: My service hosting provider keep to send me alerts about high traffic even the offending Ip's are banned. And when I go to check, the IN traffic is always more (twice) than OUT traffic. I am not sure if that high amounts of incoming packets may spoil the game play; I am afraid that is possible since some players keep to complain about lags. Someone have an idea or explanation of this problem? Thanks :) |
|
|
|
|
|
Lo-Fi Version | Time is now: 15th November 2024 - 07:34 PM |
