Server Crash Exploit

Bluecewe

Junior Member
Joined
Feb 7, 2012
Likes
0
#1
Our server recently experienced a situation where a player threatened to "DDoS" our server. A few moments later, all players began to experience high latency and eventually all were disconnected from the server.

I doubt anyone would go the effort of having enough hardware sitting around to execute a true DDoS attack, let alone a DoS attack. Thus, it leads me to believe that whoever the player was must have been making use of some exploit, likely found within the remote administration interface.

Has anyone else experienced this, and does Kalms have anything to say relating to this issue?
 

woowoo

Senior Member
Joined
Aug 27, 2008
Likes
4
Location
SE US
#2
There is an exploit - which I won't detail here - but I thought they fixed it in one of the recent patches. But I guess not.
 

Kalms

Senior Member
Joined
Feb 1, 2010
Likes
2
#4
The recently fixed exploit would instantly crash the server. This sounds more like a classic DoS. I don't know of any effective attack via the RCON port/protocol.
 

Bluecewe

Junior Member
Joined
Feb 7, 2012
Likes
0
#5
The recently fixed exploit would instantly crash the server. This sounds more like a classic DoS. I don't know of any effective attack via the RCON port/protocol.
So they just sent a large number of requests to the gameplay port?
 

PapaCharlie9

Senior Member
Joined
Jan 15, 2011
Likes
0
#6
So they just sent a large number of requests to the gameplay port?
Probably.

And DDos clients, like aimbots and other cheats, are available on the Internet, more's the pity. Some take advantage of botnets created by viruses, others take advantage of hacker communities that voluntarily provide attack hosts for people to use.

The resources are out there, never doubt it. And this has been a problem for a long time. Our BF2 server used to get the occasional DDos attack.
 

Bluecewe

Junior Member
Joined
Feb 7, 2012
Likes
0
#7
Probably.

And DDos clients, like aimbots and other cheats, are available on the Internet, more's the pity. Some take advantage of botnets created by viruses, others take advantage of hacker communities that voluntarily provide attack hosts for people to use.

The resources are out there, never doubt it. And this has been a problem for a long time. Our BF2 server used to get the occasional DDos attack.
I understand fully that all someone need do is use software written for them by someone else for the purpose of launching an attack, though I was taken aback that someone would go to the effort of finding attack tools as well as the hardware needed to execute attacks on a server as unknown as ours. It seemed that the person who launched the attack simply entered the server looking for a fight to boost his ego; we'd never met him before, never met since, and never took any rash action against him.

It's odd that someone would go to that amount of effort to seem impressive to others.
 
Top Bottom