DoS Attack through MUD...

From: Vladimir Nano (nano.vladimir@slsp.sk)
Date: 10/16/02

Next message: Tseran: "Patch 22 broke Easy Color, and possibly other color code"
Previous message: tap3w0rm: "Sign mismatch"
Next in thread: Tseran: "Re: DoS Attack through MUD..."
Maybe reply: Tseran: "Re: DoS Attack through MUD..."
Maybe reply: Lyam ConDoin / Muerioch: "Re: DoS Attack through MUD..."
Maybe reply: Jason Pullara: "Re: DoS Attack through MUD..."
Maybe reply: Xerin: "Re: DoS Attack through MUD..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hallo.
Somebody (XXX from X.X.X.X) tried attack (through my MUD)server,
which runs my mud.
He(she) opens 300 connections (only 300, because I had max_players = 300)
to Mud port.
Attack failed, but he(she) reached max_players limit
and 'normal' players could not play.

Here is my solution and I want to know, what do You think
about it:
(running bpl19 on Linux)

1. only 50 players together
 in config.c changed max_players = 50
 (on my mud max 10 players play together)


2. only 5 players from one site (one IP address)

 in comm.c: in new_descriptor():

  /* determine if the site is banned */
  if (isbanned(newd->host) == BAN_ALL) {
    CLOSE_SOCKET(desc);
    sprintf(buf2, "Connection attempt denied from [%s]", newd->host);
    mudlog(buf2, CMP, LVL_GOD, TRUE);
    free(newd);
    return (0);
  }

  +/* ADDED, (PROXIES - SORRY) */
  +if (check_players_per_site(newd->host)) {
  +  CLOSE_SOCKET(desc);
  +  sprintf(buf2, "Too many players from [%s]", newd->host);
  +  mudlog(buf2, CMP, LVL_GOD, TRUE);
  +  free(newd);
  +  return (0);
  +}

and (for example) in ban.c

+/* ADDED */
+extern int max_plrs_per_site; /*from config.c, = 5 */
+
+int check_players_per_site(char *hostname)
+{
+  struct descriptor_data *d;
+  int num = 0;
+
+  for (d = descriptor_list; d; d = d->next) {
+    if (d->host && *d->host) {
+      if (strstr(hostname, d->host)) {
+        num++;
+        if (num >= max_plrs_per_site) return 1;
+      }
+    }
+  }
+
+  return 0;
+}


3. kick out players from menu (after 1 hour)

in comm.c: in game_loop():

  /* Kick out folks in the CON_CLOSE or CON_DISCONNECT state */
  for (d = descriptor_list; d; d = next_d) {
    next_d = d->next;
    if (STATE(d) == CON_CLOSE || STATE(d) == CON_DISCONNECT)
      close_socket(d);
  }

+  /* ADDED */
+  for (d = descriptor_list; d; d = next_d) {
+    next_d = d->next;
+    if ((STATE(d) > CON_CLOSE  &&  STATE(d) < CON_DISCONNECT)
+         &&  time(0) - d->login_time > 3600)
+      close_socket(d);
+  }


Thank You
VladoN



This email has been swept by
MIMEsweeper for the presence of computer viruses.

--
   +---------------------------------------------------------------+
   | FAQ: http://qsilver.queensu.ca/~fletchra/Circle/list-faq.html |
   | Archives: http://post.queensu.ca/listserv/wwwarch/circle.html |
   | Newbie List:  http://groups.yahoo.com/group/circle-newbies/   |
   +---------------------------------------------------------------+

Next message: Tseran: "Patch 22 broke Easy Color, and possibly other color code"
Previous message: tap3w0rm: "Sign mismatch"
Next in thread: Tseran: "Re: DoS Attack through MUD..."
Maybe reply: Tseran: "Re: DoS Attack through MUD..."
Maybe reply: Lyam ConDoin / Muerioch: "Re: DoS Attack through MUD..."
Maybe reply: Jason Pullara: "Re: DoS Attack through MUD..."
Maybe reply: Xerin: "Re: DoS Attack through MUD..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : 06/25/03 PDT