[crossfire] The real cause of the metaserver DOS attack
Andreas Kirschbaum
kirschbaum at myrealbox.com
Wed Jun 22 17:34:02 CDT 2005
I'm fairly sure that the real cause of the metaserver DOS is not some
random attacker but the crossfire server itself: you just need to set up
a (new) crossfire server and change the "metaserver_notification off"
config option to "on" to make your server flood the metaserver.
The patch
cvs diff -r 1.9 -r 1.10 lib/settings
changed the default value for the "fastclock" config option from 0 to 1.
That probably means that many new servers will run in fastclock mode.
Furthermore, socket/loop.c contains a logic error if fastclock is
enabled:
(excerpt from socket/loop.c; I stripped code not related to the problem)
|
/** Waits for new connection */
|
static void block_until_new_connection() {
|
do {
|
/* Every minutes is a bit often for updates - especially if
|
* nothing is going on. This slows it down to every 6 minutes.
|
*/
|
cycles++;
|
if (cycles == 7) {
|
metaserver_update();
|
cycles=1;
|
}
|
if (settings.fastclock > 0) {
|
Timeout.tv_sec=0;
|
Timeout.tv_usec=50;
|
} else {
|
Timeout.tv_sec=60;
|
Timeout.tv_usec=0;
|
}
|
}
|
while (select([...], &Timeout)==0);
[...]
This function is called whenever a server has no active connections.
Basically, with fastclock=0, the metaserver update will be sent once per
6 minutes but with fastclock=1 it will be sent once per 6*50 usec (which
could be more than 3000 packets per second on a fast machine).
More information about the crossfire
mailing list