Jump to content

Call of Duty 2 DoS Exploit?


Brett

Recommended Posts

I noticed we had a huge outbound spike of traffic tonight on one of our machines, and it has happened a few other times on the same machine. The customer complaining of the issue has a COD2 server, and seems to be the one being affected the most by this.

 

It feels very similar to when we had some of our un-patched COD4 servers a while back being used as DDoS zombies.

 

Is there any sort of exploit in COD2 of this nature? I didn't see any patches from Aluigi that seemed to fix that type of exploit, but would like to get to the bottom of this.

Link to comment
Share on other sites

write iptables.

 

set the rules in the conf folder:

 

iptables-save > iptables.conf

 

open saved rules iptables.conf and copy that from me : change server and ports and type :

 

iptables -F

 

then restore :

iptables-restore < iptables.conf

 

-A OUTPUT -p UDP -m length --length 1162:1168 -j DROP
-A FORWARD -p UDP -m length --length 1162:1168 -j DROP
-A INPUT -p UDP -m length --length 1162:1168 -j DROP
-A INPUT -p UDP -m length --length 42 -m recent --set --name getstatus_cod
-A INPUT -p UDP -m string --algo bm --string "getstatus" -m recent --update --seconds 1 --hitcount 20 --name getstatus_cod -j DROP 

 

FINISHED! No Spam anymore!

Link to comment
Share on other sites

Thank you guys, that fix you linked to Omni worked perfectly.

 

We are seeing one of our machines still being used for attacks though. Unfortunately we have multiple servers on the IP's in question. Are any of these games (Unreal Tournament 99, MOHAA, SOF2, Urban Terror, MW3, or BF2) exploited in the same way as COD?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Who's Online   0 Members, 0 Anonymous, 13 Guests (See full list)

    • There are no registered users currently online
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue. Terms of Use