DDoS - CoD?
jeffw at he.net
Tue Sep 6 13:47:31 UTC 2011
Call of Duty is apparently using the same flawed protocol as Quake III
servers, so you can think of it as an amplification attack. (I wish I'd
forgotten all about this stuff)
You send "\xff\xff\xff\xffgetstatus\n" in a UDP packet with a spoofed
source, and the server responds with everything you see. With decent
amplification (15B -> ~500B) and the number of CoD servers in world you
could very easily build up a sizable attack.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 305 bytes
Desc: not available
More information about the NANOG