[26058] in bugtraq
Re: UT DDoS risk (possible solution)
daemon@ATHENA.MIT.EDU (Auriemma Luigi)
Thu Jul 4 12:30:17 2002
Message-ID: <3D20537500146E9D@mail-7.tiscalinet.it> (added by postmaster@mail.tiscali.it)
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset=iso-8859-1
Date: Sun, 2 Jan 2000 02:01:23 +0100
From: Auriemma Luigi <bugtest@sitoverde.com>
To: bugtraq@securityfocus.com
Reply-To: bugtest@sitoverde.com
Hi, this can be a possible solution better that the other in my advisory.
The UnrealTournament default timeout for the initial connection (the empty UDP datagram sended) is set in the section [IpDrv.TcpNetDriver] at the key "InitialConnectTimeout=".
The value that follow this key is in seconds and is 150.0 (2 minutes and 30 seconds).
So we must set this value to 5.0 or 10.0 for limit the flooding time (however this value must be tested on a real Internet match).
Only FYI exist another "InitialConnectTimeout=" key and it is in the [Engine.DemoRecDriver] section, and it is setted to 500.0 (over 8 minutes...), but I don't know when this value is used.
However a good idea (a precaution) is to set also this key to a minor value.
At the moment this is the better solution to limit the problem.
BYEZ
