shockli
Contributor
- Jan 29, 2016
- 243
- 194
- 111
Hey,
Recently a script of mine went very wrong. Ended up forkbombing badly. Luckily I had affinity and all that shit set up so my server didn't go down completely.
Situtation:
384GB Ram 96 core windows server 2012 on gbit line server running a PHP-CGI script that simply opens a connection and closes PHP-CGI. From that I noticed TeamSpeak allows a 30s timeout period. Which is useful.
What happened:
Instead of my DDoS protection kicking in immediately (It did eventually and banned the IP that was running the PHP-CGI client), the amount of query connections at a single time seems to have crushed the smaller server (16GB ram 8 core archlinux, gbit line).
This had surprised me because of the following:
I think that testing into this is required a bit further, because crashing a server via query as of latest versions is not something that is currently happening, and if this is able to be imitated and actually can be built into something that works this needs to be fixed (after a VIP release of tool and a few weeks ofc ;P).
Recently a script of mine went very wrong. Ended up forkbombing badly. Luckily I had affinity and all that shit set up so my server didn't go down completely.
Situtation:
384GB Ram 96 core windows server 2012 on gbit line server running a PHP-CGI script that simply opens a connection and closes PHP-CGI. From that I noticed TeamSpeak allows a 30s timeout period. Which is useful.
What happened:
Instead of my DDoS protection kicking in immediately (It did eventually and banned the IP that was running the PHP-CGI client), the amount of query connections at a single time seems to have crushed the smaller server (16GB ram 8 core archlinux, gbit line).
This had surprised me because of the following:
- The IP was NOT whitelisted.
- TeamSpeak has no prevention against millions of connections coming from one IP.
- TeamSpeak server (3.11.4) crashed immediately after about the 200th connection, and I was running a 256 slot server.
I think that testing into this is required a bit further, because crashing a server via query as of latest versions is not something that is currently happening, and if this is able to be imitated and actually can be built into something that works this needs to be fixed (after a VIP release of tool and a few weeks ofc ;P).