BadPacketException attack

Discussion in 'BungeeCord Help' started by Dzoko, May 17, 2015.

  1. I have issue with my Buneecord version #1065, someone is sending to our network bad packets and we log lagged with 2000% CPU.

    Log: http://pastebin.com/pzatssn6
     
  2. Code (Text):
    iptables -A INPUT -s IP -j DROP
    iptables -A OUTPUT -s IP -j DROP
    iptables -A FORWARD -s IP -j DROP
     
    #2 DotRar, May 17, 2015
    Last edited: May 17, 2015
  3. It's not a solution.

    37.187.119.59 - OVH, France
    176.9.65.236 - Hetzner, Germany
    96.44.189.100 - Proxy
    197.231.221.211 - Proxy

    They attacked from followed ip addresses, they can change it when they want...
     
  4. Hmm, seems like a thing for @md_5
     
  5. Maybe this will be helpful?

    sudo iptables -I INPUT -p tcp --dport 25565 -m state --state NEW -m recent --set
    sudo iptables -I INPUT -p tcp --dport 25565 -m state --state NEW -m recent --update --seconds 1 --hitcount 2 -j DROP
     
  6. if(length ==0)
    {
    thrownewCorruptedFrameException("length cannot be 0");
    }


    add this in Varint21FrameDecoder.java

    Fixed.