Patching current vulnerabilities and moving on to 0.7.0 (Page 1 of 2)

In the end, yes, it's an intrinsic problem within the teeworlds protocol, a design mistake. Just as a side note, I first thought the servers were filled solely to enlarge the server status response which could easily be abused for an amplification attacks (and I even noticed at least one attack being performed that way). It's just yet another vulnerability that's there.

Can anyone confirm if / which of these patches solves the attack problem and still allows me to run vanilla servers, or if there's going to be an official patch? I'd love to keep running my teeworlds servers but the machine is also used for many other things and I can't afford to have its bandwidth flooded by these attacks. I've had to shut my servers down. I know this is what the attacker wants, but like I said I can't afford to lose access to the machine.

This is happening again, right now... I can't play on vanilla servers :-/

No!, it is not just another vulnerability, this is exactly what he is doing, he has a ddos website, he is abusing teeworlds protocol to earn money.

I know who is him, he is vali from exec clan, i worked for him, i had access to his spoofing servers, and i am the one who wrote in C the tools that he is using to abuse the teeworlds protocol :-/, but i got tired of this shit.

He doesn't care about teeworlds, and there is not anything you can do to stop him, even if i tell you all his information. I know his provider, spoofing servers ips, ddos website url, name, etc..

But honestly i don't think that would stop him, because i doubt the german police would do something with that information.

PS: Someone needs to make a new teeworlds
PS2: Stitch knows him too, and i know he is well known on teeworlds but stitch had access to one of the spoofing servers for a few hours, because i gave access to [MLP] Rafael and him for a few hours, then stitch had the opportunity "to stalk" the spoofing server with the htop command, plus i am sure he checked all files in the spoofing server too, then i am sure he knows everything too.
PS3: I have a dream about to make a new teeworlds completely written in Ada 2012 with a lot of new features plus a secure network protocol (without DoS bugs), for all popular operating systems, Linux, Windows, Mac OS X, *BSD (Like FreeBSD), iOS and Android.....
PS4: Yes, i am Cider, the one who was ddosing ddnet, i was using vali's spoofing servers to ddos ddnet, but as i said i got tired of this shit.

Ok

You should say that to -> vali <-

After all He is the main person behind all this shit

I wouldn't be surprised if you were vali's brown noser

@lucid.dreaming You said he's doing this to earn money. Can you explain how?

If any of his is true, it is exactly what I thought it was. XD. And yes, it is one of several security issues that teeworlds has.

#1. Sending (connecting) in the serverlist and filling up a slot by just a single packet, instead of a three way handshake (which if properly implemented effectively counters ip spoofing). This supports..
#2, which is that the server status protocol (and especially any enlarged like the ddnet one) suffer from, namely unconfirmed addresses (no prior three way handshake) can send small packets that provoke large responses. This is called reflection attack. Normally you would only allow packet responses that are at maximum as large as an artificially enlarged request packet (no optimization here please). #1 just enlarges this and you get more output traffic for your own traffic.

I myself got attacked and was abused by said methods, collected a bit of information during that time as I said, those are just two of several problems, I didn't even look further, but I heared spoofing an existing connection was another one, for example.

Schwertspize Ok.

Magnet Ok cool , i hope this issue is fixed soon.

I think a security patch must be acceptable because it wouldn't modify the game play at all.

And it looks like you are on the attacker's side.

@heinrich: does it require a handshake before sending server/player infos? These are the structures used to flood third-parties. I can't look at your patch now but the one I saw earlier only limited the rate of sending info, which penalizes legitimate players who can't read the player list when there's a surge of requests.

What is happening to master servers these days? Servers shown in server list count jumps from 50 to 600 (250, 400 etc).

@yavl: The master servers are attacked with a "bea2" flood since about 3 days. The effect of this is that Teeworlds servers can no longer register at the master servers. As long as the attack is running, a patch, which prevents the master server from being flooded with heartbeat packets, will be active. As soon as the attack is over, I will switch the master server back to normal mode. This is only a temporary solution, there would be no server listed without a temporary "fix".

I would also prefer to finally release 0.7.

15:07:25.340494 IP (tos 0x0, ttl 60, id 11309, offset 0, flags [none], proto UDP (17), length 44)
    188.107.118.xxx.17131 > 51.254.183.249.8300: [udp sum ok] UDP, length 16
        0x0000:  4500 002c 2c2d 0000 3c11 3362 bc6b 76cf  E..,,-..<.3b.kv.
        0x0010:  33fe b7f9 42eb 206c 0018 6ab2 affd a0f0  3...B..l..j.....
        0x0020:  0ffb ffff ffff 6265 6132 ee00            ......bea2..

Good news! Exciting times ahead.

Given the circumstances, I think it's appropriate to link the 13 open issues tagged as bugs: https://github.com/teeworlds/teeworlds/ … abel%3Abug