Server Talk > Server Help

SOLVED: "" is an invalid integer

(1/1)

Moroes:
Hi Soldaters,
someone has been busy using an exploit and crashing our servers lately.
Please run this command in your linux console to drop the nasty packet and make your server healthy again.

--- Code: --- iptables -I INPUT -p udp --dport 23073 -m string --algo kmp --hex-string '|64 29 77 00|' -j DROP

--- End code ---
- replace 23073 with the serverport you're using
- I guess windows users gotta use netsh advfirewall/netsh firewall command. Get linux tho.

Credit goes to Helloer, the best soldat developer. Retired unfortunately.

#soldatisdead
#whatisdeadmayneverdie

jrgp:
That's good to know. Would be a good idea of the soldatserver could have protection for this sort of attack built in.

ezanolin:
Thank you for your help and the patched ELF, however it segfaults on my server. possibly because I run 64 bit Linux with 32 bit libs. I watched for packets from outside and came up with an additional rule for users with similar problems. Here are the 2 firewall rules that I am using


--- Code: ---iptables -I INPUT -p udp --dport 23073 -m string --algo kmp --hex-string '|64 29 77 00|' -j DROP
iptables -I INPUT -p udp --dport 23073 -m length --length 1 -m string --algo kmp --hex-string '|64|' -j DROP

--- End code ---

I strongly suspect that there will be other packets that could crash the server but for now this is working for me. As of today the packets are coming from 35.196.253.60. Looks like the server list is scanned an then the servers are attacked. My server was brand new never on the internet before and it crashed within minutes of going up.

GeoIP shows the following

35.196.253.60   US   Mountain View,
California,
United States,
North America   94043   37.419200000000004,
-122.0574   1000   Google Cloud   Google Cloud

Probably some Google services user being an a$$, seriously people need better hobbies. When can we expect an officially released binary patch? (ie available on downloads page) I cant imagine this issue is good for the community.

All the best.
Enrico Zanolin

MrHamsTR:
I thought this was already solved but since I got this error lately, think somebody should figure it out again.

Irlandec:

--- Quote from: MrHamsTR on March 22, 2018, 08:45:40 am ---I thought this was already solved but since I got this error lately, think somebody should figure it out again.

--- End quote ---

What OS, soldatserver version are you using?

Navigation

[0] Message Index

Go to full version