LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 10-14-2011, 02:20 AM   #1
smallgamer
LQ Newbie
 
Registered: Jul 2011
Posts: 29

Rep: Reputation: Disabled
Game server under attack


I run a gaming server on Centos. It's the most popular server in my game, and some people who don't like that have been attacking it daily. It's being done by spoofing or spamming some kind of packet to the server.

The game server process continues to run on the Centos server, but it no longer appears on the game list and players can not connect to it.

I have no idea where to begin figuring out how this is being done and how to stop it. Any ideas? [REMOVED]

Thanks for any guidance you can provide. I've been dealing with this for months and it's starting to drive me crazy (and ruin my server).

Last edited by unSpawn; 10-14-2011 at 02:24 AM. Reason: //moderated
 
Old 10-14-2011, 03:41 AM   #2
lithos
Senior Member
 
Registered: Jan 2010
Location: SI : 45.9531, 15.4894
Distribution: CentOS, OpenNA/Trustix, testing desktop openSuse 12.1 /Cinnamon/KDE4.8
Posts: 1,144

Rep: Reputation: 217Reputation: 217Reputation: 217
you should have iptables firewall up and running to allow only the ports the server needs for your 'game'
check your LOG files (/var/log/httpd etc.)
post the results

post your "iptables -L" or "cat /etc/sysconfig/iptables"
 
Old 10-14-2011, 11:57 AM   #3
smallgamer
LQ Newbie
 
Registered: Jul 2011
Posts: 29

Original Poster
Rep: Reputation: Disabled
I'm curious why you wrote 'game' instead of game, lol. If you're actually interested I could PM you the server info and you can check it out. Anyway, thank you for your help so far.

I looked in the /var/log/httpd folder and there are a few files there. I'm not sure exactly what I'm looking for though. Sorry - could you be more specific please (I'm an admitted noob)?

This is what I get when I do "iptables -L" (I assume it's default since I've never touched it):

Code:
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
[root@michigan2 ~]#
And here is "cat /etc/sysconfig/iptables" (again assuming this is default):

Code:
# Load additional iptables modules (nat helpers)
#   Default: -none-
# Space separated list of nat helpers (e.g. 'ip_nat_ftp ip_nat_irc'), which
# are loaded after the firewall rules are applied. Options for the helpers are
# stored in /etc/modprobe.conf.
IPTABLES_MODULES=""

# Unload modules on restart and stop
#   Value: yes|no,  default: yes
# This option has to be 'yes' to get to a sane state for a firewall
# restart or stop. Only set to 'no' if there are problems unloading netfilter
# modules.
IPTABLES_MODULES_UNLOAD="yes"

# Save current firewall rules on stop.
#   Value: yes|no,  default: no
# Saves all firewall rules to /etc/sysconfig/iptables if firewall gets stopped
# (e.g. on system shutdown).
IPTABLES_SAVE_ON_STOP="no"

# Save current firewall rules on restart.
#   Value: yes|no,  default: no
# Saves all firewall rules to /etc/sysconfig/iptables if firewall gets
# restarted.
IPTABLES_SAVE_ON_RESTART="no"

# Save (and restore) rule and chain counter.
#   Value: yes|no,  default: no
# Save counters for rules and chains to /etc/sysconfig/iptables if
# 'service iptables save' is called or on stop or restart if SAVE_ON_STOP or
# SAVE_ON_RESTART is enabled.
IPTABLES_SAVE_COUNTER="no"

# Numeric status output
#   Value: yes|no,  default: yes
# Print IP addresses and port numbers in numeric format in the status output.
IPTABLES_STATUS_NUMERIC="yes"

# Verbose status output
#   Value: yes|no,  default: yes
# Print info about the number of packets and bytes plus the "input-" and
# "outputdevice" in the status output.
IPTABLES_STATUS_VERBOSE="no"

# Status output with numbered lines
#   Value: yes|no,  default: yes
# Print a counter/number for every rule in the status output.
IPTABLES_STATUS_LINENUMBERS="yes"
 
Old 10-14-2011, 01:40 PM   #4
Noway2
Senior Member
 
Registered: Jul 2007
Distribution: Ubuntu 10.10, Slackware 64-current
Posts: 2,124

Rep: Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776
First off, welcome to LQ Security. The output of those two commands shows that you are not running any sort of firewall on your system. In terms of administering a public facing server, running a game or 'game' server is tantamount to putting a bulls-eye target on yourself as they are frequently targeted for all sort of ill activity, including DOS (Denial of Service) type attacks. As an admitted noob, you will face extra, but not insurmountable, challenges in dealing with it.

The first order of business will be to determine the type of attack you are being exposed to. You mentioned that some form of packet is being spammed or spoofed to your server. Could you please be more specific? How did you determine you were being attacked, what do these packets look like, what effect are they having, are they coming from one particular source or multiple sources, etc. Please be verbose in your description and provide as much detailed information as you possibly can. LQ Security has some extremely knowledgeable people and we can certainly help you with this problem, but we prefer and will need to deal with facts. To that end, as much specific information as you can provide will be helpful.
 
Old 10-14-2011, 02:41 PM   #5
smallgamer
LQ Newbie
 
Registered: Jul 2011
Posts: 29

Original Poster
Rep: Reputation: Disabled
I'll try to answer all of your questions.

I know I'm under attack because these same people have been attacking my server for about a year now. Originally it was a chat flood, where they used a little script to spam in-game chat messages fast enough to make the game server crash (not the centos server, but the "game server" running on it... not sure if there is better terminology for that distinction). This is an independently developed game, so I have access to the developer and was able to get him to patch that.

Then they proceeded to start "spoofing" other players' in-game logins, and since those credentials are used to assign administrative rights to certain players, spoofing those players allowed them to do all sorts of things like mass banning players, changing server settings to the point of crippling the game and making it unplayable, etc. The developer was able to patch this also.

As far as the current attack, I'm less clear on exactly how they're doing it. The effect is that my server is unresponsive to the main-gameserver-tracking-server-the-developer-owns, so it disappears from the in-game server list, and it also becomes unresponsive to players who try to play on it or join it. However, the process continues running on centos. I do know that it's this same group with another attack, based on forum chatter and "the grapevine", and I say that they are doing it by sending packets for a few reasons. 1- I'm hearing that it's done via a winsock application. 2- I'm also hearing that these same people have been DOSing other servers (not sure whether that conflicts with #1). 3- The game logs (not the centos logs, which I'm pretty unfamiliar with, but the mediocre game server logs that document the in-game action and minor game server stuff) don't really show anything, unlike the previous chat spam attacks that were visible in the logs.

I don't know what the packets look like per se. I also don't know whether they're coming from one source or multiple sources.

Since I don't use this server for anything but gaming, what I'd really like to do is completely lock down everything else on the server... so that it basically ignores any packets that aren't sent to this specific application, but also logs any packets that are spammed at this application in case that's what is happening. I also want to make sure nobody can connect to the server in any way except for the game... meaning email services, http stuff, cron, anything that would allow my server to be controlled remotely (again, not that familiar with centos yet), and any possibility of other users or accounts existing on the system.

Of course, I don't know what I'm talking about in the slightest, but a complete lockdown sounds really good right now, and like I said, I'm not using any of that stuff.

EDIT: I should have also mentioned that I'm running centos on a VPS, since that might matter.

Last edited by smallgamer; 10-14-2011 at 03:16 PM.
 
Old 10-14-2011, 04:34 PM   #6
travisdh1
Member
 
Registered: Sep 2008
Distribution: Fedora
Posts: 129

Rep: Reputation: 21
If you have a gui installed (something like a windows desktop) you should be able to use the system-config-firewall to get you started with locking down the system. Just remember to make sure you don't block the remote desktop port you're using! (Made that mistake a number of times myself.) If it's not installed just do a
Code:
yum -y install system-config-firewall
to download and install it. It's easy enough to use that as long as you know the port(s)/protocol(s) you need you should be good to go.
 
Old 10-15-2011, 06:41 AM   #7
smallgamer
LQ Newbie
 
Registered: Jul 2011
Posts: 29

Original Poster
Rep: Reputation: Disabled
Quote:
as long as you know the port(s)/protocol(s) you need
I don't.

Anyway, I've received some more information indicating that this is being done with a UDP dos attack, presumably on the port from which the game is running on my server. Does anyone know how I can log and stop this type of attack?
 
Old 10-15-2011, 07:43 AM   #8
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,543
Blog Entries: 54

Rep: Reputation: 2924Reputation: 2924Reputation: 2924Reputation: 2924Reputation: 2924Reputation: 2924Reputation: 2924Reputation: 2924Reputation: 2924Reputation: 2924Reputation: 2924
Quote:
Originally Posted by smallgamer View Post
I've received some more information indicating that this is being done with a UDP dos attack, presumably on the port from which the game is running on my server. Does anyone know how I can log and stop this type of attack?
First things first. Until we have a clear picture of what you need please stop and disable any publicly accessible services you don't need for server maintenance like web-based server management panels, FTP, VNC, SMTP, etc. You need SSH but ensure you use an unprivileged account with pubkey auth and not log in as root (more here: http://www.linuxquestions.org/questi...tempts-340366/). As you don't run a default firewall (the rules listing in chapter 2 http://wiki.centos.org/HowTos/Network/IPTables is) we need to set one up first and as quickly as possible. To help you set up /etc/sysconfig/iptables please post a list of ports in use
Code:
netstat -ntulpe
by services and obfuscate your IP address with something like "1.2.3.4". Also list enabled services
Code:
chkconfig --list | grep "$(runlevel|awk '{print $2}'):on";
and as much technical details about the game or games you're running. The more nfo the better and the quicker your reply the better.

Last edited by unSpawn; 10-15-2011 at 07:45 AM. Reason: //Code
 
Old 10-15-2011, 08:01 AM   #9
salasi
Senior Member
 
Registered: Jul 2007
Location: Directly above centre of the earth, UK
Distribution: SuSE, plus some hopping
Posts: 3,916

Rep: Reputation: 777Reputation: 777Reputation: 777Reputation: 777Reputation: 777Reputation: 777Reputation: 777
Quote:
Originally Posted by smallgamer View Post
...The developer was able to patch this also...
If you have that kind of access to the developer, you really ought to be able to find out what ports and protocols should normally be in use for the game.

I like wireshark for getting a screen dump of all traffic, but how useful this is will be a function of whether you can capture data when there isn't much 'good' traffic and a lot of 'bad' traffic.

It will be very helpful to know what the attack packets actually look like, because, for some cases there will be simple iptables blocks, and for others it would be more involved. Obviously. you should be trying to progress to a more secure situation, and a firewall will be an important part of that whatever the current attack looks like, but, if you are under attack currently, that must have a degree of priority.

Quote:
Originally Posted by smallgamer View Post
..."spoofing" other players' in-game logins, and since those credentials are used to assign administrative rights to certain players, spoofing those players allowed them to do all sorts of things like mass banning players, changing server settings to the point of crippling the game and making it unplayable, etc.
You seem to be referring to attempts to crack passwords, by something like a brute-force or a dictionary attack. This is not the normal use of the word spoofing in connection with networking, so be careful with this. (And, if it is an attack from one, or a small number, of ip addresses, iptables can help here, too. Particularly important to look at the actual data, and see what it looks like, then.)

Quote:
Originally Posted by smallgamer View Post
but also logs any packets that are spammed at this application in case that's what is happening. I also want to make sure nobody can connect to the server in any way except for the game... meaning email services, http stuff, cron, anything that would allow my server to be controlled remotely (again, not that familiar with centos yet), and any possibility of other users or accounts existing on the system.

Of course, I don't know what I'm talking about in the slightest, but a complete lockdown sounds really good right now, and like I said, I'm not using any of that stuff.
iptables also has some logging capabilities, so it could help there too. The trouble is defining what is a 'good' (ie, normal game packet) and what is a 'bad' packet. Again, looking at the actual data, it could jump off the page. Or, not. You won't know until you've actually looked at some data.

Quote:
I do know that it's this same group with another attack, based on forum chatter and "the grapevine", and I say that they are doing it by sending packets for a few reasons.
1- I'm hearing that it's done via a winsock application.
2- I'm also hearing that these same people have been DOSing other servers (not sure whether that conflicts with #1).
3- The game logs (not the centos logs, which I'm pretty unfamiliar with, but the mediocre game server logs that document the in-game action and minor game server stuff) don't really show anything, unlike the previous chat spam attacks that were visible in the logs.
Too much there that is hearsay, and which doesn't give actual details of the packets.

All that 1) means, if true, is that they using Windows. Not that helpful as a way of countering the threat.
2) means that there is a rumour that the same people have been using a denial of service attack of some sort. Even if it can be relied upon, that doesn't tell you very much (can you rely on the idea that it isn't a DDoS...I doubt it, unless you know more about the technical capability of the person who gave you the report, and whether it is a DoS or a DDoS does make a difference in how easy it is to take short-term measures against.)
3) isn't all that helpful, either, unless the implication is that game developer can again enhance the logs to help you.
 
Old 10-15-2011, 08:08 AM   #10
smallgamer
LQ Newbie
 
Registered: Jul 2011
Posts: 29

Original Poster
Rep: Reputation: Disabled
netstat -ntulpe

Code:
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       User       Inode      PID/Program name   
tcp        0      0 0.0.0.0:80                  0.0.0.0:*                   LISTEN      0          1307246    1444/httpd          
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      0          1075709    1390/sshd           
udp        0      0 0.0.0.0:36943               0.0.0.0:*                               0          571514324  16162/cs2d_dedicate 
udp        0      0 0.0.0.0:36944               0.0.0.0:*                               500        571524858  16183/cs2d_dedicate
chkconfig --list | grep "$(runlevel|awk '{print $2}')n";

Code:
crond           0:off   1:off   2:on    3:on    4:on    5:on    6:off
httpd           0:off   1:off   2:off   3:on    4:off   5:off   6:off
iptables        0:off   1:off   2:on    3:on    4:on    5:on    6:off
network         0:off   1:off   2:on    3:on    4:on    5:on    6:off
saslauthd       0:off   1:off   2:off   3:on    4:off   5:off   6:off
sendmail        0:off   1:off   2:on    3:on    4:on    5:on    6:off
sshd            0:off   1:off   2:on    3:on    4:on    5:on    6:off
syslog          0:off   1:off   2:on    3:on    4:on    5:on    6:off
vzquota         0:on    1:on    2:on    3:on    4:on    5:on    6:on
xinetd          0:off   1:off   2:off   3:on    4:on    5:on    6:off
Quote:
and as much technical details about the game or games you're running
The game is *edited to avoid attackers finding this in Google*. I'm not too aware of all of the technical details though. If there's anything specific you need to know, I can talk to the developer and get that information for you.

Last edited by smallgamer; 10-21-2011 at 06:35 AM.
 
Old 10-15-2011, 08:15 AM   #11
smallgamer
LQ Newbie
 
Registered: Jul 2011
Posts: 29

Original Poster
Rep: Reputation: Disabled
Quote:
If you have that kind of access to the developer, you really ought to be able to find out what ports and protocols should normally be in use for the game.
I am certain that you're right. But I wouldn't know how to go about locking down everything else that should not be in use. Also, my (limited) understanding of the current attack is that it's going to the port that has to be open in order for the game to run, and that it's sending a packet that the game accepts (but flooding the server with it).

If that is correct, then I will need to be able to log when packets are flooded that way, check what IP the packets came from, and then completely block any future packets from that IP so that they don't enter the server and reach the gaming software that is running on it.

Quote:
You seem to be referring to attempts to crack passwords, by something like a brute-force or a dictionary attack. This is not the normal use of the word spoofing in connection with networking, so be careful with this. (And, if it is an attack from one, or a small number, of ip addresses, iptables can help here, too. Particularly important to look at the actual data, and see what it looks like, then.)
Well, they were sending the server a packet that the game client normally sends the server, which tells the server what player it's dealing with. Player logins are done in the game client, and all of the servers simply listen to the login that the game client sends them. So they spoofed that and didn't need to use any kind of password cracking. Luckily, the developer patched that pretty quickly.

Quote:
I like wireshark for getting a screen dump of all traffic, but how useful this is will be a function of whether you can capture data when there isn't much 'good' traffic and a lot of 'bad' traffic.
I'm not really sure if that's the case or not. There are definitely a lot of packets flying around though, as this is a real-time shooting game.

Quote:
iptables also has some logging capabilities, so it could help there too. The trouble is defining what is a 'good' (ie, normal game packet) and what is a 'bad' packet. Again, looking at the actual data, it could jump off the page. Or, not.
I'm not entirely sure if the packet itself is any different from the packets that are normally sent to the server, or if it's the same kind of packet but just flooded to make the attack.

Last edited by smallgamer; 10-15-2011 at 08:21 AM.
 
Old 10-15-2011, 08:56 AM   #12
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,543
Blog Entries: 54

Rep: Reputation: 2924Reputation: 2924Reputation: 2924Reputation: 2924Reputation: 2924Reputation: 2924Reputation: 2924Reputation: 2924Reputation: 2924Reputation: 2924Reputation: 2924
Quote:
Originally Posted by smallgamer View Post
netstat -ntulpe
Code:
tcp        0      0 0.0.0.0:80                  0.0.0.0:*                   LISTEN      0          1307246    1444/httpd          
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      0          1075709    1390/sshd           
udp        0      0 0.0.0.0:36943               0.0.0.0:*                               0          571514324  16162/cs2d_dedicate 
udp        0      0 0.0.0.0:36944               0.0.0.0:*                               500        571524858  16183/cs2d_dedicate
OK, so only TCP/22,80 and UDP/369... Lets see if we can build you an /etc/sysconfig/iptables replacement before moving on to packet inspection:
Code:
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
# Accept localhost.
-A INPUT -i lo -j ACCEPT
# Accept established traffic.
-A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
# Log and deny invalid connections.
-A INPUT -m conntrack --ctstate INVALID -j LOG --log-prefix "IN_inv "
-A INPUT -m conntrack --ctstate INVALID -j REJECT
# Log and limit TCP SYN connections to 30 per /24 range.
-A INPUT -m tcp -p tcp --syn -m connlimit --connlimit-above 30 --connlimit-mask 24 -j LOG --log-prefix "IN_lim "
-A INPUT -m tcp -p tcp --syn -m connlimit --connlimit-above 30 --connlimit-mask 24 -j REJECT
# Log and limit new UDP connections to 100 per /24 range.
-A INPUT -m udp -p udp -m state --state NEW -m connlimit --connlimit-above 100 --connlimit-mask 24 -j LOG --log-prefix "IN_lim "
-A INPUT -m udp -p udp -m state --state NEW -m connlimit --connlimit-above 100 --connlimit-mask 24 -j REJECT
# Log and accept SSH and HTTP.
-A INPUT -m state --state NEW -m tcp -p tcp -m multiport --dports 22,80 -j LOG  --log-prefix "IN_tcpnew "
-A INPUT -m state --state NEW -m tcp -p tcp -m multiport --dports 22,80 -j ACCEPT
# Log and accept CS2D. It actually uses a range and I don't know how wide it is so from logging you'll know so
# you can tighten it.
-A INPUT -m state --state NEW -m udp -p udp -m multiport --dports 36900:36999 -j LOG  --log-prefix "IN_udpnew "
-A INPUT -m state --state NEW -m udp -p udp -m multiport --dports 36900:36999 -j ACCEPT
# This part of the INPUT chain should never be reached as long as the default policy is DROP. You'll appreciate
# this failsafe when your default policy changes and you forgot to adjust things. 
-A INPUT -m limit --limit 1/minute --limit-burst 3 -j LOG --log-prefix "IN_rej "
-A INPUT -j REJECT --reject-with icmp-host-prohibited
# The OUTPUT chain doesn't need rules since your policy is ACCEPT but I like to have localhost in it anyway.
-A OUTPUT -i lo -j ACCEPT
COMMIT
Save this as /etc/sysconfig/iptables.new then activate like this (could use 'at' instead) since all your IPTABLES_SAVE.*= variables are set to "no":
Code:
#!/bin/sh --
/sbin/iptables-restore < /etc/sysconfig/iptables.new
sleep 5m
/etc/rc.d/init.d/iptables restart
exit 0
this allows you five minutes for testing / looking at logging after which the default script (having no rules :-( ) will be enabled. If you think this rule set works then
Code:
cp /etc/sysconfig/iptables /etc/sysconfig/iptables.bak && cat /etc/sysconfig/iptables.new > /etc/sysconfig/iptables && /etc/rc.d/init.d/iptables restart
- Note that SSH should really be confined to your management IP range or at least protected by 'fail2ban' or equivalent. The same would go for HTTP if you only use it for web-based service or server management. Also note the above rule set explicitly denies SMTP traffic (even though a standard sendmail.cf should have the MTA running on only loopback).
- Do adjust limits if you find a lot of logged "IN_lim " lines in /var/log/messages.
- Also see http://wiki.centos.org/HowTos/Network/IPTables, http://www.centos.org/docs/5/html/De...-US/ch-fw.html and http://www.frozentux.net/iptables-tu...-tutorial.html for a basic understanding of Netfilter / iptables.
- While you're at it run 'yum install logwatch' and run your logs through it. Not related to you getting DoSsed but it would be good to see if there's other things to address.

Last edited by unSpawn; 10-15-2011 at 09:12 AM. Reason: //More *is* more
 
Old 10-15-2011, 12:02 PM   #13
smallgamer
LQ Newbie
 
Registered: Jul 2011
Posts: 29

Original Poster
Rep: Reputation: Disabled
When I try to enter:

/sbin/iptables-restore < /etc/sysconfig/iptables.new

I get this message:

Code:
[root@michigan2 ~]# /sbin/iptables-restore < /etc/sysconfig/iptables.new
'ptables-restore v1.3.5: iptables-restore: unable to initializetable 'filter

Error occurred at line: 1
Try `iptables-restore -h' or 'iptables-restore --help' for more information.

Last edited by smallgamer; 10-15-2011 at 12:52 PM.
 
Old 10-15-2011, 12:11 PM   #14
smallgamer
LQ Newbie
 
Registered: Jul 2011
Posts: 29

Original Poster
Rep: Reputation: Disabled
I'm no longer getting that error now that I input the iptables text you gave me directly in centos using the vi tool, instead of saving it in a text editor. Now I am getting an error that -i can't be used with output. When I remove -i, I get another error saying "lo" is a bad argument.

Last edited by smallgamer; 10-15-2011 at 12:54 PM.
 
Old 10-15-2011, 02:54 PM   #15
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,543
Blog Entries: 54

Rep: Reputation: 2924Reputation: 2924Reputation: 2924Reputation: 2924Reputation: 2924Reputation: 2924Reputation: 2924Reputation: 2924Reputation: 2924Reputation: 2924Reputation: 2924
Oops.

0) It's missing a "# Generated by iptables-save v1.3.5 on Sat Oct 15 00:00:01 2011" line before the "*filter" line,
1) Should be "-A OUTPUT -o lo -j ACCEPT".

If you change the loopback line then you should be able to execute the script like before. If that doesn't work try

Code:
#!/bin/sh --
/sbin/iptables -P INPUT DROP
/sbin/iptables -P FORWARD DROP
/sbin/iptables -P OUTPUT ACCEPT
awk '/^-A/ { print "/sbin/iptables -t filter "$ALL}' /etc/sysconfig/iptables.new && \
/sbin/iptables-save > /etc/sysconfig/iptables.new
sleep 5m
/etc/rc.d/init.d/iptables restart
exit 0

Last edited by unSpawn; 10-15-2011 at 03:03 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Server Attack jitenagr Linux - Server 5 11-10-2006 07:50 AM
Server under some form of attack English_Man Linux - Security 1 10-30-2005 02:03 PM
is this a attack to my web server ohcarol Linux - Security 1 12-29-2004 09:59 AM
game not receving game list from master server Rnastyracer Linux - Games 2 04-02-2004 11:20 PM


All times are GMT -5. The time now is 08:50 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration