@ Cirium:
My idea, not SD's. I actually implemented it a while ago, but the server that had the source code on it is no longer in existence due to contract expiration.

@ Apache uwu:
The people crashing servers usually use the packet used to get the server data as this is one of the most expensive operations. Therefore looking for packets with multiple repetitions of that packet will allow you to mark certain IP's as "dangerous" and "ban" their packets in a way.

It's a very simple idea, guys, why not have a hack at it?

Since when you are inventor of the idea of logging packets? Bullshit.

This is useless and not obvious-becuase-it-is-bullshit nonsense. If you had 300 zombie hosts at your disposal, a crash would be easy. Hell, with 6 zombie hosts and a few proxy servers could crash a CS2D server. A SINGLE HOST AND A PROXY COULD CRASH A SERVER. Speed does not matter as the proxies will generally be fast enough to send out 30 fucking UDP packets in a matter of milliseconds.

I didn't really read his post, but logging packets implies removing them (actively) otherwise it makes no sense.

Right now you're extremely wrong, my friend, what you tell is pure bullshit. Single host/proxy would not crash a server, unless you haven't got IT knowledge at all/your server is shit. You cannot crash a CS2D server by DDoSing UDP packets, you need more than 6 zombie hosts to do that. Twelve would do a thing. Speed does not matter, but location does.

No, you are wrong. Logging = reading and saving the data from the packets.

You do not know what you are talking about. Every time my server was crashed, it was through the use of a repetition of a packet filled with multiple entries of the "fetch server data" instruction. there were about 30 of them each time before the CS2D server crashed. This amounted to a 'whopping' 60.something kilobytes of data, even slow DSL lines and proxies can send that in a few milliseconds. It's not the speed that matters. You are obviously someone who knows shit all and bases their comments on assumptions and poor evaluations of events.

EDIT: And location doesn't matter either, a single host doesn't even need a proxy to crash a server unless they want to hide their identity, in which case they wouldn't need a proxy either because you can simply change the IP address as the packet leaves your PC.

You can probably even crash a CS2D server with a single (slow) connection and one single IP and without using any proxies. I'm pretty sure that there are still multiple ways to do that.

Logging packets without later analyzing them and therefore actively removing fraud packets makes no sense.

Packet flood has nothing to do with DDoS attacks in this case - it's CS2D's vulnerability.

Location does matter when it comes to flooding UDP packets.

Doesn't change the fact that logging is logging, not removing. Come back to me once you've gained the correct use of your vocabulary.

Show some proof. I attempted to crash my server, which was in Germany, from where I am, South African, and I got it down relatively quickly using spoofed packets, there's my proof as to your ignorance. Location doesn't matter whatsoever. Here ends my arguments, it's obvious you are just defending a sorry, pathetic arse with your posts.

And location doesn't matter in DoS attacks either.

@ oxytamine:
You said that logging is removing fraud packets,

I concat'd several strings of the data used in the handshaking process and sent several of these packets to the server. They were similar to the ones that I had recieved originally. I learnt the packet contents and their uses from a post on Uprate6's blog.

You were talking about DDoS attacks, which you are really not qualified to talk about considering you are a 15-year old kid sitting in front of his PC for hours trying to look smart, so I answered your misguided defensive jabbering.

No. I said that logging implies actively removing fraud packets.

No, I'm a bit older. Anyway, I was not talking about DDoS attacks, but packet flooding.

Well it doesn't, so you are wrong.

Well it doesn't, so you are wrong.

It does.

This is useless and not obvious-becuase-it-is-bullshit nonsense. If you had 300 zombie hosts at your disposal, a crash would be easy. Hell, with 6 zombie hosts and a few proxy servers could crash a CS2D server. A SINGLE HOST AND A PROXY COULD CRASH A SERVER. Speed does not matter as the proxies will generally be fast enough to send out 30 fucking UDP packets in a matter of milliseconds.