If you run a Tribes server, chances are you're familiar with DOS attacks. You may have experienced them as unexpected crashes shortly after kicking a player, or encountered endless loops of server crashing. Sometimes for hours on end. Even if you play Tribes and have never ran a server, you've been affected by DOS attacks. Massive attacks that crash all servers listed by the Tribes Master, sometimes blamed on the 'Tribes Master Servers' going down, are all caused by DOS attacks. If this has ever happened to you and your Tribes server, or you're simply tired of idiots ruining a great game, there is now a fix. Written by NoFiX
But first a little background on what actually causes this.
Tribes net code is far from perfect....
When a malformed packet is sent to a Tribes server, the packet handling routine is confused, (technical term..) and the server quits, droping any players connected.. Dedicated servers running with InfiniteSpawn.exe included with Tribes will restart once it detects the unexpected shutdown. If bad packets are continuously received by the server, the server is sent into a restart cycle until the attack is stopped. Essentially denying service to any player attempting to connect, and rendering the Tribes server useless. This can be very frustrating for people running large servers, especially server admins that rent out servers.
Bad packets can come from any source, and are not limited to players connected to, or pinging the server. I have seen many executables, and even web pages to do this. Here's an example of one that was ran with impunity for most of the summer and fall of 2003.
Notice the default in the "Kill all servers" field... 10000 times!!! If you had restarts October 6, and November 9, this page was responsible...
Until now, the only way to be sure server crashes were caused by someone DOS attacking was to run a packet sniffer like Ethereal, and try to decipher incoming packets. This can be done on the fly, or by logging everything for a period of time, and attempting to read the packet log later. Even if you mask off everything not headed for the Tribes server, these logs can get very large very fast. It's nearly impossible to discern invalid packets, unless the attacker is a complete moron, and attacks continuously from the same ip, or uses very large data blocks. Ironically this is EXACTLY how I caught the jerk at 220.127.116.11. Unfortunately this is a fairly well documented problem, and any disgruntled Tribes player can wreck havoc on an unprotected server fairly easy.
Not any more!
DosfixIs.exe is a replacement for Tribes InfiniteSpawn.exe designed and coded by NoFiX to thwart DOS attacks. This patch also contains many features above and beyond what InfiniteSpawn has to offer.
This patch effectively stops all DOS attacks, and has been tested extensively by many large server admins.
I've been running beta versions of this patch in my development server Blue Sex, since the middle of October. Since running the patch I've collected enough evidence to effectively shut down a few idiots, but there are more lurking in the shadows.
The Tribes DosFix patch will catch unexpected terminations just like Infinite Spawn. DosFix also detects lock ups caused by instabilities inherent in the Tribes engine. Base mod is fairly stable on its own, but many mods push the engine to the breaking point with deployables and vehicles. Lockup protection is reason enough to run this patch if you're running a mod.
DosFix also logs all events to a .log file, with ip, time, and packet information. Perfect for reporting the offender to his isp, or simply banning the offender.
Usage: DosFix is a for DEDICATED servers only, and not intended to be ran with the Tribes client.
For Base dedicated servers, create a shortcut and run a command line argument as with Infinite Spawn.
Example target line: c:\server\dosfixis.exe +exec serverprefs -dedicated
For dedicated servers running a mod, create a shortcut to DosFixis.exe as with the base server, and add an argument to run the mod, much like Infinite Spawn.
Example target line: c:\server\dosfixis.exe +exec serverprefs -mod annihilation -dedicated
The current version of DosFix can be found here.This is the Final Nov 24, 2003 Release. Please send any bug reports to: NoFiX
Test your server here.