>>>>> "Auriemma" == Auriemma Luigi <aluigi@pivx.com> writes: Auriemma> Yeah, seems that DDoS attacks will never die and in these Auriemma> months seems that every game can be used for launch DDoS Auriemma> attacks... One could argue that using _D_DoS term here is a misnomer. The attack will not be truly distributed since there is only a handful of attacking hosts (Master Servers). And what's even better they all are under control of their respective owners that probably will care if most of their bandwidth will be consumed by rogue traffic. Yet I agree that the approach allows for bandwidth magnification since the Master Servers will probably have far better connectivity than an average script kiddie. Turning to mitigation techniques one could further argue that the server operators could improve their software resistance to this kind of abuse _without_ abandoning UDP or introducing a handshake. They will need to introduce rate limiting provisions into their code such that each IP address can request the server list only once in a certain period of time. It is possible though that with a certain combination of parameters (number of IP addresses kept, keep-alive period) this mitigation technique may become more resource intensive for the operator than switching to TCP. Bye Greg