"In an advisory posted to the company's Web site, security consultancy PivX Solutions stated that popular multiplayer games that have servers supporting the GameSpy network--such as "Quake 3: Arena," "Unreal Tournament 2003" and "Battlefield 1942"--could be used to magnify a denial-of-service attack, in some cases by as much as 400 times...... "As a basic rule of thumb, if it supports GameSpy, it will likely be vulnerable," Mike Kristovich, a security researcher for PivX, said in a statement."
"This vulnerability spans many games across multiple platforms. It is based upon UDP spoofing, certainly not a new trick in the black bag of any computer expert. Steve Gibson of GRC research as a good write-up on packet spoofing, as he himself fell victim to this tactic in 2001. Firewalls cannot always protect against packets that are forged as legitimate traffic on standard ports. "A personal firewall will such as ZoneAlarm will not prevent this DoS, as it is simply a flood of information being sent directly to the victim's computer." Describes Mr. Kristovich."
Potentially scary stuff for many of our readers. Want to discuss this? Do so here.