Spring RTS Engine

The attack type I'm concerned with here is one or more accounts sending a PM to everyone in lobby simultaneously... Can the current anti-spam catch spam if it's spread out across multiple accounts?

I think this would be caught only if the volume of data sent was an issue. I never came across a global filter on message rate per user, just per channel filters. (https://github.com/spring/uberserver/bl ... nt.py#L194)

As said above, automated kicks/bans of VPNs/proxies by a bot is not an effective defence against server wide spam/ddos - irrespective of the flaws detailed above. A message rate per user spam filter seems simple to implement in uberserver but the number of times this type of spam was tried in the past is small and I guess no-one bothered/asked for one.

Join a room with lots of accounts and now you can win every vote.

Afaik only Springie hosts are vulnerable to this and as said above it is easily dealt with (and not a VPN/proxy specific issue).

Afaik only Springie hosts are vulnerable to this and as said above it is easily dealt with (and not a VPN/proxy specific issue).

How does SPADS fix this?

With configurable

silentwings wrote:- restrict voting rights, rights to call votes, or give any other commands, or even join the battleroom, based on ingame time, player/spec/ingame status