Binny

I neither denied it nor accepted responsibility for it, I'm simply pointing out why it was your responsibility to fix the security hole, and how referencing it as illegal was technically incorrect. I don't really have any other points to make other than: suck it

I've read those cases previously as well, the reason I didn't mention them is that in cases following that one it has only ever been used to hold people responsible for email flooding, no other kind of data has ever or likely will ever be prosecuted in the same manner. The only illegal DOS you mentioned (that doesn't even fall in to the category of what your original post details the attack was) is the saturation of a downstream connection via massive numbers of connection requests, this is typically done by utilizing TCP SYN packets and is not relevant to the aforementioned attack.

In a getstatus flood only 150-200kbps worth of getstatus packets must be send to the server, the server then floods it's own upstream connection with the responses. The actual denial of service was caused by your application, and not the large number of incoming getstatus packets, so no mentioned law (or even any that I'm aware of) constitute it as a denial of service. You were denying yourself service.

I see a set of IP addresses requesting status packets & your server returning normal status packets. Considering every JKA client does the same thing when connecting to or requesting information about a server on the master list I'm not sure what exactly you're claiming was done that was legally questionable?

There's a strict set of rules about what you can and cannot legally do on the internet, you cannot access a computer system you were not authorized to access, you cannot execute code on a server you were not authorized to access, you cannot share copyrighted content, and you cannot knowingly disrupt, damage, or access a 'Federally Protected Computer' which basically means any Govt computers, or FDIC insured bank computers.

One thing you definitely can do legally is send legitimate requests for information (at any rate, even if the server at the receiving end cannot handle the requests and freezes or crashes), which is what we see done in the original post. This is perfectly legal and the responsibility of the server operator to make sure they don't use a piece of software vulnerable to being DOS'd by legitimate traffic. Unfortunately that puts the burden of blocking any security holes on outdated software like Jedi Academy squarely on you, Sgt.Pepper, the server owner's shoulders.

I suggest taking the time to read computer security law before embarrassing yourself further by forwarding your claims of illegal activity to any of these servers providers.

I figured it out. Thanks for the input guys

It is purely server side, but like I also said Jenova has somehow increased the hard cap, defined in q_shared.h #DEFINE MAX_CLIENTS "32" but changing that value to more than 32 doesnt let the server use more than 32 slots.

I see Jenova Lugormod exceeding 32 players, and the max says 64. Any ideas how they did this? I would put a 100ish slot server on the list and keep it populated in exchange for any hints in the right direction.

Luckily it started pretty much the same day school started again so I've been too busy for so long it seems to have fixed it self. It detected I got pissed I guess, since it fixed the same day I complained about it.

LOL your right Wovian Source is back on the master list, along with my two other servers on that box Masterful Dojo and Binnys Instagib. All 3 are showing up today like nothing happened after 30 days of not showing up. Trippy. I'ma disable iptables for long enough for it to get a solid heartbeat out, see if it fixes my other 3.

It's back on the list? Well that's at least a good sign, but none of my 1.01 servers are showing up. I'd say maybe its the master server conflicting from a 1.00 and 1.01 on the same IP, but my other server only has 3 1.01 servers on it.

I should have put in my post that I'd completely disabled IPTables prior to this testing, and that they have consistently not been on the list for a clean 30 days now, except for Wovian Source apparently.

I would happilly use JKHub and my own master servers but the issue isn't them not working, its that not enough people have those masterlists added to their clients, and thus I don't think I'd get much traffic from it. I might try it just for the sake of it anyway, for some reason the default masterlist selection has

sv_master1 "masterjk3.ravensoft.com"

and 

sv_master5 "63.146.124.53"

Which are the same address...

I've hosted several servers among two different Virtual Private Servers, located in different datacenters, for several months now. For the first month, maybe two, they ran perfectly, appeared on the master list and so forth, but more recently they haven't been showing up on the master list at all, all 6 of them. I'm thinking the master list has banned my servers IP addresses for some reason, although I cannot fathom why.

Supporting me thinking that is the following:

When are user (first IP) or say a tracking list like Gametracker (bottom IP) requests server information it typically sends a 14 byte packet asking for it, and my server promply responds with a 790-800 byte serverinfo packet. As seen below.