# srcdsreflection **Explanation** SRCDS, or the Source Dedicated Server, is a tool used by video game developers for hosting and managing multiplayer games. However, if left unsecured, attackers can exploit the protocol and use it to reflect and amplify DDoS attacks. This event triggers when the Fusion Portal detects a large amount of traffic going to SRCDS servers in a short amount of time. The event is designed to help security teams identify and remediate these types of attacks quickly. **What to Look For** If the srcdsreflection event triggers, security teams should investigate the source of the traffic and determine if it is a legitimate user or a malicious attacker. They should look for a large amount of traffic originating from a single IP address or a small number of IP addresses. They should also check if the SRCDS servers are secured properly, and update any security settings to prevent future attacks. Finally, the team should consider implementing a DDoS protection solution to prevent future SRCDS reflection attacks from causing damage to their network. **Related MITRE ATT\&CK Categories** [Impact: Network Denial of Service, Technique T1498 - Enterprise](https://attack.mitre.org/techniques/T1498) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.fusion.vectra.ai/detection-models/library/denial-of-service/srcdsreflection.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.