English D-Dos issues

16 replies
Goto Page
To the start Previous 1 Next To the start
14.03.18 06:16:01 am
Up
pepinakiller
User
Offline Off
Hello, the servers in this days are getting ddosed every fucking minute, so i was thinking and i found the program that they (or atleast the majority) is the RoDioN exe. What about add some detector for this program and when the game detect that the .exe is running just crash the game... I can provide the program link.. This shit is killing the game again and you can see it on the amount of players playing.
fafafa
14.03.18 08:43:01 am
Up
Talented Doge
User
Offline Off
You can actually DoS a server simply with cmd.exe if you know the IP of the server.

Implementing such feature is pointless if you've got some common sense.
14.03.18 04:18:50 pm
Up
M3_Quick
User
Offline Off
@user pepinakiller: this program only affects Linux servers, and it is not ddos, only crashes the server without massive packages.
@user Talented Doge: I think you're the one with no common sense.
14.03.18 08:05:33 pm
Up
DC
Admin
Online On
@user pepinakiller: A DDoS attack is a remote attack. The attacking program does not run on the local machine. Hence you can't check if it's running.

There is no effective protection against DDoS. Otherwise DDoS wouldn't be such a huge problem...

Can you send me the source where you found the program? I can try to take it offline.
www.UnrealSoftware.de | www.CS2D.com | www.CarnageContest.com | Use the forum & avoid PMs!
15.03.18 12:25:35 am
Up
pepinakiller
User
Offline Off
@DC Yeah i'll pm you
fafafa
15.03.18 12:13:22 pm
Up
abc123
GAME BANNED
Offline Off
I mean, the servers do get ddosed but... its not that big of a problem for me.
Why did u revive the game again?
15.03.18 10:56:39 pm
Up
pepinakiller
User
Offline Off
Well, nice bro, for many others this is a really problem
edited 1×, last 15.03.18 11:50:37 pm
fafafa
16.03.18 04:22:00 pm
Up
Hajt
User
Offline Off
This program send that udp packet:

Code:
1
2
3
4
5
6
7
8
48299     16.922447     192.168.178.22     77.55.227.56     UDP     42     50159 → 36964 Len=0


0000   90 6e bb d9 6a 1b d4 6a 6a 79 99 2f 08 00 45 00  .n..j..jjy./..E.
0010   00 1c 2c 51 00 00 80 11 6b 51 c0 a8 b2 16 4d 37  ..,Q....kQ....M7
0020   e3 38 c3 ef 90 64 00 08 08 5b                    .8...d...[

906ebbd96a1bd46a6a79992f08004500001c2c51000080116b51c0a8b2164d37e338c3ef90640008085b


You can block that packet data in iptables to avoid that "DoS attack".
16.03.18 05:12:49 pm
Up
SkullFace
User
Offline Off
I've found this website.
I'm no Linux expert, but could these command lines from this website help ?

> https://javapipe.com/ddos/blog/iptables-ddos-protection/

As I'm also experiencing D-Dos issues
edited 1×, last 16.03.18 05:48:37 pm
IMG:https://i.imgur.com/kZBVkjM.gif
P.S. - I've been extracting recently enviromental sound files from other games, if anyone is interested in them for adding them to their maps, scripts, PM me
16.03.18 10:02:45 pm
Up
mrc
User
Offline Off
user Hajt has written:
This program send that udp packet:

Code:
1
2
3
4
5
6
7
8
48299     16.922447     192.168.178.22     77.55.227.56     UDP     42     50159 → 36964 Len=0


0000   90 6e bb d9 6a 1b d4 6a 6a 79 99 2f 08 00 45 00  .n..j..jjy./..E.
0010   00 1c 2c 51 00 00 80 11 6b 51 c0 a8 b2 16 4d 37  ..,Q....kQ....M7
0020   e3 38 c3 ef 90 64 00 08 08 5b                    .8...d...[

906ebbd96a1bd46a6a79992f08004500001c2c51000080116b51c0a8b2164d37e338c3ef90640008085b


You can block that packet data in iptables to avoid that "DoS attack".


Would be like this?

$IPT -A INPUT -p udp -m udp --sport 42 -j DROP
$IPT -I INPUT -s 77.55.227.56 -j DROP
CS2D World @ www.CS2D.com.br
16.03.18 10:23:31 pm
Up
BcY
User
Offline Off
iptables -A INPUT -s IP-ADDRESS -j DROP
then you should save it;
iptables-save
IMG:http://banners.gametracker.rs/80.211.180.243:27015/small/red/banner.jpg
17.03.18 09:12:53 am
Up
SkullFace
User
Offline Off
I'm experiencing issues with my server, not sure if it's D-Dos.
Problem is, I start the server, it looks healthy. No lag, nothing. Works perfect. When you get a couple of players inside, it runs for some minutes and then server goes down. I've checked for logs for any kind of error report but it doesn't show anything.

Now, I'm not sure if that is a D-Dos or actual error on my server.
IMG:https://i.imgur.com/kZBVkjM.gif
P.S. - I've been extracting recently enviromental sound files from other games, if anyone is interested in them for adding them to their maps, scripts, PM me
17.03.18 10:24:15 am
Up
Fraizeraust
Moderator
Offline Off
user SkullFace has written:
I'm experiencing issues with my server, not sure if it's D-Dos.

To see whether it was a (D)DoS or not you have to understand one thing:

> (D)DoS attacks are coming from multiple sources involving a large (or not so large) squad of botnets which are infected computers controlled remotely by the attacker. Unless the attack was coming from only a single source then it is just plain DoS.

The matter that your server goes down after several minutes is partly because your VPS has very weak system specifications such as weak CPU, low RAM, etc. If you run heavy Lua scripts and other heavy resources then that is understandable.

@user pepinakiller: A software can't deploy (D)DoS attacks (see my argument regard this above). This is just wrong. The problem you described is actually because of DoS attacks coming from a single source that affect other servers.

This can be tackled with proper firewall configuration but looks like most of people hosting servers have no freaking clue what are the security implications of a unsecured VPS/server. Instead of becoming a drama queen, you should rather learn and stop moaning all over. It won't work.
17.03.18 11:12:25 am
Up
Hajt
User
Offline Off
user mrc has written:
user Hajt has written:
This program send that udp packet:

Code:
1
2
3
4
5
6
7
8
48299     16.922447     192.168.178.22     77.55.227.56     UDP     42     50159 → 36964 Len=0


0000   90 6e bb d9 6a 1b d4 6a 6a 79 99 2f 08 00 45 00  .n..j..jjy./..E.
0010   00 1c 2c 51 00 00 80 11 6b 51 c0 a8 b2 16 4d 37  ..,Q....kQ....M7
0020   e3 38 c3 ef 90 64 00 08 08 5b                    .8...d...[

906ebbd96a1bd46a6a79992f08004500001c2c51000080116b51c0a8b2164d37e338c3ef90640008085b


You can block that packet data in iptables to avoid that "DoS attack".


Would be like this?

$IPT -A INPUT -p udp -m udp --sport 42 -j DROP
$IPT -I INPUT -s 77.55.227.56 -j DROP


No. As you can see packet length is 0 so this should enough:
Code:
1
iptables -A INPUT -p udp -m length --length 0:28 -j DROP
17.03.18 11:20:17 am
Up
abc123
GAME BANNED
Offline Off
Is this being added or implemented or whatever the word is?
Why did u revive the game again?
19.03.18 01:50:42 am
Up
mrc
User
Offline Off
@user Hajt:
it prevents some attacks, but others not... My server is getting ddosed (cpu high load), meh...
edited 2×, last 19.03.18 02:58:45 am
CS2D World @ www.CS2D.com.br
21.03.18 03:37:20 pm
Up
autimatic
User
Offline Off
I think, this ddos protector can "destroy" small ddos attacks.
If there is an experienced ddoser in cs2d, I think, this program can't be stronger than ddoser.
But keep going with ideas about Anti-Ddos things.
hha got em
To the start Previous 1 Next To the start