1 
Offline
So, is there a way to prevent the attack? I once saw topics about IP tables, are they effective?
Forum
CS2D
Scripts ddos attack
ddos attack
21 repliesSo, is there a way to prevent the attack? I once saw topics about IP tables, are they effective?
BcY: Well, flood protection is to prevent the people who try to crash the server with a bunch of messages.His server crashed --> potential cause (probably not) --> related to topic.
BcY has writtenWhat is the point with stating that floodprot is 1 about the ddos attack?
What is the point of bitching about something irrelevant while you clearly have not a single clue about the topic?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
#!/bin/bash IPT="/sbin/iptables" DNS_SERVER="8.8.4.4 8.8.8.8" $IPT -F for ip in $DNS_SERVER do echo "Allowing DNS lookups (tcp, udp port 53) to server '$ip'" $IPT -A OUTPUT -p udp -d $ip --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT $IPT -A INPUT -p udp -s $ip --sport 53 -m state --state ESTABLISHED -j ACCEPT $IPT -A OUTPUT -p tcp -d $ip --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT $IPT -A INPUT -p tcp -s $ip --sport 53 -m state --state ESTABLISHED -j ACCEPT done $IPT -A INPUT -p udp -m udp --sport 19 -j DROP $IPT -A INPUT -p udp -m udp --sport 53 -j DROP $IPT -A INPUT -p udp -m udp --sport 1434 -j DROP $IPT -A INPUT -p udp -m udp --sport 137:138 -j DROP $IPT -A INPUT -p udp -m udp --sport 123 -j DROP $IPT -A INPUT -p udp -m udp --sport 111 -j DROP $IPT -A INPUT -p udp -m udp --sport 161:162 -j DROP $IPT -A INPUT -p udp -m udp --sport 1900 -j DROP $IPT -A INPUT -p udp -m udp --sport 27005 -j DROP $IPT -A INPUT -p udp -m string --string "SAMPY" --algo bm --to 60 -j DROP $IPT -A INPUT -p udp -m string --string "HTTP/1.1 200 OK" --algo bm --to 75 -j DROP $IPT -A INPUT -p udp -m length --length 0:28 -j DROP
Type your DNS IP in
DNS_SERVERvariable in script or keep google dns and override the DNS nameserver on your VPS. And then execute script.
mp_floodprot was mentioned: It is for DoS attacks only and since it's in the program logic it can only help to a certain extent. When there's too much traffic it will overload/kill CS2D/the CPU anyway. Also it doesn't help efficiently against DDoS at all. In other words: It can potentially help if the flood comes from one origin IP address and isn't super strong but most likely doesn't help enough when multiple different origin IP addresses are involved in the attack. Quattro also you don't know anything about security nor ddos attacks. I've been around here since 2012, hosted servers, been through every kind of attacks since then. Please listen people, if you don't know anything about the point then be respectful. Peace! 
) on some old game daily?I think it was DoS attack and I even got an IP of the suspected guy. If IP tables can help dealing with that 1 guy I must learn to use it.
@
BcY: I am very rude sometimes but only if someone is rude at me 
Your reply made it obvious you are experienced yet instead of helping you wrote something to make fun of the topic. That's not cool 
Quattro: And you're also dumb, unfortunately. He wasn't rude to you, but you were. He just asked something. If you want to know something which is not "cool"; this - what you did - is not cool. Masea:I guess you can read it like that too, my bad.
Stop being fucking retards and help him out. Gosh.
Now you always find people on fun servers and some standard ones.
Yates has writtenQuattro stated all bits of information to make it easier for people to help him out. Asking why he provided a specific bit of information is plain dumb, he thought it would help you help him; that's why.
I (
BcY) don't know why he did that, and I asked him. And you tell me "retard". I think I have to lol now so bad. Thanks.Ah! And that;
Yates has writtenGosh.
Masea has writtenAnd what if "a specific bit of information" is not true?... Lol. He didn't even know what was he doing which I can get since it is not a thing for that situation he gets.
Exactly. He provided the information he thought was relevant. You already know half the issue based on the title alone, you know the rest by reading the thread post. You can determine with both of these that Quattro believes it to be necessary information for people willing to help him out. Whether it actually is necessary or even related at all does not matter, asking about it makes no sense.
Just say "Hey, [this and that] won't do you any good because [reason]. (Try this out instead: [...])"
Congratulations, you've now learnt how to assess the intent of a question ¯\_(ツ)_/¯
I shouldn't have answered rude to bcy just because he questioned the topic
Yates has writtenasking about it makes no sense.
mp_floodprot is for only DoS attacks but I see someone who uses this command for DDoS attacks, hence I ask him why he uses it. Why? Because I could have known wrong and he can answer me and fix my wrong (if it is).By the way, let me just do that once again:
Yates has writtenGosh.
Wow, it feels damn good, thanks!
Masea: Yeah or you can be sensible and just look at DC's post. Pretty much sums up how to respond.You know what he is trying to use it for, so you know whether it will help or not. Tell him why he should be doing something else instead of asking about something you already know the answer to (unless you're an idiot, but I mentioned it in my previous posts so I've got your back. Go check 'em out).
Gosh
Yates: You miss a single thing though. Of course, you have unlimited styles of responding which some of them are bad and some of them are good - which depends on people - I don't care. What I do care is Quattro (and also you by saying "retarded") was just so rude which is meaningless in this case, you know. See when and where I came into this thread. You'll definitely see it all happened after Quattro being like that.On the other hand, I don't even know why you are here. What you say after the main thing is done mean just bullshit to me.
But I'm comfy now since
Quattro has accepted his wrong and we're all good (I think).Gosh
Masea has writtenOn the other hand, I don't even know why you are here. What you say after the main thing is done mean just bullshit to me.
Because the matter was already resolved before you replied (he explained the reason why he reacted that way and basically apologised). It seemed as if you didn't get the memo.
We all know you of all people need things explaining to you ten times. Pretty sure everyone could vouch for that.
edited 1×, last 06.07.18 09:46:34 pm