Forum

> > CS2D > General > D-Dos issues
Forums overviewCS2D overviewGeneral overviewLog in to reply

English D-Dos issues

16 replies
To the start Previous 1 Next To the start

old D-Dos issues

pepinakiller
User Off Offline

Quote
Hello, the servers in this days are getting ddosed every fucking minute, so i was thinking and i found the program that they (or atleast the majority) is the RoDioN exe. What about add some detector for this program and when the game detect that the .exe is running just crash the game... I can provide the program link.. This shit is killing the game again and you can see it on the amount of players playing.

old Re: D-Dos issues

Talented Doge
User Off Offline

Quote
You can actually DoS a server simply with cmd.exe if you know the IP of the server.

Implementing such feature is pointless if you've got some common sense.

old Re: D-Dos issues

DC
Admin Off Offline

Quote
@user pepinakiller: A DDoS attack is a remote attack. The attacking program does not run on the local machine. Hence you can't check if it's running.

There is no effective protection against DDoS. Otherwise DDoS wouldn't be such a huge problem...

Can you send me the source where you found the program? I can try to take it offline.

old Re: D-Dos issues

abc123
GAME BANNED Off Offline

Quote
I mean, the servers do get ddosed but... its not that big of a problem for me.

old Re: D-Dos issues

pepinakiller
User Off Offline

Quote
Well, nice bro, for many others this is a really problem
edited 1×, last 15.03.18 11:50:37 pm

old Re: D-Dos issues

Hajt
User Off Offline

Quote
This program send that udp packet:

1
2
3
4
5
6
7
8
48299	16.922447	192.168.178.22	77.55.227.56	UDP	42	50159 → 36964 Len=0


0000   90 6e bb d9 6a 1b d4 6a 6a 79 99 2f 08 00 45 00  .n..j..jjy./..E.
0010   00 1c 2c 51 00 00 80 11 6b 51 c0 a8 b2 16 4d 37  ..,Q....kQ....M7
0020   e3 38 c3 ef 90 64 00 08 08 5b                    .8...d...[

906ebbd96a1bd46a6a79992f08004500001c2c51000080116b51c0a8b2164d37e338c3ef90640008085b

You can block that packet data in iptables to avoid that "DoS attack".

old Re: D-Dos issues

mrc
User Off Offline

Quote
user Hajt has written
This program send that udp packet:

1
2
3
4
5
6
7
8
48299	16.922447	192.168.178.22	77.55.227.56	UDP	42	50159 → 36964 Len=0


0000   90 6e bb d9 6a 1b d4 6a 6a 79 99 2f 08 00 45 00  .n..j..jjy./..E.
0010   00 1c 2c 51 00 00 80 11 6b 51 c0 a8 b2 16 4d 37  ..,Q....kQ....M7
0020   e3 38 c3 ef 90 64 00 08 08 5b                    .8...d...[

906ebbd96a1bd46a6a79992f08004500001c2c51000080116b51c0a8b2164d37e338c3ef90640008085b

You can block that packet data in iptables to avoid that "DoS attack".


Would be like this?

$IPT -A INPUT -p udp -m udp --sport 42 -j DROP
$IPT -I INPUT -s 77.55.227.56 -j DROP

old Re: D-Dos issues

BcY
Reviewer Off Offline

Quote
iptables -A INPUT -s IP-ADDRESS -j DROP
then you should save it;
iptables-save

old Re: D-Dos issues

Casper-
User Off Offline

Quote
I'm experiencing issues with my server, not sure if it's D-Dos.
Problem is, I start the server, it looks healthy. No lag, nothing. Works perfect. When you get a couple of players inside, it runs for some minutes and then server goes down. I've checked for logs for any kind of error report but it doesn't show anything.

Now, I'm not sure if that is a D-Dos or actual error on my server.

old Re: D-Dos issues

GeoB99
Moderator Off Offline

Quote
user Casper- has written
I'm experiencing issues with my server, not sure if it's D-Dos.

To see whether it was a (D)DoS or not you have to understand one thing:

> (D)DoS attacks are coming from multiple sources involving a large (or not so large) squad of botnets which are infected computers controlled remotely by the attacker. Unless the attack was coming from only a single source then it is just plain DoS.

The matter that your server goes down after several minutes is partly because your VPS has very weak system specifications such as weak CPU, low RAM, etc. If you run heavy Lua scripts and other heavy resources then that is understandable.

@user pepinakiller: A software can't deploy (D)DoS attacks (see my argument regard this above). This is just wrong. The problem you described is actually because of DoS attacks coming from a single source that affect other servers.

This can be tackled with proper firewall configuration but looks like most of people hosting servers have no freaking clue what are the security implications of a unsecured VPS/server. Instead of becoming a drama queen, you should rather learn and stop moaning all over. It won't work.

old Re: D-Dos issues

Hajt
User Off Offline

Quote
user mrc has written
user Hajt has written
This program send that udp packet:

1
2
3
4
5
6
7
8
48299	16.922447	192.168.178.22	77.55.227.56	UDP	42	50159 → 36964 Len=0


0000   90 6e bb d9 6a 1b d4 6a 6a 79 99 2f 08 00 45 00  .n..j..jjy./..E.
0010   00 1c 2c 51 00 00 80 11 6b 51 c0 a8 b2 16 4d 37  ..,Q....kQ....M7
0020   e3 38 c3 ef 90 64 00 08 08 5b                    .8...d...[

906ebbd96a1bd46a6a79992f08004500001c2c51000080116b51c0a8b2164d37e338c3ef90640008085b

You can block that packet data in iptables to avoid that "DoS attack".


Would be like this?

$IPT -A INPUT -p udp -m udp --sport 42 -j DROP
$IPT -I INPUT -s 77.55.227.56 -j DROP


No. As you can see packet length is 0 so this should enough:
1
iptables -A INPUT -p udp -m length --length 0:28 -j DROP

old Re: D-Dos issues

mrc
User Off Offline

Quote
@user Hajt:
it prevents some attacks, but others not... My server is getting ddosed (cpu high load), meh...
edited 2×, last 19.03.18 02:58:45 am

old Re: D-Dos issues

NoTy
User Off Offline

Quote
I think, this ddos protector can "destroy" small ddos attacks.
If there is an experienced ddoser in cs2d, I think, this program can't be stronger than ddoser.
But keep going with ideas about Anti-Ddos things.
To the start Previous 1 Next To the start
Log in to replyGeneral overviewCS2D overviewForums overview