Argonath RPG - A World of its own
GTA:SA => SA:MP - San Andreas Multiplayer => SA:MP General => Topic started by: bedro on April 17, 2012, 07:06:01 pm
-
Guys, head admin anybody. The server is lagging as hell, and nobody is doing anything?
Are you admins doing anything to stop the dossers? Because today I saw it was a dossing evert.
Are you admins even there?
-
Whats dossing? :neutral:
-
Whats dossing? :neutral:
http://en.wikipedia.org/wiki/Denial-of-service_attack (http://en.wikipedia.org/wiki/Denial-of-service_attack)
That's denial of service :mad:
-
DDoS stands for Distributed Denial of Service attack. Google can help explain that one.
As for the lag, MTA:VC is affected too. They appear to be attacking the IP address directly, so all the servers on it are being affected.
-
And who told you the servers got DDoS'ed? If not an owner has confirmed it you can't know for certain.
-
Well, why aren't you admins routeblocking their access? Does the server even have a firewall?
You know if you a keep server like that you gotta be prepared for attacks. I suggest you guys ban their ip ranges.
-
And who told you the servers got DDoS'ed? If not an owner has confirmed it you can't know for certain.
It's a DDoS or some kind of network/server failure. It is affecting all the game servers on that IP address, and there is more than one physical system hosting game servers on that IP.
Well, why aren't you admins routeblocking their access? Does the server even have a firewall?
You know if you a keep server like that you gotta be prepared for attacks. I suggest you guys ban their ip ranges.
For security reasons, only the Server Owners have the powers to do what you have suggested. The servers do also have firewalls, but no firewall in the world, no matter what they may claim, can successfully block even small DoS or DDoS attacks. It's impossible.
No worries anyway. The Server Owners will drop their doom hammers down upon the offenders once they wake up in the morning. :lol:
-
So what you're basicly saying is that you're not gona be able to do anything to it?
If it's server hosted from a company, contact the company who hosts it and make a complaint!
For it really isn't nice to play on a lagging server like that. I mean sue them. Dossin' in illegal, punishable.
Post Merge: April 17, 2012, 07:19:01 pm
And who told you the servers got DDoS'ed? If not an owner has confirmed it you can't know for certain.
Well, of course if you wana be sceptical that's fine for me. But I just guessed. I think all the sympthoms are clear.
The lag isn't continues, just partial.
I know what kind of lag a dossing attack makes.
And I took a picture when playing on the server. There was also a fake player attack on the server.
-
So what you're basicly saying is that you're not gona be able to do anything to it?
If it's server hosted from a company, contact the company who hosts it and make a complaint!
For it really isn't nice to play on a lagging server like that. I mean sue them. Dossin' in illegal, punishable.
Post Merge: April 17, 2012, 07:19:01 pm
Well, of course if you wana be sceptical that's fine for me. But I just guessed. I think all the sympthoms are clear.
The lag isn't continues, just partial.
I know what kind of lag a dossing attack makes.
And I took a picture when playing on the server. There was also a fake player attack on the server.
No matter how big or small a DDoS is, because of the number of zombie computers involved, it is impossible to trace because none of them may even be owned by the original attacker. Plain DoS'ing is a different story, but those kinds of attacks rarely even cause lag with today's technology in computers.
As for the hosting company, the Server Owners ARE the hosting company! :lol:
DDoS'ing may be illegal, but when you have no proof of who is doing it, it's impossible to punish them. There are also, unfortunately, many countries that do not recognize internet crime as real crime, so they have no laws against that kind of stuff, so no actions can be taken. This is especially common in third world countries where the internet is not very accessible amongst the general population.
Don't worry, though! The Server Owners will block these guys when they wake up in the morning. These guys are not the first, and definitely are not the worst, that Argonath RPG has ever seen. ;)
-
Any attacker who attacks or threats the server is routeblocked almost instantly.
The problem is that it takes no effort what-so-ever for the attacker to change his entire IP, or hiding behind different proxies.
Sure, we could block all IP's from accessing the servers, that would stop the attacks. Too bad that after that no one else could join server either.
Changing the server IP is out of question, as it would require days of work. Even changing the port on servers takes several hours and is highly unpractical for both server owners and players. Oh and yes, we do have a firewall, but it doens't help much against DDoS -attacks, as they mainly are directed to the server IP and the specific server port or range of ports. Meaning the attackers are simply assigning a DDoS attack to the IP you use as well to connect to the server.
We do also take actions against our attackers. Tracing their IP and origin is easy, but as they mostly use a chain of several proxy's, tracking their country, city and finding out their personal information is almost impossible. Sometimes we do get attackers, who make the mistake in using their own IP, in which case we do take legal actions via the attacker's ISP.
Hopefully this clears the situation up to you a bit more and the reasons why preventing attacks towards the servers is nothing but easy.
Also, those who are attacking us are mostly just jealous of our community and/or have been banned from one of our servers. DDoS -attacks are just the easiest way for them to cause trouble for us.
Oh and just mentioning, all the community's servers (9 in total) are hosted by the owners themselves, who pay for it mainly from their own salary, money that is away from their wifes and kids.
-
Let me make a simple fact known here.
When the SA:MP Server temporarily shifted to the new port, It was LAGLESS , really, after a very long time, The server was lagless with no lag on it!
-
DDos atack is one of the most powerfull hacker's weapon.
Its almost impossible to stop and track real ip.
Easier to track real ip (very hard) and kill the guy instead of stopping lol.
-
Any attacker who attacks or threats the server is routeblocked almost instantly.
The problem is that it takes no effort what-so-ever for the attacker to change his entire IP, or hiding behind different proxies.
Sure, we could block all IP's from accessing the servers, that would stop the attacks. Too bad that after that no one else could join server either.
Changing the server IP is out of question, as it would require days of work. Even changing the port on servers takes several hours and is highly unpractical for both server owners and players. Oh and yes, we do have a firewall, but it doens't help much against DDoS -attacks, as they mainly are directed to the server IP and the specific server port or range of ports. Meaning the attackers are simply assigning a DDoS attack to the IP you use as well to connect to the server.
We do also take actions against our attackers. Tracing their IP and origin is easy, but as they mostly use a chain of several proxy's, tracking their country, city and finding out their personal information is almost impossible. Sometimes we do get attackers, who make the mistake in using their own IP, in which case we do take legal actions via the attacker's ISP.
Hopefully this clears the situation up to you a bit more and the reasons why preventing attacks towards the servers is nothing but easy.
Also, those who are attacking us are mostly just jealous of our co
Oh and just mentioning, all the community's servers (9 in total) are hosted by the owners themselves, who pay for it mainly from their own salary, money that is away from their wifes and kids.
Well, that's a pretty pessimistic view isn't is. What about black listing ? And if they're simple trollers, so use better firewall detection. There's things you can do against dossin' you know.
-
Well, that's a pretty pessimistic view isn't is. What about black listing ? And if they're simple trollers, so use better firewall detection. There's things you can do against dossin' you know.
Seeing you're an expert on the subject, I'd recommend sending a PM with list of suggestions and solutions to the owners. :roll:
-
Blacklisting, banning, and blocking all have the same effect. :roll:
Let me make a simple fact known here.
When the SA:MP Server temporarily shifted to the new port, It was LAGLESS, really, after a very long time, The server was lagless with no lag on it!
There were also very few players on it at the time, which is why the scripts had no lag either. :lol:
-
Let me make a simple fact known here.
When the SA:MP Server temporarily shifted to the new port, It was LAGLESS , really, after a very long time, The server was lagless with no lag on it!
And the fact that the attacker during that day was only attacking the SA:MP server port of 7777. :lol:
-
A big request to admins. Will say it in Russia, as Gandalf should understand it
ÕÑÂÂûø ÑÂÂтþт ÃÂâ€ÂÃÂâ€Âþáõр öøòõт ò ÿрõôõûðх 500 úü þт ÃÂœþÑÂÂúòы - ÑÂÂúøýь ðùÿø, чõрõ÷ ñыòшых úþûûõó ÑÂÂþ ÑÂÂÿõцÑÂÂûуöñы ÿрþñью óôõ öøòõт ø рð÷ñõруÑÂÂÑŒ úþýúрõтýþ
-
A big request to admins. Will say it in Russia, as Gandalf should understand it
ÕÑÂÂûø ÑÂÂтþт ÃÂâ€ÂÃÂâ€Âþáõр öøòõт ò ÿрõôõûðх 500 úü þт ÃÂœþÑÂÂúòы - ÑÂÂúøýь ðùÿø, чõрõ÷ ñыòшых úþûûõó ÑÂÂþ ÑÂÂÿõцÑÂÂûуöñы ÿрþñью óôõ öøòõт ø рð÷ñõруÑÂÂÑŒ úþýúрõтýþ
There is no need for this post if nobody can understand it except russian people. Then PM it to russian people only. Dont post it on the forum where everybody can see it. Also, the rules says to speak english only on the forum.
-
A big request to admins. Will say it in Russia, as Gandalf should understand it
ÕÑÂÂûø ÑÂÂтþт ÃÂâ€ÂÃÂâ€Âþáõр öøòõт ò ÿрõôõûðх 500 úü þт ÃÂœþÑÂÂúòы - ÑÂÂúøýь ðùÿø, чõрõ÷ ñыòшых úþûûõó ÑÂÂþ ÑÂÂÿõцÑÂÂûуöñы ÿрþñью óôõ öøòõт ø рð÷ñõруÑÂÂÑŒ úþýúрõтýþ
If this DDoSer lives within 500 km from Moscow - Throw ip, through former colleagues from the security forces break through where he lives and will deal specifically
Yes, I'm sure people want gandalf wants a silly mad kid to be killed.
-
Seeing you're an expert on the subject, I'd recommend sending a PM with list of suggestions and solutions to the owners. :roll:
Maybe I'll do so.
-
And the fact that the attacker during that day was only attacking the SA:MP server port of 7777. :lol:
Thats true, How about permanent shifting?
-
Simple as it sound and everything may be glorious afterwards Matt, the person will find out we've moved and start all over again. We've also had this IP for some years now, and it'snot going to change because of an upset individual(If this is even the cause). Same goes for port changing.
-
Thats true, How about permanent shifting?
The shifting of the port is how we got rid of the DDOS attack.
Initially it was directed towards the 7777 port only, and the 8777 was free of problems.
After a short while both ports were targeted, then a wider range...then it stopped. Probably he ran out of credit.
S1mon, thanks for the offer. We do have our own connections as well there ;)
To the OP: a DOS attack when found is standard answered by a routeblock and abuse report to the provider with low-level logs. A DDOS attack that exceeds a certian amount of bytes is caught by the data center and handled the same way.
This leaves as only possibility a low-traffic DDOS/DOS attack that causes lag. It is annoying, but other than that causes no damage. Any known source is blocked and reported, that is all we can do.
The only option would be to change the server to an opt-in system where you would have to verify your IP to a firewall rule before being able to enter. This would severly limit new players as well as players with a dynamic IP who would have to go through the verification process daily. For large business applications that is fine, for a game it is not feasible.
-
Not the first, or the last..through these years it is proven that a lot of people are loyal to this server for friendship and fun.
So yeah..
Argonath RPG - coming (http://www.youtube.com/watch?v=tuktCsz4jHM#)
-
The shifting of the port is how we got rid of the DDOS attack.
Initially it was directed towards the 7777 port only, and the 8777 was free of problems.
After a short while both ports were targeted, then a wider range...then it stopped. Probably he ran out of credit.
S1mon, thanks for the offer. We do have our own connections as well there ;)
To the OP: a DOS attack when found is standard answered by a routeblock and abuse report to the provider with low-level logs. A DDOS attack that exceeds a certian amount of bytes is caught by the data center and handled the same way.
This leaves as only possibility a low-traffic DDOS/DOS attack that causes lag. It is annoying, but other than that causes no damage. Any known source is blocked and reported, that is all we can do.
The only option would be to change the server to an opt-in system where you would have to verify your IP to a firewall rule before being able to enter. This would severly limit new players as well as players with a dynamic IP who would have to go through the verification process daily. For large business applications that is fine, for a game it is not feasible.
Many Database like MySQL or sqlite does have anti-DDOS software. But those software cost money then just buy and install them. I dont know what for database you are using but sems easy to hack beacuse 50 attack in one day is a record. Argonath is a popular coumminty and deserve better security. Also about ''Admins dont do anything'' Kojak picked some moderator just for make so the server gets more help. Maybe he picked wrong players. Back to DDOS attack again. If the server build many server like ''Facebook or Google'' Not exactly but as a example then no one can attack it with DDOS or hack it. For a half year ago someone hacked Aragorn hacked. That hacker banned all and i think all know that hack. In 2010 a hack made so they made a backup. You see the server changes and grows. But seriously needs to plan a better security.
Gandalf:
This is something you need to think about before RS5 is coming. Beacuse i know in RS5 you dont want this lag or hack thing. In RS5 you want a new start,new script,new thing and anti-lagg. That means you need to take a meeting with your Staff Crews and make a plan. Beacuse this is serious and need to be fix before it is late. Also back to admins again: I have seen many player are saying ''Manager/admins got a life too'' Then did they not pick wrong job? If you got a life or cant be online. Then why not just leave the job and be inactive so other active people can takeover. I see alot of people need help and many of them need managers. I know some managers have a other timezone that is good but what about them in Europe? They just have a account and never log in. Gandalf as i said you need to have a meeting. I think Kojak need to have a extra eye on those new moderator. I have seen some abusing but not shout in /p or something just have been quite. Beacuse i dont want to make it big. I hope i see some changes soon. =)
-
RS5 is a new script. As for things being Anti-lag, you will only know when the script is put through it's paces, just like the regular server.
-
A big request to admins. Will say it in Russia, as Gandalf should understand it
ÕÑÂÂûø ÑÂÂтþт ÃÂâ€ÂÃÂâ€Âþáõр öøòõт ò ÿрõôõûðх 500 úü þт ÃÂœþÑÂÂúòы - ÑÂÂúøýь ðùÿø, чõрõ÷ ñыòшых úþûûõó ÑÂÂþ ÑÂÂÿõцÑÂÂûуöñы ÿрþñью óôõ öøòõт ø рð÷ñõруÑÂÂÑŒ úþýúрõтýþ
And after that send me S1mon's IP and I will do the same to him :m4:
-
Many Database like MySQL or sqlite does have anti-DDOS software. But those software cost money then just buy and install them. I dont know what for database you are using but sems easy to hack beacuse 50 attack in one day is a record. Argonath is a popular coumminty and deserve better security. Also about ''Admins dont do anything'' Kojak picked some moderator just for make so the server gets more help. Maybe he picked wrong players. Back to DDOS attack again. If the server build many server like ''Facebook or Google'' Not exactly but as a example then no one can attack it with DDOS or hack it. For a half year ago someone hacked Aragorn hacked. That hacker banned all and i think all know that hack. In 2010 a hack made so they made a backup. You see the server changes and grows. But seriously needs to plan a better security.
Script-kiddies are not pr0-hackers. There has only been a "handful" of the top tier data-stealing attacks on Argonath since it opened. The current security has been upgraded recently and it is pretty solid after I was talking about it with Gandalf. DDoS attacks do not allow people to gain access to a website, the only purpose of a Distributed Denial of Service attack is to take a website or server offline by flooding it with data requests.
-
Script-kiddies are not pr0-hackers.
I am not pr0-hacker? :(
-
I am not pr0-hacker? :(
Nope, just a pr0-scripter.
-
I have seen some abusing but not shout in /p or something just have been quite. Beacuse i dont want to make it big. I hope i see some changes soon. =)
Send complaints with evidence and stick to the topic instead.
-
How about making the server FTP based? Players can only enter when verified with the site or something? I've seen RP servers with that.
-
How about making the server FTP based? Players can only enter when verified with the site or something? I've seen RP servers with that.
No... god no. This wouldn't stop the DDoSes anyway.
-
How so? I'm not really good at this, but please explain :I
Post Merge: April 18, 2012, 12:22:50 am
Shit just got interesting :lol:
-
Many Database like MySQL or sqlite does have anti-DDOS software.
There is no true solution to DDoS attacks. You can make many fancy scripts and/or programs that can recognize the common characteristics of attacks to block the IP's, but then you have to deal with false positives of users being blocked on accident, and even then you cannot fully stop the attack as it would be impossible to tell the difference between a normal user and a DDoS'ing computer if the IP's constantly change. Even humans can have trouble with that in a very large attack on an active server with many real users unless all of the zombie computers make themselves obvious in some way or another.
-
How so? I'm not really good at this, but please explain :I
Now I could attempt a lot of technical explanations about the nature of DoS attacks, port flooding, and relation to SA:MP scripts such as the "FTP-like login" you suggest which would be confusing and not help at all. Instead I have created a not-so-serious diagram that should get the point across.
(http://i.imgur.com/5v2OX.jpg)
And this is assuming the script kid isn't dumb enough to just target one port. :roll:
-
Ohh I get it.DDoser doesnt have to login...so FTP system would be useless :cool:
-
Ohh I get it.DDoser doesnt have to login...so FTP system would be useless :cool:
Exactly. They'd just DDoS the IP address like they are now. :lol:
-
Exactly. They'd just DDoS the IP address like they are now. :lol:
That's what I was thinking about :lol:
-
Simple as it sound and everything may be glorious afterwards Matt, the person will find out we've moved and start all over again. We've also had this IP for some years now, and it'snot going to change because of an upset individual(If this is even the cause). Same goes for port changing.
Indeed I agree, We can't be always shifting, We need to find a permanent solution to this. How about making Argonath a password protected locked server? Tho then new players will have trouble playing.
Something tells me, the attacker is in midst of us. Reading everything we speak on forums and everywhere. More like a banned old player.
-
Indeed I agree, We can't be always shifting, We need to find a permanent solution to this. How about making Argonath a password protected locked server? Tho then new players will have trouble playing.
Something tells me, the attacker is in midst of us. Reading everything we speak on forums and everywhere. More like a banned old player.
There's no way to stop it. There will always be people that attack the community maliciously out of jealousy. It's unfortunate, but no matter how many security methods you implement, they will find a way around them...
-
Many Database like MySQL or sqlite does have anti-DDOS software. But those software cost money then just buy and install them. I dont know what for database you are using but sems easy to hack beacuse 50 attack in one day is a record. Argonath is a popular coumminty and deserve better security. Also about ''Admins dont do anything'' Kojak picked some moderator just for make so the server gets more help. Maybe he picked wrong players. Back to DDOS attack again. If the server build many server like ''Facebook or Google'' Not exactly but as a example then no one can attack it with DDOS or hack it. For a half year ago someone hacked Aragorn hacked. That hacker banned all and i think all know that hack. In 2010 a hack made so they made a backup. You see the server changes and grows. But seriously needs to plan a better security.
Gandalf:
This is something you need to think about before RS5 is coming. Beacuse i know in RS5 you dont want this lag or hack thing. In RS5 you want a new start,new script,new thing and anti-lagg. That means you need to take a meeting with your Staff Crews and make a plan. Beacuse this is serious and need to be fix before it is late. Also back to admins again: I have seen many player are saying ''Manager/admins got a life too'' Then did they not pick wrong job? If you got a life or cant be online. Then why not just leave the job and be inactive so other active people can takeover. I see alot of people need help and many of them need managers. I know some managers have a other timezone that is good but what about them in Europe? They just have a account and never log in. Gandalf as i said you need to have a meeting. I think Kojak need to have a extra eye on those new moderator. I have seen some abusing but not shout in /p or something just have been quite. Beacuse i dont want to make it big. I hope i see some changes soon. =)
As the database does not allow external connections the problem is not there. As for hacking the database, every case that happened was because of human error, not because someone hacked on skills.
Putting a MySQL password in pastebin, using the same password on other, less scrupulous, communities, logging passwords unencrypted, not protecting against MySQL injection, not changing password after it was leaked .... all things that could have easily been avoided.
As for being built like Facebook or Google, that would be great, but is impossible with a game like SA:MP. In case of a website it is possible to code in such way that you use a server cloud, meaning that the DNS is spread across many servers and if one is attacked you have others (a couple of thousand) to take over. SA:MP runs on a single IP, which is much easier to attack.
Of course if you could give us the budget of Google and Facebook, we will come up with something that is just as stable. :D
For RS5 we are looking at possible internal cause of lag, reducing the 30k per second writing operations will contribute.
-
A big request to admins. Will say it in Russia, as Gandalf should understand it
ÕÑÂÂûø ÑÂÂтþт ÃÂâ€ÂÃÂâ€Âþáõр öøòõт ò ÿрõôõûðх 500 úü þт ÃÂœþÑÂÂúòы - ÑÂÂúøýь ðùÿø, чõрõ÷ ñыòшых úþûûõó ÑÂÂþ ÑÂÂÿõцÑÂÂûуöñы ÿрþñью óôõ öøòõт ø рð÷ñõруÑÂÂÑŒ úþýúрõтýþ
Oh gosh, we're dealing with a badass over here.
Seriously, it looks even more childish when you try to gang up against them instead. Just let them get blocked and ignored.