[Requesting Lock] I'm starting to get really damn pissed off now....

[Marcel]

Thanks for explaining MdeRooy.

Are there any other solutions we can explore which are low-cost but in return effective against these attacks?

Can we not just install software firewalls onto the server and configurate them as you mentioned?

I'm thinking long term strategy here, since it's likely that the community will grow in the future and we should be in a position to protect ourselves against these attacks.

I'm more than willing to think and work with other members and staff in order to mitigate these attacks.

Yes, there are software based solutions, which deal with fingerprinting and flooding.

You have the DDoS deflater, which is a simple shell script for Linux servers that counts connections and blacklists once it detects flooding. Works with most firewalls such as IPTables and APF. For APF, you also have http://www.rfxn.com/projects/brute-force-detection/ which is made by the same team.

Also, there is stuff like mod_evasive that can help Apache servers to mitigate attacks. This however does not work for SA:MP and TeamSpeak.

[Gandalf]

Large organisations must have a infrastructure / layer of protection to ward off these attacks? Otherwise, they would have the same fate as we do against these script-kiddies.

There must be a technique or approach we can deploy across are servers to ward off these threats or at least mitigate them like mdeRooy touched on.

There are several techniques. However you should understand that we are not financially sound enough to pay an additional hardware firewall of Eur 125 per month, and using software to distribute would get us in troulbe with the shared network of the datacenter as it would cause severe trouble for many others.

The data center has a general hardware firewall that sets in when traffic exceeds a certain limit, and automatically sends out abuse messages to the providers of the infected computers.
Apart from that we have informed the provider of the person who posted earlier announing being responsible.

[Zaila]

Large organisations must have a infrastructure / layer of protection to ward off these attacks? Otherwise, they would have the same fate as we do against these script-kiddies.

There must be a technique or approach we can deploy across our servers to ward off these threats or at least mitigate them like mdeRooy touched on.

Large organizations does, but then we are talking about large cloud networks for hundred of thousands, if not millions, of dollars. For a community like Argonath which is having 1 IP for all of the servers, there is no real solution as far as i know.

[Shejken]

http://www.blockdos.net/

$299/month ...

Wanna fund it?

[Ted]

Or the real killer, have their pocket money stopped somehow. That always sorts out naughty little sh...

Oh and I do miss The Bill.

[Gandalf]

I'm more than willing to think and work with other members and staff in order to mitigate these attacks.

Yes, there are software based solutions, which deal with fingerprinting and flooding.

You have the DDoS deflater, which is a simple shell script for Linux servers that counts connections and blacklists once it detects flooding. Works with most firewalls such as IPTables and APF. For APF, you also have http://www.rfxn.com/projects/brute-force-detection/ which is made by the same team.

Also, there is stuff like mod_evasive that can help Apache servers to mitigate attacks. This however does not work for SA:MP and TeamSpeak.

As we are running Windows, any Linux tool is not really an option.

[Marcel]

As we are running Windows, any Linux tool is not really an option.

Windows has some options available, however they are nowhere near as effective as on Linux.

I do know a friend of mine came up with this: http://img24.imageshack.us/img24/978/ddosmitigator2011091707.png

[Robby_Wilson]

I don't understand a word ya'll are saying...

[Frank_Hawk]

I don't understand a word ya'll are saying...

CJ is behind all of this 

[Marcel]

Thanks MdeRooy, I'm sure the leadership would be open to exploring different options as appropriate.

Gandalf and MdeRooy, in relation to the software solution - how would this be deployed? i.e. what set of steps need to be applied and what risks or issues can arise?

I'm not clear on the technical stuff, but can approach this from a business perspective if you could provide an overview.

A software solution would likely work hand in hand with the windows server firewall. It will monitor incoming traffic and block the IP if there are more than X connections from that IP.

[Devin]

Would there be any significance on contacting the offenders ISP about this nuisance?

[Kirgiz]

I thought you dealt with this hacker....?

Boo-hoo, go and cry over A FUCKING VIDEO GAME.


Grow up.

[Robby_Wilson]

Boo-hoo, go and cry over A f**kING VIDEO GAME.


Grow up.

Herro there hacker!

Guys, THIS is the dude whos hacking the server! SHUN HIM TO HELL!

[Ted]

Would there be any significance on contacting the offenders ISP about this nuisance?

Probably result in his or her broadband being cut and parents with a hefty bill.

[Marcel]

Boo-hoo, go and cry over A f**kING VIDEO GAME.


Grow up.

Oh hi! You must feel very brave. Pushing the button on your skiddy booter, trying to hit Argonath. Big boy! Your momma must be proud.