Being DDoSed

**bobbobagan** · Jul 18, 2009, 12:48 AM

We run:
- SourceMod
- The latest ES beta
- Source Python Extentions
- ES_tools

I think it would be es_tools if anything. Since it is such an outdated plugin, it probably has security holes somewhere in it.

I know its not Source Python Extentions, because that is only running on 2 of the 3 servers.

It could potentially be the latest ES, since it is in beta it could have a security hole in it also. I very much doubt it would be SourceMod, since nobody else has reported anything on the sourcemod forums.

So I guess your DDoS plugin can't help us here?

What do we do in this case, we are losing players because of the lag... and there appears to be nothing we can do. Some of our eventscripts require es_tools.

**Drunken F00l** · Jul 18, 2009, 12:52 AM

Get a sourcemod plugin that logs every command players run. When you get lag, check the log for anything strange.

**bobbobagan** · Jul 18, 2009, 03:50 AM

The lag continues to happen even when the server is empty though. It was happening a few minutes ago so I decided to do some investigating.

I stopped the server, then I disabled every plugin running on the server (SourceMod, ES, ES_T, etc) and restarted the server. The server continued to lag, so to me that says it is not a plugin problem.

He is not exploiting something in a plugin. Hypernia are taking a look at two DDoS plugins (your one and a MM:S one). And may put them onto our servers, although I very much doubt they would do anything (they didn't have any effect on our linux servers (old host)).

**Drunken F00l** · Jul 18, 2009, 12:18 PM

Originally Posted by bobbobagan

The lag continues to happen even when the server is empty though.

You know this because it has low fps or what? Did you check the CPU usage of all processes? Maybe something is stealing CPU from srcds.

**bobbobagan** · Jul 19, 2009, 03:27 AM

Originally Posted by Drunken_F00l

You know this because it has low fps or what?

No, because when you view the server on HLSW I have a ping of about 2000, plus if you join the server while its empty and under attack the lag is still present.

Originally Posted by Drunken_F00l

Did you check the CPU usage of all processes? Maybe something is stealing CPU from srcds.

I have personally not looked at the CPU usage, but another admin from my community did. He tells me that during the attack each of our 8 cores are at 50% and 4GB RAM is free.

Its the spamming of empty packets, and the server trying to do something with them that is lagging our server.

**Drunken F00l** · Jul 19, 2009, 12:40 PM

Originally Posted by bobbobagan

Its the spamming of empty packets, and the server trying to do something with them that is lagging our server.

Probably not considering this is what the DoS plugin is designed to fix and also considering your host said there was nothing out of the ordinary.

**OmegaZero_Alpha** · Jul 20, 2009, 12:34 PM

so I got a virus off of some dipshit's shitty hacker website and started DDoSing his rival community to get him sued, when I thought "Why in the fuck does every wheat product have to use enriched flower, FUCK I hate potato intolerances"

**glouch** · Jul 20, 2009, 03:36 PM

you know, gluten intolerances really suck

**Butane** · Jul 21, 2009, 02:44 AM

Originally Posted by OmegaZero_Alpha

so I got a virus off of some dipshit's shitty hacker website and started DDoSing his rival community to get him sued, when I thought "Why in the fuck does every wheat product have to use enriched flower, FUCK I hate potato intolerances"

?

**OmegaZero_Alpha** · Jul 22, 2009, 05:01 AM

Originally Posted by Butane

?

Thread: Being DDoSed

Thread Tools

Display

Tags for this Thread