Hey all (in particular Drunken F00l)
You may remember I posted a few weeks ago with problems of being DDoSed. After getting your plugin set up correctly, we managed to block the attacks.
We are now onto round two of the attacks. Ever since blocking the attacks, the rival community has vowed to get around our protection and start to interrupt game play on the server. We believe they have, with a new kind of lag.
Again, it is easy to tell these attacks are deliberate because they only happen at certain times, effecting certain servers. I have tried checking daf_status during the attacks, but nothing appears.
The lag is also a different kind of lag. This lag freezes the server/all players for 1-2 seconds then is fine, then happens about 5 seconds later again continually until the server is empty. Again I have been in discussions with our host (Hypernia), and they gave us this responce:
So I appeal to you. Are you able to help us block these attacks? I believe your plugin blocks UDP packets, is that correct? Possibly they are using TCP this time (I know RCON runs though TCP). Possibly they are using the rcon port to flood the server?Hi,
It's just very difficult to defend against this attack. The only thing i can suggest is appeal to the mod community and report the abusers to their ISP/Community and hopefully some action might be taken. We'll have perhaps thousands of connections to our servers at any given time, so it's near impossible to determine which if any is mischievous and trying to cause problems.
Paul Clayton
Hypernia Hosting Corp.
This other community has reportedly sunk some money into getting a program made to get around our protection. They seem extremely desperate. I don't know if that is true or not though. Either way, they are douchebags (IMO) for doing this.
If you need any information, we have SSH access to some of our servers, hopefully we can help you gather required information?
Regards,
Bobbobagan
Reply With Quote
Originally Posted by bobbobagan
