Jump to content

DoctorB0NG

Former Developers
 View Profile  See their activity

  • Posts

    751

  • Joined

  • Last visited

 Content Type 

Posts posted by DoctorB0NG

    [Poll] Frustration in Renx

    in Renegade X

    Posted

    I appreciate the kind words from @MintLemonade but nobody is perfect and I used to have quite the toxic side as well in the community.  FPI (the artist formerly known as EKT) and I have definitely had a rough patch in the past and most of it was my fault unfortunately.  Renegade-X has a very unique community and I had found that investing too much time had caused me to get very burnt out and get frustrated at things that I really should not have been.

    I was originally of the opinion that team switching should be allowed so that friends can play together but I've now been swayed and agree that even just a small group of veteran players can dictate the entire outcome of a game.  I understand what FPI is trying to accomplish and I can see why it has caused a rift in the community.  Even with disabling team switching though, there are clever ways to still manage to end up on the same team and even without players switching, teams can end up lopsided. 

    I don't really have any suggestions for how to fix the team stacking issue but if I could offer one piece of advice it would be this: If you're getting burnt out and frustrated with Renegade-X, take a bit of time off and come back with a fresh outlook.  It really can make a big difference. 

    PS: I'd also like to formally apologize to @Goku , @Skeeze , @ObeliskTheTormentor and many others from EKT/TmX back in the day.  I was very burnt out and it had a toxic effect on the community. 

     

    I wish you all the best of luck!

     

    • Like 4
    • Thanks 1
    • Sad 2

    Need better DDos Proof Servers

    in Renegade X

    Posted

    Ask your provider if they support BCP38. It is one of the first things you need against UDP flood and TCP SYN attacks. Inspecting the packets on your server is already too late, because they have reached you, so you need something in front of your UDK server. If a separate router is too costly, then consider taking a virtual dedicated server as gateway !

    If the provider does not support this, find one that do support this and you will probably get rid of this script kiddie !!!

    It's not too late because the attacks do not get close to saturating the NIC interface on the server.

    The attacks are easily filtered through targeted iptables rules. This is how I blocked them in the fall and it works very well. No need to reinvent the wheel here, folks.

    I'm just waiting for my OVH box to get set up and well be up and running.

    Need better DDos Proof Servers

    in Renegade X

    Posted

    RenX exclusively uses UDP. The attacks are targeted at the UDP port that the game server is bound to.

    @cronus How big did the caps end up being after a day? Did you have TCP dump running with a time parameter instead of a packet limit parameter?

    I just through it together quick to do a packet limit parameter, figured out about how much runs in a minute. I think when I calculated I had like 1-3 months to clear old pcaps. I think I only had 100GB free at the time. So its a great quick solution to get the pcaps, just check disk space every month or two heh

    I just checked my old logs, and for 3 days ish work of pcaps it was 6GB

    The only problem with that is if we run the dump every X seconds with the duration parameter specified in total packets, there's a high probability that we'll either miss some packets or run overlapping dumps.

    How did you work around this?

    Pick Up Games (PUGs)

    in Renegade X

    Posted

    Just track him down when he wants to Ddos.

    its impossible, and knowing who it is isn't going to solve anything.

    all of you need to know is that the guy's only goal in mind is to watch people suffer and rage, and the best thing we can we can do to make him feel stupid for wasting money is to wait patiently until the server owners find a solution.

    talking smack about him on the forums is exactly what he hoped to see, and is exactly why he's willing to pay money for ddos. smartest thing to do is to talk about the matter rationally with realistic solutions in mind. if you don't have anything productive to say towards helping mitigate this issue, i'd highly recommend keeping any negative thoughts to yourself on this topic.

    Listen to Jeff. Don't feed the troll.

    I already have a solution, I just need to implement it. In the meantime just relax a bit and watch some TV or play overwatch with me :D

    Need better DDos Proof Servers

    in Renegade X

    Posted

    RenX exclusively uses UDP. The attacks are targeted at the UDP port that the game server is bound to.

    @cronus How big did the caps end up being after a day? Did you have TCP dump running with a time parameter instead of a packet limit parameter?

    Need better DDos Proof Servers

    in Renegade X

    Posted

    @itweek with the cisco asa, have you turned logging on and had a look at the logs when an attack occurs? It will tell you what type of packet it is, as well the source ip address(es).

    Depending on your config, it sounds like you're accepting INBOUND traffic from DDoS'er, you need to analyse the logs and see where it is coming, then create a DENY rule accordingly.

    If you want some help analysing this, i'm happy to help.

    @Bong, I'd be happy to help analyse any wireshark captures and translate these to new ACL deny rules on a router or a firewall.

    I'm a network engineer by trade, so i'm very well rehearsed when it comes to layers 1- 4

    He's using more than one location, he has a botnet from what I understand

    No. It's all spoofed UDP floods originating from one server/a small group of servers. And before anyone asks, no, you cannot just track the attack back because if you look up the reverse DNS on the spoofed IPs, it will give you random people's IPs across the world because they're spoofed.

    @sterps I might just give you full access to the box and well have to talk details some night in teamspeak

    @itweek The Cisco ASA routers that OVH offers have too low of a spec for PPS and even proper and efficient rules will still makes the firewall choke and sputter.

    Need better DDos Proof Servers

    in Renegade X

    Posted

    People need to step and say they're willing to help. So far I have freak and crowsey who are willing to help.

    If you'd like to help, please explicitly state so in this thread and I'll make sure I PM the details to you after I figure out some semantics.

    PS: the new server is already ordered, just waiting for it to be delivered. After I get the server, the setup will take a few hours.

    If donations don't pan out during the first month, I will not renew the server so keep that in mind, folks.

    Need better DDos Proof Servers

    in Renegade X

    Posted

    can someone explain this like im 5. Cant a server differentiate between traffic coming from a DDOS program and traffic coming from the actual renegade game? I mean when you launch a game through the ingame multiplayer surely it must have some sort of unique identifying characteristic right?

    The main problem is that even if a program has the ability to differentiate malicious vs real player packets (which UDK does a terrible job/doesn't do at all) the program would still have to accept the packet, analyze it, then drop it.

    When you get up into 50K+ PPS range, that's still far too much data to process and even drop for a program that isn't optimized for it. This is where iptables shines. iptables is the userspace extension of a kernel module called netfilter. Because netfilter is written into the kernel and was designed from the ground up to be as efficient as possible, it can filter the traffic much better than any user space program ever could.

    Luckily I already have a solid list of iptables rules that will likely block 98% of the attacks however, a few stragglers will likely make it through and that's why I'm gonna need other members to help me capture those few that may get through.

    Need better DDos Proof Servers

    in Renegade X

    Posted

    All I really need is people to "watch" the server and run tcpdump during an attack and then send me a message with the time they captured the attack.

    I will be able to analyze the attacks very quickly as I've been doing this for a while. The tough part is just getting the captures which is what I need people for.

    The other option is setting the packet captures to run automatically via a cron script of some other means. I would need to have some sort of logrotate though to prevent the captures from completely filling up the hard drive.

    If anyone in the community is a shell scripting/automation wizard, please let me know.

    Need better DDos Proof Servers

    in Renegade X

    Posted

    Current status: DDoS protected server costs twice as much as the current server and I'm worried about funding for it. I'd also need to recruit someone to help manage the capture of TCP dump files to analyze attacks and make sure the current iptables rules are still blocking the malicious traffic.

    I unfortunately don't have the time to monitor the server nearly to the level I used to as I have a new job. And actually part of the reason I have my new job is because of my Linux skills I gained from handling the DDoS attacks last fall.

    Tldr: afraid of funding, need to train 1-2 people to run tcpdump during attacks so I can later analyze the logs with wireshark

    Pick Up Games (PUGs)

    in Renegade X

    Posted

    The rage quitters are very annoying. It makes it very difficult for the coordinators of the PUG and sours the mood.

    PS: sorry I wasn't there yesterday, I'm up at my folks' place for memorial day weekend.

DDoS protection by Evolution Host

×
×
  • Create New...