Server bfbc2, whats going on ? DDOS or Reset?

Alles zum Spiel Bad Company 2 sowie unseren damit verbundenen Servern
---
All about the game Bad Company 2 as well our related game servers
User avatar
spawney
Private First Class
Private First Class
Posts: 18
Joined: Tue Jun 27, 2017
Favorite Server: BC2 Vietnam
Has thanked: 2 times
France

Networker

Contributor

Membership

11 Oct 2018, 16:23

Hello guys, it has been a long time.

What happens to the servers, it's been 3 weeks between 19h and 23h when there are people on the server vietnam, the server suffered a DDOS or a reset ?
I noticed that every time it happened there was one or two player on the Empire Devil server. at each DDOS or reset the only server that benefits from the migration of players is Empire Devils 4Netplayers,
ip : 194.97.167.162: 19567
strangely I can not find this server on gametracker

https://imgur.com/a/OlcTzpH


My Bad !
Image
Steam
Youtube
User avatar
[RC]Hunter
Site Admin
Sergeant
Sergeant
Posts: 2377
Joined: Fri Apr 04, 2008
Location: Hue City
Favorite Server: All of them
Has thanked: 3 times
Been thanked: 19 times
Germany

Networker

Contributor

Membership

=]RC[= Hunter’s avatar
Loading…

12 Oct 2018, 21:39

Hi Spawney,

I have been a lot away in the last couple weeks and start looking into it now.

It is not related to BC2 or any other BC2 server, the mentioned one might be used instead due to its ping being in range of ours ...

Yes there are Ddos attacks on our server box, multiple ones, different styles. I am currently analyzing to see what could be done.

If an attack takes place, it does prevent all game servers from communication correctly with connected players, therefore they lose connection and the server becomes unavailable for the time period of the attack.

Gametracker are manual entries by the respective server owners, you do not need to add your server(s) there.


=]RC[= Hunter
skill is not an unlock ... see ya on the battlefields

Image * Image * Image * Image
User avatar
spawney
Private First Class
Private First Class
Posts: 18
Joined: Tue Jun 27, 2017
Favorite Server: BC2 Vietnam
Has thanked: 2 times
France

Networker

Contributor

Membership

13 Oct 2018, 19:09

That's what I thought.
The night I wrote this post there was another DDOS. It's always around the same time. between 7pm and 10pm ( french time) .
You have no protection? because I noticed that it attacked not only the server but your structure, the website is down too at the same time.
It should not be hard to find it, it must be a script kiddie and all the script kiddies leave traces


My Bad !
Image
Steam
Youtube
User avatar
[RC]Hunter
Site Admin
Sergeant
Sergeant
Posts: 2377
Joined: Fri Apr 04, 2008
Location: Hue City
Favorite Server: All of them
Has thanked: 3 times
Been thanked: 19 times
Germany

Networker

Contributor

Membership

=]RC[= Hunter’s avatar
Loading…

14 Oct 2018, 17:22

Ddos is a general term for hundreds - if not more - different style of attacks.

There is no general protection, if datacenters claim to have it, they most ikely give you a protection again 10 known attacks and thats it. Standawd Web services or UDP floods. Anything else needs to be identified and individual adressed.

Like I explained in the past already in any other thread, we do have a pretty decent protection, but we are the target of many different constant attacks since years. Of course the sources are individuals, because "someone" needs to initiate the attack for a reason. Be it the cause of a game ban, be it an envious (jaloux) owner of a different game server getting angry because our server(s) are full... who knows and I personally do not care much about it. But attacks being able to harm our infrastructure are not run from a home PC, they are coming from a bot net and we are talking about 100.000 (or more) IP sources talking to our server in the same second.

The individual attacks in the game servers "business" make it even more complicated, since often - like in our present case - the attacking packets are looking like game client data send to a desired game server port. Therefore you need to hex decode the incoming traffic and identify the good or the bad prior passing through.

Once you managed todays attack without harming your game servers performance, filtering thousands of data streams per second, it can be tomorrow that someone invent a different method to break through your wall. Same like with Trojans/Viruses or Cheats/Anticheat measurements, a costant "catch me if you can" sport.


=]RC[= Hunter
skill is not an unlock ... see ya on the battlefields

Image * Image * Image * Image
User avatar
spawney
Private First Class
Private First Class
Posts: 18
Joined: Tue Jun 27, 2017
Favorite Server: BC2 Vietnam
Has thanked: 2 times
France

Networker

Contributor

Membership

15 Oct 2018, 16:38

I did not think it was so serious, He is very active since 1 or 2 weeks!


My Bad !
Image
Steam
Youtube
Post Reply