=]RC[= STRATEGO Game Servers Community

Hello guys, it has been a long time.

What happens to the servers, it's been 3 weeks between 19h and 23h when there are people on the server vietnam, the server suffered a DDOS or a reset ?
I noticed that every time it happened there was one or two player on the Empire Devil server. at each DDOS or reset the only server that benefits from the migration of players is Empire Devils 4Netplayers,
ip : 194.97.167.162: 19567
strangely I can not find this server on gametracker

https://imgur.com/a/OlcTzpH

Hi Spawney,

I have been a lot away in the last couple weeks and start looking into it now.

It is not related to BC2 or any other BC2 server, the mentioned one might be used instead due to its ping being in range of ours ...

Yes there are Ddos attacks on our server box, multiple ones, different styles. I am currently analyzing to see what could be done.

If an attack takes place, it does prevent all game servers from communication correctly with connected players, therefore they lose connection and the server becomes unavailable for the time period of the attack.

Gametracker are manual entries by the respective server owners, you do not need to add your server(s) there.

That's what I thought.
The night I wrote this post there was another DDOS. It's always around the same time. between 7pm and 10pm ( french time) .
You have no protection? because I noticed that it attacked not only the server but your structure, the website is down too at the same time.
It should not be hard to find it, it must be a script kiddie and all the script kiddies leave traces

Ddos is a general term for hundreds - if not more - different style of attacks.

There is no general protection, if datacenters claim to have it, they most ikely give you a protection again 10 known attacks and thats it. Standawd Web services or UDP floods. Anything else needs to be identified and individual adressed.

Like I explained in the past already in any other thread, we do have a pretty decent protection, but we are the target of many different constant attacks since years. Of course the sources are individuals, because "someone" needs to initiate the attack for a reason. Be it the cause of a game ban, be it an envious (jaloux) owner of a different game server getting angry because our server(s) are full... who knows and I personally do not care much about it. But attacks being able to harm our infrastructure are not run from a home PC, they are coming from a bot net and we are talking about 100.000 (or more) IP sources talking to our server in the same second.

The individual attacks in the game servers "business" make it even more complicated, since often - like in our present case - the attacking packets are looking like game client data send to a desired game server port. Therefore you need to hex decode the incoming traffic and identify the good or the bad prior passing through.

Once you managed todays attack without harming your game servers performance, filtering thousands of data streams per second, it can be tomorrow that someone invent a different method to break through your wall. Same like with Trojans/Viruses or Cheats/Anticheat measurements, a costant "catch me if you can" sport.

I did not think it was so serious, He is very active since 1 or 2 weeks!