Forum

> > CS2D > Scripts > ddos attack
Forums overviewCS2D overview Scripts overviewLog in to reply

English ddos attack

21 replies
Page
To the start Previous 1 2 Next To the start

old ddos attack

Quattro
GAME BANNED Off Offline

Quote
Today someone successfully attacked ranked server, I even set floodprot to 1 and it had no effect...

So, is there a way to prevent the attack? I once saw topics about IP tables, are they effective?

old Re: ddos attack

BcY
Reviewer Off Offline

Quote
What is the point with stating that floodprot is 1 about the ddos attack?

old Re: ddos attack

Rainoth
Moderator Off Offline

Quote
@user BcY: Well, flood protection is to prevent the people who try to crash the server with a bunch of messages.
His server crashed --> potential cause (probably not) --> related to topic.

old Re: ddos attack

Quattro
GAME BANNED Off Offline

Quote
user BcY has written
What is the point with stating that floodprot is 1 about the ddos attack?


What is the point of bitching about something irrelevant while you clearly have not a single clue about the topic?

old Re: ddos attack

Hajt
User Off Offline

Quote
I'm using these iptables and it works against some IP Stresser/Booter services.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
#!/bin/bash
IPT="/sbin/iptables"
DNS_SERVER="8.8.4.4 8.8.8.8"

$IPT -F

for ip in $DNS_SERVER
do
	echo "Allowing DNS lookups (tcp, udp port 53) to server '$ip'"
	$IPT -A OUTPUT -p udp -d $ip --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT
	$IPT -A INPUT  -p udp -s $ip --sport 53 -m state --state ESTABLISHED     -j ACCEPT
	$IPT -A OUTPUT -p tcp -d $ip --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT
	$IPT -A INPUT  -p tcp -s $ip --sport 53 -m state --state ESTABLISHED     -j ACCEPT
done

$IPT -A INPUT -p udp -m udp --sport 19 -j DROP
$IPT -A INPUT -p udp -m udp --sport 53 -j DROP
$IPT -A INPUT -p udp -m udp --sport 1434 -j DROP
$IPT -A INPUT -p udp -m udp --sport 137:138 -j DROP
$IPT -A INPUT -p udp -m udp --sport 123 -j DROP
$IPT -A INPUT -p udp -m udp --sport 111 -j DROP
$IPT -A INPUT -p udp -m udp --sport 161:162 -j DROP
$IPT -A INPUT -p udp -m udp --sport 1900 -j DROP
$IPT -A INPUT -p udp -m udp --sport 27005 -j DROP
$IPT -A INPUT -p udp -m string --string "SAMPY" --algo bm --to 60 -j DROP 
$IPT -A INPUT -p udp -m string --string "HTTP/1.1 200 OK" --algo bm --to 75 -j DROP
$IPT -A INPUT -p udp -m length --length 0:28 -j DROP

Type your DNS IP in
DNS_SERVER
variable in script or keep google dns and override the DNS nameserver on your VPS. And then execute script.

old Re: ddos attack

DC
Admin Off Offline

Quote
Just as a side note because cs2d cmd mp_floodprot was mentioned: It is for DoS attacks only and since it's in the program logic it can only help to a certain extent. When there's too much traffic it will overload/kill CS2D/the CPU anyway. Also it doesn't help efficiently against DDoS at all. In other words: It can potentially help if the flood comes from one origin IP address and isn't super strong but most likely doesn't help enough when multiple different origin IP addresses are involved in the attack.

old Re: ddos attack

BcY
Reviewer Off Offline

Quote
You are a rude boy, @user Quattro also you don't know anything about security nor ddos attacks. I've been around here since 2012, hosted servers, been through every kind of attacks since then. Please listen people, if you don't know anything about the point then be respectful. Peace!

old Re: ddos attack

Quattro
GAME BANNED Off Offline

Quote
Thank you guys. It is impossible to stop DDoS attack but who will waste money (or their bot net ) on some old game daily?

I think it was DoS attack and I even got an IP of the suspected guy. If IP tables can help dealing with that 1 guy I must learn to use it.

@user BcY: I am very rude sometimes but only if someone is rude at me Your reply made it obvious you are experienced yet instead of helping you wrote something to make fun of the topic. That's not cool

old Re: ddos attack

Masea
Super User Off Offline

Quote
@user Quattro: And you're also dumb, unfortunately. He wasn't rude to you, but you were. He just asked something. If you want to know something which is not "cool"; this - what you did - is not cool.

old Re: ddos attack

Yates
Reviewer Off Offline

Quote
Quattro stated all bits of information to make it easier for people to help him out. Asking why he provided a specific bit of information is plain dumb, he thought it would help you help him; that's why.

Stop being fucking retards and help him out. Gosh.

old Re: ddos attack

mrc
User Off Offline

Quote
People quit CS2D, we are in the worst moment of all time (in CS2D's history). I think there is no way back now.

IMG:https://s15.postimg.cc/ygxyh1aqj/Screenshot_2018-07-06-13-29-13.png

old Re: ddos attack

Quattro
GAME BANNED Off Offline

Quote
It's definitely not the worst, worst were summers before Steam with totally empty servers.

Now you always find people on fun servers and some standard ones.

old Re: ddos attack

Masea
Super User Off Offline

Quote
user Yates has written
Quattro stated all bits of information to make it easier for people to help him out. Asking why he provided a specific bit of information is plain dumb, he thought it would help you help him; that's why.
And what if "a specific bit of information" is not true?... Lol. He didn't even know what was he doing which I can get since it is not a thing for that situation he gets.

I (user BcY) don't know why he did that, and I asked him. And you tell me "retard". I think I have to lol now so bad. Thanks.

Ah! And that;
user Yates has written
Gosh.
Though.

old Re: ddos attack

Yates
Reviewer Off Offline

Quote
user Masea has written
And what if "a specific bit of information" is not true?... Lol. He didn't even know what was he doing which I can get since it is not a thing for that situation he gets.

Exactly. He provided the information he thought was relevant. You already know half the issue based on the title alone, you know the rest by reading the thread post. You can determine with both of these that Quattro believes it to be necessary information for people willing to help him out. Whether it actually is necessary or even related at all does not matter, asking about it makes no sense.

Just say "Hey, [this and that] won't do you any good because [reason]. (Try this out instead: [...])"

Congratulations, you've now learnt how to assess the intent of a question ¯\_(ツ)_/¯

old Re: ddos attack

Quattro
GAME BANNED Off Offline

Quote
You guys both are true so it's not worth arguing over it.
I shouldn't have answered rude to bcy just because he questioned the topic

old Re: ddos attack

Masea
Super User Off Offline

Quote
user Yates has written
asking about it makes no sense.
It does. Let's just say, I knew that cs2d cmd mp_floodprot is for only DoS attacks but I see someone who uses this command for DDoS attacks, hence I ask him why he uses it. Why? Because I could have known wrong and he can answer me and fix my wrong (if it is).

By the way, let me just do that once again:
user Yates has written
Gosh.

Wow, it feels damn good, thanks!

old Re: ddos attack

Yates
Reviewer Off Offline

Quote
@user Masea: Yeah or you can be sensible and just look at DC's post. Pretty much sums up how to respond.

You know what he is trying to use it for, so you know whether it will help or not. Tell him why he should be doing something else instead of asking about something you already know the answer to (unless you're an idiot, but I mentioned it in my previous posts so I've got your back. Go check 'em out).

Gosh

old Re: ddos attack

Masea
Super User Off Offline

Quote
@user Yates: You miss a single thing though. Of course, you have unlimited styles of responding which some of them are bad and some of them are good - which depends on people - I don't care. What I do care is user Quattro (and also you by saying "retarded") was just so rude which is meaningless in this case, you know. See when and where I came into this thread. You'll definitely see it all happened after user Quattro being like that.

On the other hand, I don't even know why you are here. What you say after the main thing is done mean just bullshit to me.

But I'm comfy now since user Quattro has accepted his wrong and we're all good (I think).

Gosh

old Re: ddos attack

Yates
Reviewer Off Offline

Quote
user Masea has written
On the other hand, I don't even know why you are here. What you say after the main thing is done mean just bullshit to me.

Because the matter was already resolved before you replied (he explained the reason why he reacted that way and basically apologised). It seemed as if you didn't get the memo.

We all know you of all people need things explaining to you ten times. Pretty sure everyone could vouch for that.
edited 1×, last 06.07.18 11:46:34 pm
To the start Previous 1 2 Next To the start
Log in to reply Scripts overviewCS2D overviewForums overview