Forum

Ddos

Created 17th December 2010 @ 18:46

Locked Pages: « Previous 1 ... 3 4 5 6 Next »

Not here

Quoted from pumphead

[…]

You’ve been told what to do and how to stop it happening to your match servers so the topic question is basically answered so calm down son.

posted just after he did so i didnt see it

Monkeyman

Just Close the Topic

octochris

(0v0)

But then Where Will we Talk XD

pumphead

Quoted from octochris

But then Where Will we Talk XD

Party at Chris’ house!!!! XD

Not here

Quoted from pumphead

[…]

Party at Chris’ house!!!! XD

chris = pumpheads idol lol

pumphead

Quoted from Not here

[…]
chris = pumpheads idol lol

C/D

Quoted from Monkeyman

You Do Realise that Hardly Any Servers Can be Ddos’d Because of the New Tf2 Update.

But If you Cant Play and Blame it on someone DDos’ing the Server Thats ok Because it takes skill to play

dos is still a go, that shitty plugin only blocks server queries.

one malformed packet is still enough to have it restart

gg valve


Last edited by d1ck j0nes,

Waebi

‹Con›

Quoted from Inuy

ill loic you all.

IMMA FIRIN MAH LAZOR BWAAAAAAAAAAAAA


Last edited by Waebi,

Skyride

DUCS

At first I was going to ask how much Ronny paid you to post this thread, but then I just read it and realised you are just that dumb. What nice-servers are doing is actually a really good idea, and infact I’d implement myself if I genuinely felt this was an issue, but as of yet, I have not had a single customer affected by it.

Could everyone please just stop using the term “DDoS” (or at least start capitalizing it properly). There’s a handful of people here who actually seems to know what it means, but its mostly just being used generically to describe “people doing bad things to make my server not work properly”. Its a really specific technical term.

A DoS is a “Denial of Service”. Its when you simply flood a server of some kind (game servers, web servers, whatever) with so many requests that it is just literally incapable of responding to them all. Given enough requests, most servers of any kind will eventually crash. This is how the LOIC program recently used by anonymous against mastercard/amazon/etc works, except with generic data packets instead of any particular kind of data, meaning it affects the host servers (as in, the physical machine, not the web server program on it, or game server, etc) and causes the machine itself to BSOD/Kernel Panic/etc, or just clogs the network stack so much that for all intents and purposes, it doesn’t work.

A DDoS is a “Distributed Denial of Service”. While these work in the same way as a DoS, they are far, far worse and a lot harder to deal with for 2 reasons:
1) As its distributed, there is a lot more sources for the data to come from, and therefore you can’t just ban x, y, z IPs, because there will be thousands of sources from all over the world.
2) Simply by the nature of it coming from a lot more sources, there will be orders of magnitude more requests to actually deal with.

Botnets for the purpose of DDoS’ing and sending spam mail, are the single biggest purpose of windows computer viruses by a long way.

So now we’ve cleared up what the difference is, we can stop this frustrating argument over semantics and actually see what the issue with TF2 servers.

The problem is simply due to the nature of how the source engine is designed. I can’t stress this enough, this isn’t some thing that valve can kind of just put out a patch for tomorow, it’s an inherent drawback to the way the engine is designed. The “problem” is with how the core engine itself iterates out the list of all players, it is massively heavy on CPU time (well, relative to other things in a 3D physics engine anyway). The server will do this any time someone requests a list of players such as when they join the server, or look at the servers info on a steam window with “view game info”. What these so called “DDoS’ers” have done, is create a script that hammers the game server with requests for these player lists. What ends up happening is the game server starts dropping FPS and ticks instead of just dropping these player list requests, which completely fucks up the actual physics engine side of the server so that it stops calculating player positions, projectile positions, damage, etc,,, and given enough abuse I’d expect would outright crash it.

Just get a couple of people to run that and congrats, you’ve “DDoS’d” a TF2 server.

The solution to this of course would be for valve to implement a cache for this info, so that even if the server gets flooded, it won’t have too much of a negative effect on the server (at least enough that it wouldn’t crash a SourceTV). I’m guessing that this plugin does that (although admittedly I haven’t had a look). I remember Shox somewhere talking about implementing this in the form of some proxy which would actually be awesome for us GSP’s, but as I say, I haven’t had a single customer affected by this problem (and that does include Gamerzone/Mister), so I don’t see it being an issue.

So in conclusion, It’s happened twice in the history of competitive TF2, its really not a problem, and if it does become a problem, we already have solutions that just need to be implemented.

edit: Holy shit I didn’t realise what a wall of text this was until I clicked Submit.]

tl;dr:

1) its not a DDoS, stop using this term.
2) its happened twice ever in comp TF2.
3) if it does become a problem, we already have a way to fix it.


Last edited by Skyride,

Anathema

lol u r a know it all tbh
he got ddOsd and u r talking this shits

numlocked

(king of all rollouts)
Epsilon

so in summary, dos is one person, ddos is lots of people. good job with that long post, adam.

Tobyy

TEZC
Pixie <3

I honestly don’t think anyone even cares a little bit

FAINTAYDAYDAYDAYDAYD

A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a computer resource unavailable to its intended users. Although the means to carry out, motives for, and targets of a DoS attack may vary, it generally consists of the concerted efforts of a person or people to prevent an Internet site or service from functioning efficiently or at all, temporarily or indefinitely. Perpetrators of DoS attacks typically target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root nameservers. The term is generally used with regards to computer networks, but is not limited to this field, for example, it is also used in reference to CPU resource management.

One common method of attack involves saturating the target machine with external communications requests, such that it cannot respond to legitimate traffic, or responds so slowly as to be rendered effectively unavailable. In general terms, DoS attacks are implemented by either forcing the targeted computer(s) to reset, or consuming its resources so that it can no longer provide its intended service or obstructing the communication media between the intended users and the victim so that they can no longer communicate adequately.

Denial-of-service attacks are considered violations of the IAB’s Internet proper use policy, and also violate the acceptable use policies of virtually all Internet service providers. They also commonly constitute violations of the laws of individual nations.

Felt like being skyride for a while.
Feel much better.

EDIT: Post wasn’t long enough

Attackers have found a way to exploit a number of bugs in peer-to-peer servers to initiate DDoS attacks. The most aggressive of these peer-to-peer-DDoS attacks exploits DC++. Peer-to-peer attacks are different from regular botnet-based attacks. With peer-to-peer there is no botnet and the attacker does not have to communicate with the clients it subverts. Instead, the attacker acts as a ‘puppet master,’ instructing clients of large peer-to-peer file sharing hubs to disconnect from their peer-to-peer network and to connect to the victim’s website instead. As a result, several thousand computers may aggressively try to connect to a target website. While a typical web server can handle a few hundred connections/sec before performance begins to degrade, most web servers fail almost instantly under five or six thousand connections/sec. With a moderately big peer-to-peer attack a site could potentially be hit with up to 750,000 connections in a short order. The targeted web server will be plugged up by the incoming connections. While peer-to-peer attacks are easy to identify with signatures, the large number of IP addresses that need to be blocked (often over 250,000 during the course of a big attack) means that this type of attack can overwhelm mitigation defenses. Even if a mitigation device can keep blocking IP addresses, there are other problems to consider. For instance, there is a brief moment where the connection is opened on the server side before the signature itself comes through. Only once the connection is opened to the server can the identifying signature be sent and detected, and the connection torn down. Even tearing down connections takes server resources and can harm the server.
Source: Wikipedia =]]]

Thar we go


Last edited by FAINTAYDAYDAYDAYDAYD,

Vazzan

TwistedPlay.

Quoted from Skyride

SOME SCOTTISH STUFF ABOUT SHIT

shut up


Last edited by Vazzan,

WOODY[

Op4

i feel i have to post in this

Locked Pages: « Previous 1 ... 3 4 5 6 Next »