Forum

zBlock has nothing to do with a Distributed Denial of Service attack.

lol what? how can you say that.. do you know what you’re talking about?! Zblock stops alot of common/easy to find out ways of DDOS’ing a source server…

zBlock has nothing to do with a Distributed Denial of Service attack.

lol what? how can you say that.. do you know what you’re talking about?! Zblock stops alot of common/easy to find out ways of DDOS’ing a source server…

Yes sir, I do know what I’m talking about and no, Zblock can in _NO POSSIBLE WAY_ block _ANYTHING_ that has REMOTELY to do with DDOS :)

Here is an simple white paper from its conception (to keep it simple and basic), if you wish to learn more on the subject: http://www.linuxsecurity.com/resource_files/intrusion_detection/ddos-whitepaper.html

That said, the only way to keep matchservers some-what “safe” is to:

a) Make them not register themselves
b) Make sure it’s on a relatively unknown host and use a random port together with something like portsentry on the hosts that runs on the backend, so they can’t find out where the game is played by portscanning (and getting blocked if they try).
c) Every time games of high attention are played, all participants set their steam-friends to show offline before connecting to the server.
d) Mask the STV from showing the originating IP via “status”.

It’s truly sad it must be done this way, but it’s the only way.

You’re wrong, coming from css I know you’re wrong because the game was plagued with the attacks untill a few releases ago.

YOU ARE AWARE that when people go round saying omgofmgfogmf they ddos’d the server its very rarely an actual DDOS yeah? It’s just some shitty commands, script or whatever that fucks with the source engine.
You’re suggestions are WHEY WHEY WHEY OTT. Just get in touch with J3di and get a TF2 port of Zblock on the go. Seriously.

Why do I even bother… Fine, just because I’m such a nice and FRIENDLY guy! :D

The ACTUAL concept of DDOS is and has been a real “threat” to games, by packeting the gameservers themselves.

If you’d like to call crashing a server by executing a bunch of… say… common Q-Engine flaw, a bunch of (thousands) ‘ý’s on its port via some UDP packet(s) a DDOS-attack, that’s just plain wrong.

If you’d say it was a Denial Of Service attack, sure — but both issues are a huge problem for any high-profile service and are dealt with differently.

also just figure out from the server logs if it actually was some source engine abusing or a real ddos. Abusing can be patched and whatever but DDOS can only be “stopped” with completely hiding the server where the game is played.

the packets coming to the “firewall” block the connection anyway. whitelisting doesn’t help

you guys need to understand the mechanics of ddos :p

it’s not too hard to gather a botnet in a couple of hours, so everyone with minimal knowledge of these technologies can ddos any serv. it’s way more easier than some of you think