pulli23

Logging gives very little information that is useful: the ip ranges won't be from the attacker, instead - for ddos at least - it's just a list of infected people. The attacker never really connects to you, they'll be sitting high and dry and let infected hosts attack you.

So it is decided this game removes all arcadeness and goes for "realism" instead of "ability to play a game"? That's sad, I'd like to see more into individual units and where each unit has special abilities that are relevant to the battle. With only 20-30 units in total and you feel each loss dearly. Instead of a group of units and making "big fake numbers".

You would use a CDN (such as cloudfare) to make the site available from several points on the internet - thus using the underlying T1 internet infrastructure to mitigate this problem. This would mean that only nation-wide ddos attacks would be succesful, as anything less just means an increase in ping (of the lobby). A cdn also includes often processes to notice attacks, and then mitigate it by temporary banning ips higher upstream. As a private person, getting a cdn is.. Non trivial, it's both not cheap, as well as hard to get. A cdn often needs a verification of ownership of hte IP address, so you would need to find someone who trusts you enough even though the owner is an ISP and the ISP might change at will. What would happen is that you have a central server everyone knows - but that is protected and identity is guaranteed by something like cloudfare. All communication in the lobby happens through the main server, so no one can see each other. Writing such a lobby shouldn't be too much of a task, a simple built in browser and some javascript I have made similar applications and that would take me like 2-3 months fulltime. Then upon agreeing to a game, your lobby process would either disconnect (or not not really relevant). And the people who agree to start a server a server are given the host's ip address, while the host is (because the players connect to him) the players address. And they have a "private" game that is hidden from the lobby. This part, I have no idea how long it would take to implement I've not looked into 0ad code nor am I versed enough with c++ to say anything. (Been 10+ years since I touched c++) That way for an attacker to actually do a ddos on a game, he's have to join the game (either as spectator or player). This makes it much harder to automate, as well as give a layer where we can "find" the ddos. If you would still get ddos one of the players must be the attacker - or be infected by a worm from the the attacker or something. This could then be reported back to the lobby host who can analyze the data and find the actual attackers. Similarly other defense mechanism could be added, like adding newest recaptcha to the lobby site to enable the power of google to find automated bots. Making a dedicated lobby is the *only* step towards a solution that can be taken. (Further steps are playing the whole game on the server and not having p2p gaming at all - like modern games do).

Well when I take some ground I typically get attacked by multiple ais at once and just get overwhelmed. While if I stay in my own little corner I can easily pick the opponents one by one.

I think this role is given to "heroes".

Well I wonder constantly, given the always lots of metal and stone in the base: is fighting over resources worth it? I find that the moment I expand beyond my initial base I get "rushed" by several ais, and it's much easier to bunker down and depend on that lone ai to trade with. And then break out with rams quite late when town centers are no longer expensive at all.

Hello I just started the game and I am thinking of (sometime) going to play multiplayer. However I wonder: how does multiplayer interact with mods? Especially something like "autociv" that seems to be constantly recommended, can I use that and the features from that mod in multiplayer?

How should I read such a guide? I read multiple times #5v -> does that mean you "make 5 new ones"?