"DDOS"?

[Emperior]

Hi everyone,

Like some of you know that I used too be hosting most of the games every single time before I had huge break from 0ad. Today, I have joined several times Lodbrog hosting as I never had issues joining his or even hosting myself.

Each time lodbrog hosting had full list of players, drop. Again, drop and drop. 3-4 times like that. Every person in the host had "losing connection". So I decided to host as I had no issues with connection (strenght of the connection: excellent) .

Ofcourse once all joined i lost connection. That isn't issue with my or lodbrog broadband's. Magically fpre comes with his host no-one has any lags, no issues with the connection. Issues with connection to anything has stopped. (my broadband was still working while ddos was going on just really bad connection to people or disorc. Everything else was working perfectly)

 

Before someone claims: "it's just issues with broadband or it was one time ". I suggest too block checking someones IP even for some "dev's" like or especially fpre.

 

[Stan`]

I believe @ffm has a fix for the network lag maybe he even recompiled the game with some more fixes.

Due to the netclient not being threaded if there is too much timeout it might freeze the game and cause disconnection. @elexis has a patch for this.

[Stan`]

To be pedantic it cannot be a DDoS (distributed denial of service) if there is only one computer doing the deed.

It would be nice to have actual proof someone is trying to cause denial of service. Do you have any logs on your router to support your claim ? I'm not saying you are lying, but not much can be done without proof unfortunately.

[Guest]

Related to this thread, I believe it still is possible to DoS the entire lobby in a non-coventional way. (can be done with a dial up connection probably).

Although, I do recall a discussion taking place. But I am pretty sure no fix was commited.

[Stan`]

1 hour ago, go2die said:

Stan is your router logging by default traffic? Sure not, so answer is obvious. 

Indeed it is not.

1 hour ago, go2die said:

He used that attack against more people (most likely only hosters - because he could obtain ip address from them)

I'm not lying at all ant this is true story. Take it or let it be. If it happens to you it will be the moment you will open your eyes  

Anyway we know for sure :

Nick, language he spoken, whom he was "talking to in lobby", and finally what happened those people - disconnected

whatever it was it looked like DDoS attack or just concidence and my broadband provider switch off cable for maintenance (if it happens more people form different location then most likely other scenario....) 

Since you seem to have information on that person, maybe @user1 @Hannibal_Barca may do something. Would be nice to know if his IP was used to create a DoS on your router. Maybe he didn't use a VPN.

2 hours ago, (-_-) said:

Although, I do recall a discussion taking place. But I am pretty sure no fix was commited.

Any fix of the sort on the actual lobby @user1, @Dunedan ?

[Guest]

It’s the game. Not the xmpp server. Try pinging elexis. If he did no do such a thing, no one did such a thing.

[thankforpie]

8 minutes ago, go2die said:

It could be difficult to block DDoS attack see https://mum.mikrotik.com/presentations/US17/presentation_4304_1496050983.pdf anyway it could be easy to block access to that attacker to 0ad  when we know his nick.

 

> imagine thinking someone capable of doing succesful ddos is not ingenious enough to download free/paid vpn to avoid ip block

 

btw, DDOS is illegal, so he shouldnt at all show his real IP

Edited May 26, 2019 by thankforpie

[Stan`]

9 hours ago, (-_-) said:

It’s the game. Not the xmpp server. Try pinging elexis. If he did no do such a thing, no one did such a thing.

Well you said the entire lobby so I assumed it was the XMPP server

Okay. @elexis

8 hours ago, go2die said:

It is easy to determinate if used IP address was some VPN service.... or is Turkish located...

Yeah which is why the moderators need to identify them.

[Guest]

The entire lobby implying one person can make the lobby unusable for everyone.

[elexis]

DDOS attacks typically work on the transport layer, not the application layer. We had this before (https://en.wikipedia.org/wiki/Simple_Service_Discovery_Protocol#DDoS_attack).

Edit: One can make them for applications too, but why go to that length if the attacker can use prewritten scripts. Secondly the attacker needs to find many vulnerable machines running that to perform the DDOS attack, consumer-end routers are most available, but can't really perform enet/pyrogenesis connection attempts and xmpp doesn't sound widely supported by routers and probably not exposed to significant DDOS leverage)

Edited May 27, 2019 by elexis

[Guest]

A denial of service need not be accomplished by a flood of requests. There are other methods too.

Crashing the lobby bots is by all means, a denial of service attack. Just mentioning examples, it might be impossible to do that.

Edited May 27, 2019 by Guest

[mralex]

Related topics

"DDOS"?
By @Emperior, May 26, 2019 in Help & Feedback

Strange disconnection issue. [PLEASE UPLOAD REPLAYS]
By @user1, June 11, 2020 in Help & Feedback

When playing 0ad whole network disconnects. Network otherwise stable.
By @Dizaka, September 2, 2020 in Gameplay Discussion

Nedris (currently 1422) will DDOS without you pissing him off directly
By @JohnDoe2, October 13, 2020 in General Discussion

Attacks on 0ad (suspected DoS/DDoS)
By @BoredRusher, November 26, 2020 in Bug reports

Are you aware of the scale of DoS attacks?
By @badosu, December 6, 2020 in Game Development & Technical Discussion

[Dakara]

up