Jump to content

Attacks on 0ad (suspected DoS/DDoS)


Recommended Posts

48 minutes ago, sil-vous-plait said:

unplayable tonight, around 6-8 games ruined by DDOS in a row over the course of an hour or so, we all finally just left for good

edit: several of these were in locked games

It's possible he had you ips from before... Nothing in the logs?

Link to post
Share on other sites
22 hours ago, Stan` said:

It's possible he had you ips from before... Nothing in the logs?

searched for "Xmpp" and didn't see anything, also unsure what it would reveal anyways...it was definitely DDOS, as evidenced in depth by several others in various threads as of late

Link to post
Share on other sites
1 hour ago, sil-vous-plait said:

searched for "Xmpp" and didn't see anything, also unsure what it would reveal anyways...it was definitely DDOS, as evidenced in depth by several others in various threads as of late

The logs give you the IPs. Since A24 the attacker cannot obtain your IP without joining your game. Only if he had it before can he attack you. But he need some way to know you're online.

Link to post
Share on other sites
17 hours ago, Stan` said:

The logs give you the IPs. Since A24 the attacker cannot obtain your IP without joining your game. Only if he had it before can he attack you. But he need some way to know you're online.

I see what you mean: understood. I agree with what you're saying, too, I haven't hosted a game in a long time, nor have I played with anyone unknown to me (aka not a DDOSer, as far as I can tell), so I think from one of those instances months ago when I used to host someone wrote down my IP and is now using it.

A DDOSer attacking my IP directly wouldn't appear in the mainlog, though, right?

Link to post
Share on other sites
6 hours ago, sil-vous-plait said:

A DDOSer attacking my IP directly wouldn't appear in the mainlog, though, right?

Indeed not. The idea was if you came with a brand new IP and it happened again the attacker would have had to somehow join you game at some point and that would be in the mainlog.html

Link to post
Share on other sites

I stopped playing 0ad for 2 months or so because of the ddos. I started playing again since release and the ddos still there..... My internet was suddenly gone for 3-5 minutes in 2 teamgames I played today. 

I think this @#$% isnt going to stop ever. Its so sad that such a nice game as 0ad with the A24 release(Yeah I like the new version) is unplayable because of the ddos.
 

 

 

  • Like 1
Link to post
Share on other sites
  • 3 weeks later...

I am experiencing the exact same issue as Tomba. Today 3 consecutive games of mine were attacked, the symptoms are players losing connection to the server and the lobby displays an I/O error. When I was hosting my entire home wifi was taken out; the router indicates no issues and good connection (all green lights) with much data flowing into my home. During the entire time my network infrastructure was fully functional, and my ISP has reported no shortage or formal wifi cut. Therefore it is very likely to be a deliberate attack using DOS method. 

Can the network forensics find the responsible characters and can the devs come up a way to prevent this? These attacks really ruin the experience.

Thanks

Link to post
Share on other sites
9 hours ago, Yekaterina said:

I am experiencing the exact same issue as Tomba. Today 3 consecutive games of mine were attacked, the symptoms are players losing connection to the server and the lobby displays an I/O error. When I was hosting my entire home wifi was taken out; the router indicates no issues and good connection (all green lights) with much data flowing into my home. During the entire time my network infrastructure was fully functional, and my ISP has reported no shortage or formal wifi cut. Therefore it is very likely to be a deliberate attack using DOS method. 

Can the network forensics find the responsible characters and can the devs come up a way to prevent this? These attacks really ruin the experience.

Thanks

If people are recording such an attack with e.g. wireshark and it's really 0ad that is getting DDOSed, we might be able to improve things by getting a look at the records. But if the attack is against your router or against your whole PC we can't do much against it. (A single car also can do nothing if someone jumps on the street and causes a traffic jam)

  • Like 1
Link to post
Share on other sites
7 hours ago, Yekaterina said:

What is wireshark?

A program that looks at network traffic at a very low level as in what is in each packet that is send or received exactly.

Enjoy the Choice :) 

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...