Jump to content

Are you aware of the scale of DoS attacks?


Recommended Posts

25 minutes ago, pulli23 said:

Logging gives very little information that is useful: the ip ranges won't be from the attacker, instead - for ddos at least - it's just a list of infected people. The attacker never really connects to you, they'll be sitting high and dry and let infected hosts attack you.

This.  

Logging the information is likely useless.

The only way to catch this person and/or at least to be able to narrow it down to who it is is by changing how hosting works.  From my understanding there is already some stuff being made by someone.

Link to comment
Share on other sites

In a different thread I mentioned that there are different types of attacks on 0ad (see here, see below).  I think I've found something weird that may be another attack but will test more and see if it continues to happen in games starting today (new IP, hasn't happened yet).

  • You have a compromised IP and the attacker attacks port 20595 to be stealthy.  This causes you from disconnecting not from the "internet" or the "multiplayer lobby" but only a "game lobby" and "in-game."  I've been unable to see excessive traffic during these "attacks" (weird ... ).  However, this has only happened while (1) waiting for/playing a  0ad game (port-specific) and (2) there is no real reason why it should be happening (port forwarding is done correctly) and (3) the issue has been alleviated by changing my public IP (so far).
    • Note:  I have not hosted any games.  If this is related to the DDOS then it's likely the DDOS person is an active player and I joined their host sometime since resetting my IP.

 

On 27/11/2020 at 6:48 PM, Dizaka said:
  • Small attacks to make you lag so that host boots/kicks you.   Maybe you're annoying enough to them.
  • Larger attacks to make your connection seem unstable.  You can drop from game.  You could be pushing the right buttons.
  • Even large attacks if you anger particular players.  You likely will drop from game and/or unable to access internet for 2-5 mins.  At this point DDoSr is emotionally invested.
  • Largest attack has been about a 25-35 min disconnection from the internet on commercial-grade equipment using a 200mbit connection.  Probably because the DDoS'er has no emotional self control.
  • Attacks on host to disconnect everyone.  Maybe because they wanted to get in on a game but don't want to wait for one to end?
  • Random night attacks.  My guess whoever does this has a script running through IPs at night to agitate other players with blind shots.  This could be just to deflect attention from them and onto players for "having bad internet connections."  Interestingly, there's a limited number of players in lobby mocking others for "crappy internet."

 

Edited by Dizaka
Link to comment
Share on other sites

probably unrelated, but i was looking a few times at the progress in trac in the last weeks and often get a 503 error, saying that the service is unavailable due to capacity problems.

Is this normal for trac or is there just that much traffic going on? / or is it just my problem?

Edited by maroder
Link to comment
Share on other sites

Hi,
it is not just your problem and it is not also normal. I dont know what is happening, but it happens more often these days.
Just wait a bit and reload the page again. We have similar issue with phabricator sometimes when there are "many" people doing requests to it, so it could be trafic, but cant say for sure.

  • Like 1
Link to comment
Share on other sites

  • 2 months later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...