vinme Posted July 2, 2022 Report Share Posted July 2, 2022 got ddosed 4x today, in a row, even got ddosed, b4 even starting a game, after planning to make an alt acc, and saying this in lobby(so as to avoid ddos, since his program, or he himself cant connect ip with in lobby, player). also read some stuff from lobby, about game crashing issue, prob ddos i assumed. 1 Quote Link to comment Share on other sites More sharing options...
Norse_Harold Posted July 2, 2022 Report Share Posted July 2, 2022 Interesting, thanks for the report about this. Can you provide more details to the devs that are useful for improving security and reliability of 0ad, please? For example, you could send screenshots of the conversation and players who were present in the lobby at the time of the ddos. 2 hours ago, vinme said: his program, or he himself cant connect ip with in lobby, player Not sure what you mean by this. Do you mean that the ddoser can't connect to the lobby? Or, do you mean that the ddoser can't make a correlation between lobby users and IP addresses of users? And, how do you know that this is the case? Quote Link to comment Share on other sites More sharing options...
vinme Posted July 3, 2022 Author Report Share Posted July 3, 2022 ofc i dont have screenshot. ddoser cant know u are online, even if he knows ur OGname and ip, as long as you use alt acc, becuase rn IP cant be read through lobby, one must join a game to read ip of ppl in that game, pretty sure this was in the a25 info i read when it came out, as a solution to ddos apparently. so as long as he wont join your new account, in a game should be safe. also as long as he cant just randomly ddos known ppl ips, see who disconnects, and identify alts based on that, but this shouldnt be reliable, and will require manual labor, not something a program could do reliably becuase its not clear cut when the ddos jams the connection, and when this causes the disconnect, som1 might just be leaving lobby coincidentally, even in this case, just making a new alt, should suffice if old one gets compromised. well if worse comes, we can host off lobby right? idk how it works but cant be hard. Quote Link to comment Share on other sites More sharing options...
Norse_Harold Posted July 3, 2022 Report Share Posted July 3, 2022 (edited) I experienced a loss of Internet connection 3 times within a 30 minute time span today, starting at about 3 July 2022 20:44 UTC. Though I did not confirm based on traffic rates, the other symptoms were consistent with past ddos episodes (the past ddos episodes I did confirm based on traffic rates), such as the total loss of connection, total restoration of connection, the timing of the outage, and the otherwise good reliability of my Internet connection recently. The first time was 15 minutes into a team game that I was hosting. Only skirmishes occurred up to that point, and both teams were still strong in the game in my opinion. The second ddos was during gathering of players for a game, and it only had about 4 out of 8 players. The third ddos was while I wasn't even connected to the lobby, perhaps trying to discover any alternative lobby account name that I might be using, as vinme suggested. Now I will make some guesses about the motive for the ddos. There was no alternative team game hosted when I reconnected to the lobby, although after I opened a new team game room, another team game room opened with title "TG OP" and two players, as follows. RICSAND1655 Aslan. Here is another attempt at thinking of a motive. Perhaps a player was not happy with how things were progressing in the game, especially a player who was in combat with PhilipTheSwaggerless. maxticatrix: 35 kills and 39 lossses hefesto: 9 kills and 9 deaths Here is the replay, in case a pattern can be observed in the timing of the ddos attack (when the replay ends). replay_of_game_ddosed.zip Another idea is that a person who connected might have been frustrated about not being able to play, since the game was full. Here is a list of other players who connected to the first game but did not play. deumeu Sequani It is also possible that someone who did not even connect to my game was responsible for the ddos, since I haven't changed my IP address for a while. That is why I am sharing screenshots of the players present in the lobby at the time of the ddos. Edited July 3, 2022 by Norse_Harold Quote Link to comment Share on other sites More sharing options...
Norse_Harold Posted July 3, 2022 Report Share Posted July 3, 2022 (edited) 21 hours ago, vinme said: ofc i dont have screenshot. @vinmeTake note of what I did when I was ddosed. You, and others, can do the same thing in the future, and we can compare notes to track down who is responsible. Edited July 3, 2022 by Norse_Harold Quote Link to comment Share on other sites More sharing options...
Norse_Harold Posted July 3, 2022 Report Share Posted July 3, 2022 (edited) @vinme Do you know any of the players listed above as potential suspects? If so, how do you know them? Do you talk to them outside the game? Can you vouch for any of them that they would be unlikely to initiate or request a ddos? Let's work together to solve this problem. Edited July 3, 2022 by Norse_Harold Quote Link to comment Share on other sites More sharing options...
Darkcity Posted July 4, 2022 Report Share Posted July 4, 2022 You can do few things till Devs are busy with other tasks. Don't allow late specs. If you don't want your game to ddosed then allow the people whom you can trust to spec and kick rest of them. If still getting ddosed then keep a suspect list and don't allow them next time forward. Or Don't allow spec at all if you want. Still getting ddosed then you know whom to blame :p. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.