Hot Chills

General Category => Server => Topic started by: EvaldasHack on May 22, 2015, 00:59:19

Title: FORCE PORTS or Riot?
Post by: EvaldasHack on May 22, 2015, 00:59:19: Hey guys,
I have simple plan how to stop DoS and DDoS attacks in CS2D.
First we need to contact with other nice projects like FwS servers / GAY TOWN / and others.
We should spread in forums message, that we all need to FORCE PORTS on 36963.

Because attacks from "UDP Unicorn, LOIC, HOIC, Any other shitty GUI witch can launch DoS attack" Is sending packets with random source ports. Thats why we need to block every fucking port and leave only 36963 with simple commands:
Code: [Select]
#First we whitelist our selfs, becaus we dont want to block our vps server sudo iptables -A INPUT --source YOUR_IP -j ACCEPT sudo iptables -P INPUT DROP sudo iptables -A INPUT -p udp --sport 36963 -j ACCEPT sudo iptables -A INPUT -p udp --sport 36963 -m length --length 1200:65535 -j DROP sudo iptables -A INPUT -p udp --sport 36963 -m length --length 28 -j DROP sudo iptables -A INPUT -p udp --sport 36963 -m length --length 1024 -j DROPSame shit with DDoS just attacks are launched from web. As power source they using Voxality servers, because they allow spoofing.

WAITING FOR OPINIONS.
Title: Re: FORCE PORTS or Riot?
Post by: Nighthawk on May 22, 2015, 01:50:26: Fws (and other) Servers are portforwarded as well so it can't be just that one port running.
Connections for the servers(VPS, not cs2d) are made on other ports as well. Incase anyone is running something else, those ports will be blocked as well.
Other than that, I doubt anyone will bear to follow this because blocking every port except for 1 is a really bad idea. O.o
Title: Re: FORCE PORTS or Riot?
Post by: EvaldasHack on May 22, 2015, 09:55:08: Hahaha, you dont understand me.
I want that players would be forced on ports 36963 (http://www.part.lt/img/24f34ed58cbf2fad532edb7c5fd8df55127.png), not servers.
Or make player port (http://www.part.lt/img/24f34ed58cbf2fad532edb7c5fd8df55127.png) range from 36963 to 37000.
Title: Re: FORCE PORTS or Riot?
Post by: Bounty Hunter on May 23, 2015, 11:48:10: Quote from: EvaldasHack on May 22, 2015, 09:55:08
Hahaha, you dont understand me.
I want that players would be forced on ports 36963 (http://www.part.lt/img/24f34ed58cbf2fad532edb7c5fd8df55127.png), not servers.
Or make player port (http://www.part.lt/img/24f34ed58cbf2fad532edb7c5fd8df55127.png) range from 36963 to 37000.

I think that's really clever suggestion.
Title: Re: FORCE PORTS or Riot?
Post by: EvaldasHack on May 23, 2015, 12:23:59: I thought about port range and made decision that port 36963 to 37000 is to big, so 36963 to 36970 would be even better, max clients from same ip would be 7 and no zbot attacks.
Also i made thread in fws forum (http://fwsserver.forumotions.net/t2794-stop-most-dos-ddos-attacks)
Title: Re: FORCE PORTS or Riot?
Post by: Nighthawk on May 23, 2015, 20:47:44: The only issue is that many players may not use this method or they may be completly newbies and may not know how to work with ports.
Title: Re: FORCE PORTS or Riot?
Post by: EvaldasHack on May 23, 2015, 23:25:57: Well default port is 36963 so they already have access to servers.
But to avoid more problems we need to create thread in USGN.de about this plan and ask DC to make port range in next update. But i can't do this alone, because DC knows who I'm, and he don't like to talk about DDoS thing.. First i collecting group of people who could post in the thread something like "I agree with Evaldas, If DC makes port range smaller we could stop Hackers" Maybe some will bypass this firewall, but thousand others will be stucked under wall.
We should first chat with other cs2d projects, to get more people into it.
Title: Re: FORCE PORTS or Riot?
Post by: Bounty Hunter on May 24, 2015, 18:52:32: Well, if you won't mind, I'll be next person in your group, cause i really agree with you.
Title: Re: FORCE PORTS or Riot?
Post by: EvaldasHack on May 24, 2015, 21:42:45: http://unrealsoftware.de/forum_posts.php?post=389341