Re: Connection flood -
adri[4]Life - 27.08.2017
Quote:
Originally Posted by PrettyDiamond
I am really sad because someone just comes and takes me and my friends our fun! For no reason? I suggest the attackers please attack the whole 400 servers not only the Hosted Tabed servers, maybe everyone here in Team move their ass in our direction and help us out of this! So sad...so sad...really sad...im really really sad...really!!!
|
If you mean all the 3800 servers then you're mistaken, he can't get their IP
Re: Connection flood -
Dignity - 27.08.2017
Quote:
Originally Posted by Kaperstone
What is the point of this?
If he can get the ip address (a list of it, which isn't even an issue, you have an entire open source list for it), what is the problem here in switching one or two numbers?
Switching ports, nevertheless, causes a lose in players, who don't stay tuned on the forum and suddenly their favorite server appears to be offline.
The lose will be greater than living with the attack.
|
The point of this is that it only floods port 7777 (or the ports that they are aware of). I changed my port once the attacks started happening and I've been fine ever since.
iLearner did the same as well. I directed all my players to the new port and my playerbase didn't diminish at all.
Re: Connection flood -
RDM - 27.08.2017
Quote:
Originally Posted by Dignity
The point of this is that it only floods port 7777 (or the ports that they are aware of). I changed my port once the attacks started happening and I've been fine ever since.
iLearner did the same as well. I directed all my players to the new port and my playerbase didn't diminish at all.
|
This resolves provisionally!
They can recapture traffic and modify the script for their new port!
Re: Connection flood -
Ubi - 27.08.2017
We're experiencing attack to different ports (7750, 7714, 7767 etc.), so it's not the solution.
Re: Connection flood -
Whale - 27.08.2017
I think this has been long enough and SA-MP developers need to look into this now. And please don't tell people that this is not their problem. because this is not a common type of DDOS attack sa-mp as a whole is targeted even the DDOS protected Servers are affected by this. We have tried our best to prevent this by firewall , contacting host and everything we could do. but this is now obvious we by ourselves can't do anything about this unless you people plan to patch it by limiting Queries or whatever you can do about it.We are getting hopeless here.
Re: Connection flood -
RDM - 27.08.2017
Quote:
Originally Posted by Ubi
Well. I've written simple plugin to disable internal query limit: http://ubi.livs.pl/samp/samp_prot_ver1.zip
Please read README before use. The "rules" and "players" part of server browser is still limited due to security factors.
Installation? Just put the file in the "plugins" directory and add it to your config file. Send any feedback in this topic. For now it's only for linux.
|
Very good ! create new topic for you plugin in :
http://forum.sa-mp.com/forumdisplay.php?f=18
Re: Connection flood -
Paulice - 28.08.2017
Quote:
Originally Posted by RDM
|
First test it brah...
Re: Connection flood -
TheusCrazzy - 28.08.2017
My server actually is under attack, but my hosting provider blocked the attack. I'm on hosted-tab as well, and my server query are with a great response time.
HostName: Brasil Play Start | #HeavyHost
Address: 198.50.206.176:7777
Players: 145 / 200
Ping: 151
Mode: RPG | Brasil v3.7-2
Language: PT-BR | Brasil
Re: Connection flood -
rt-2 - 28.08.2017
Quote:
Originally Posted by Kaperstone
I tracked them up before it, all of them are different telecommuncation companies.
You'll need to report the ip's to tens of companies, if not a hundred of different companies to achieve what you intend.
Yet, it won't help.
|
Well it seems like zombies. I understand there must be different companies, as I said, it can only help a bit.
Quote:
Originally Posted by Ubi
Well. I've written simple plugin to disable internal query limit: http://ubi.livs.pl/samp/samp_prot_ver1.zip
Please read README before use. The "rules" and "players" part of server browser is still limited due to security factors.
Installation? Just put the file in the "plugins" directory and add it to your config file. Send any feedback in this topic. For now it's only for linux.
|
Thank you, I'm on windows. I might be able to produce a windows version if I see the source.
Re: Connection flood -
denNorske - 28.08.2017
Quote:
Originally Posted by Ubi
Well. I've written simple plugin to disable internal query limit: http://ubi.livs.pl/samp/samp_prot_ver1.zip
Please read README before use. The "rules" and "players" part of server browser is still limited due to security factors.
Installation? Just put the file in the "plugins" directory and add it to your config file. Send any feedback in this topic. For now it's only for linux.
|
This works for all 3 servers on my host, good job. Querying works again.
Re: Connection flood -
Shaheen - 28.08.2017
Quote:
Originally Posted by Ubi
Well. I've written simple plugin to disable internal query limit: http://ubi.livs.pl/samp/samp_prot_ver1.zip
Please read README before use. The "rules" and "players" part of server browser is still limited due to security factors.
Installation? Just put the file in the "plugins" directory and add it to your config file. Send any feedback in this topic. For now it's only for linux.
|
Reputed
Well done and keep up the good job.
Re: Connection flood -
Sgt.TheDarkness - 28.08.2017
Quote:
Originally Posted by denNorske
This works for all 3 servers on my host, good job. Querying works again.
|
Could you pretty please provide the source code to this plugin? I would like to compile it for myself.
On the other hand, it does work extremely well, great job.
Re: Connection flood -
iLearner - 28.08.2017
I wouldn't use the plugin if no source is posted
Re: Connection flood -
Ubi - 28.08.2017
I was thinking about releasing source code, but it's too dangerous. This plugin should be used WITH MIND.. The internal limit is originally placed for some reasons and removing it opens new holes (partially described in README). I made some restrictions in way this plugin works and this is second reason why I don't want to release source. I'm not going to open big hole on most samp servers using it. That's why this plugin won't be posted under "Plugin development" (source required etc.). I'm not forcing anyone to use it (I understand the risk of running unknown binary from unknown source), but I left it compiled without any obfuscation/encryption. If you're familiar with reverse engineering, it should be easy to check that small piece of code or just write you own (but please keep in mind what I said before).
Windows version coming soon. I've just downloaded server package
Re: Connection flood -
Whale - 28.08.2017
Quote:
Originally Posted by Ubi
Well. I've written simple plugin to disable internal query limit: http://ubi.livs.pl/samp/samp_prot_ver1.zip
Please read README before use. The "rules" and "players" part of server browser is still limited due to security factors.
Installation? Just put the file in the "plugins" directory and add it to your config file. Send any feedback in this topic. For now it's only for linux.
|
Seems to work.
Re: Connection flood -
silenthill - 28.08.2017
In the midst of this lack of information, there should be a topic here in the forum for a team to post information and have more open communication with SAMP users. The topic would be blocked only for beta testing and publishing and keeping us updated. Example: 'Progress and Situation of Samp'. This would avoid many topics on the same issue and unnecessary discourse.
Respuesta: Connection flood -
adri1 - 28.08.2017
Recopilation (i am not the author of those scripts)
https://pastebin.com/raw/gWUq8hg1
https://pastebin.com/raw/jsp610qg
https://github.com/SergiooES/sv-spoof-protection
http://ubi.livs.pl/samp/samp_prot_ver1.zip
https://github.com/Edresson/SAMP-Fir...er/Firewall.sh
Re: Connection flood -
Crystallize - 28.08.2017
Quote:
Originally Posted by iLearner
I wouldn't use the plugin if no source is posted
|
Me neither
Re: Connection flood -
Battlezone - 28.08.2017
Quote:
Originally Posted by Ubi
I was thinking about releasing source code, but it's too dangerous. This plugin should be used WITH MIND.. The internal limit is originally placed for some reasons and removing it opens new holes (partially described in README). I made some restrictions in way this plugin works and this is second reason why I don't want to release source. I'm not going to open big hole on most samp servers using it. That's why this plugin won't be posted under "Plugin development" (source required etc.). I'm not forcing anyone to use it (I understand the risk of running unknown binary from unknown source), but I left it compiled without any obfuscation/encryption. If you're familiar with reverse engineering, it should be easy to check that small piece of code or just write you own (but please keep in mind what I said before).
Windows version coming soon. I've just downloaded server package
|
Could you at least hand the source code to a beta tester from the team so that he can check it and compile it at least for us?
Re: Connection flood -
Ghazal - 28.08.2017
I've witnessed another attack from a guy who joined my server, said that it will be closed and advertised his own spanish server.
After fire walling his ip and his server ip, his attack stopped. This might have nothing to do with the thread, but firewall the ips just in case.
81.40.48.119
142.44.134.4