Help ddos My Server NFO - Printable Version

+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Server (https://sampforum.blast.hk/forumdisplay.php?fid=6)
+--- Forum: Server Support (https://sampforum.blast.hk/forumdisplay.php?fid=19)
+--- Thread: Help ddos My Server NFO (/showthread.php?tid=548711)

---

Help ddos My Server NFO - JessyChaos - 01.12.2014

Can anyone help me how to configure my firewall

my vps is hosted at: https://www.nfoservers.com

I am getting ddos attacks as you can see:

http://prntscr.com/5c7dfs

I need someone to help me configure the firewall nfo
PHOTO Firewall: http://prntscr.com/5c7doy

---

Re: Help ddos My Server NFO - Vince - 01.12.2014

Instead of selectively blocking traffic like a blacklist, selectively allow traffic like a whitelist. You only need to allow UDP packets on port 7777. Drop everything else. Assuming that localhost and SSH traffic is allowed by default, you only need two rules:

Rule #1: Allow UDP traffic on port 7777
Rule #2: Drop any traffic on any port

---

Respuesta: Help ddos My Server NFO - JessyChaos - 01.12.2014

as I can block all traffic?

---

Re: Help ddos My Server NFO - Khanz - 01.12.2014

Why don't you ask your host?

---

Re: Help ddos My Server NFO - mati233 - 01.12.2014

For my experience, a couple of firewall rules won't solve it, unless it's a very small attack.
Most likely, what will happen is the vps will end shutting down due to overload of resources checking all the packets coming in...
The best to do is move to a provider that offers you ddos protection by default. In most cases this is too expensive or doesn't work well for gameservers because they use the UDP protocol which is harder to block.
I'm not sure of the market offers right now, but I would try some game provider like verygames, or maybe OVH, which claims to have a great anti ddos system, but I haven't tested it yet.

Good luck with that bro

---

Respuesta: Help ddos My Server NFO - JessyChaos - 01.12.2014

firewall ovh is good, but the one is not better

---

Re: Help ddos My Server NFO - SimplyFragHosting - 02.12.2014

I think a dedi is out of his budged based on him running what will most probably a 1-2gb ram VPS which would be a similar price to a rented server opposed to a dedicated server.

---

Re: Help ddos My Server NFO - Mauzen - 02.12.2014

SA-MP traffic is not just on port 7777. Clients get an unique port assigned on connection, you cant efficiently connect multiple remote clients to the same port (without further effort). So if im not completely wrong, blocking everything but the server port would mean players can still query the server, and attempt to connect to it, but they couldnt ever join the server.
The server doesnt listen on ports that werent sent to a player anyways, so just blocking everything wont change a thing, the dDOS just needs to target a port that isnt blocked, they usually dont target any ports except the server port (7777) anyways afaik.

What youll need is a connection limiter script (bash) that automatically reacts to excessive traffic from a single client, and drops its packets then. This will reduce the effect of a dDOS, as the attack just spams the connection then, but does not block the server, as the packets never reach it. Depending on the server's performance and the connection speed this can completely nullify the effects of a common small-scale dDOS.

---

Re: Help ddos My Server NFO - Abagail - 02.12.2014

NFO has good DDOSS protection, this shouldn't be an issue. They also have very fast(yes imo, they respond within 1-2 minutes no matter the time), so I'm pretty it could be fixed and sorted within minutes if you submit a help ticket. Otherwise, you can try messing around with the firewall as Vince stated a few posts above.

They do try to stop attacks though, but rules should help aswell. You can contact them for more information regarding attack protection. And the title sounds like you want someone to ddoss your server, I'd suggest changing it before more attacks come...(just joking ;p)

---

Re: Help ddos My Server NFO - MD5 - 02.12.2014

You're better off with a VPS from OVH. They have vacuum which notifys you if there's a strange delay or over sent packets.

---

Respuesta: Help ddos My Server NFO - JessyChaos - 02.12.2014

Avoid any script ddos?

---

Re: Help ddos My Server NFO - Mark_Weston - 02.12.2014

Holy shit you're overpaying. But you can't really "stop" a DDoS attack.

---

Re: Help ddos My Server NFO - Aldo. - 02.12.2014

Which NFO location are you using?

---

Re: Help ddos My Server NFO - rymax99 - 02.12.2014

Considering it's XEN virtualization, dedicated resources, on under-loaded hardware, backed by a SLA, and hosted in an Internap DC, I don't think he's overpaying.

---

Respuesta: Help ddos My Server NFO - JessyChaos - 02.12.2014

Which NFO location are you using?
Atlanta

---

Respuesta: Help ddos My Server NFO - jotajeda - 02.12.2014

http://www.geoiptool.com/es/?ip=162.248.89.185

---

Re: Respuesta: Help ddos My Server NFO - Aldo. - 03.12.2014

Ask NFO what's the size of the attacks.

---

Re: Help ddos My Server NFO - Vince - 03.12.2014

Well, this model (albeit slightly modified) is currently in place on my VPS and it works fine. These are the iptables rules:

---

Respuesta: Help ddos My Server NFO - JessyChaos - 03.12.2014

as I can add these iptables?

---

Re: Help ddos My Server NFO - Khanz - 03.12.2014

Yes, but you should contact your host before doing anything!

---