1. SA-MP Forums Archive
  2. SA-MP Server
  3. Server Support

Threaded Mode
Do you know this attack
Oriovo
Little Clucker
**
Posts: 4
Threads: 1
Joined: Feb 2017
Reputation: 0
#1

19.05.2020, 14:54
Hi.

Do you know of an attack where you freeze the entire traffic of the machine for a few seconds-minutes?

I am using an authentication system for my users, so I suppose that the attack does not fully enter, the maximum attack I have received is 500MiB / s, however, the machine where the server is does not completely fall, simply the traffic freezes during a time frame.

I try to analyze the traffic during the attack but I can't detect anything strange, I can't see udp flood, attack tcp, etc.

The tcp traffic is theoretically only allowed if it comes from my ip address or from the ip of the authenticator page.

Have they received an attack that happens to you the same?

Thanks
Find
Reply
Oriovo
Little Clucker
**
Posts: 4
Threads: 1
Joined: Feb 2017
Reputation: 0
#2

19.05.2020, 15:34
After a while the attack starts the server restarts, I imagine this happens because the VPS traffic freezes, that is, it stops receiving traffic.
There is no lag on the SA-MP server during the attack.

If at the moment the server restarts I am connected with SSH, it is also disconnected.

After a few minutes the VPS responds again.
Find
Reply
Oriovo
Little Clucker
**
Posts: 4
Threads: 1
Joined: Feb 2017
Reputation: 0
#3

19.05.2020, 15:50
The SA-MP server logs show nothing, and my provider's firewall only shows me the strength of the attack which has reached 500MiB/s at its highest point, now the server restarts with just 50MiB / s or less.

EDIT:
In some posts from a few years ago I see that there were certain people who suffered from a very similar problem:
1) https://sampforum.blast.hk/showthread.php?tid=652973
Only he does not disconnect SSH, but I do.
Find
Reply
InglewoodRoleplay
Big Clucker
***
Posts: 67
Threads: 2
Joined: Oct 2013
Reputation: 0
#4

19.05.2020, 16:07
Not much you can do about this, probably a bunch of script kiddies running a booter, best bet is placing the game-server behind some provider with actual DDoS protection such as OVH or Limestone Networks. Kimsufi which is a tier off OVH also has affordable VPS's. Other than that you can try an OVH reseller, which may or may not be more expensive since they need to make profit. There's also the option of putting your VPS behind some sort of GRE tunnel, there are a few providers around that offer this for an affordable price, only disadvantage is that client IPs may all be the same as their traffic is going through the tunnel and then to your server.
Find
Reply
« Next Oldest | Next Newest »


Forum Jump:


Users browsing this thread: 1 Guest(s)
  1. SA-MP Forums Archive
  2. SA-MP Server
  3. Server Support