[Ballu Miaa]

Dear Members,

Nowadays i see almost every server getting DDos'd. All i hear afterwards its just there is nothing we can do about it. Even after spending hundred of dollars , it wont work when they are heavy attacks. NG-RP itself is closed half of the times as it is being attacked by some DDose'rs. So just for my knowledge ,wisdom and for fuck sake of Anti DDos, i wanted to ask some questions from all the members.

Questions i have within my mind are as follows

• I wanted to know is how actually do these attacks work?
• Is the attacker , a Programmer or a Noob with a software?
• Are there any multi-attacks also done?
• What all we can do about these Ddos attacks?
• I know some well known communities who are always up and i never sew them getting attacked or something. CrazyBob's , LS-RP , GamerX?
• Websites can be attacked too right? Any connection can be?

If you can answer any of my question please dont hesitate to reply. Help will be greatly appreciated.

Regards
Ballu Miaa

[Samp_India]

In some countries its considered as a crime but in some not so.

Like

Quote:

In the Police and Justice Act 2006, the United Kingdom specifically outlawed denial-of-service attacks and set a maximum penalty of 10 years in prison. In the US, there can be a serious federal crime under the Computer Fraud and Abuse Act with penalties that include years of imprisonment. Many other countries have similar laws. The US situation is under court ruling with a case in California.

[Black Wolf]

Quote:

Originally Posted by Samp_India In some countries its considered as a crime but in some not so. eg

Its a crime in the whole world.Attacker is a programmer or the one's who has full knowledge about ddosing etc shits.What we can do is stop our machines.Some companies say that they forward there attacks to different nodes i dont know if they really can do i mean something like that can be really be done or what.

[Samp_India]

Well i believe we(who have posted above me + including me) are from India.

There is a thing called Cyber Crime Investigation Cell in India . if you get attacked by someone just report to them with some proof and they will take care of it.

Their website : http://cybercellmumbai.gov.in/html/c...ce-attack.html

[RajatPawar]

Isn't there Anti-DDOS protection? But it's very expensive, so I heard!

[Riddy]

Botnets are usually a smart way to DDoS someone.
A botnet:

Quote:

A network of private computers infected with malicious software and controlled as a group without the owners' knowledge, e.g., to send spam.

If you really want to stop these DDoSes, you need to spend over $1000 usually, this is just my understanding that a DDoS Protector basically transfers the hugh amount of data to a several different servers so instead of the current server crashing, these server just bounce around the data.

[papagei9]

The last attacks I noticed were always DNS-Floodings. So the attacker sends many spoofed requests to global dns-servers (the really big and important ones). Then they answer to the spoofed IP, the SAMP-Server's IP. A huge amount of UDP-Traffic is coming like a wave towards your server. In my experience, the amount of traffic is usually betwenn 100 and 500 mbits. If your server has a minimum bandwidth of 1 Gbits, it won't impact the other connections. But if the packet amount is too damn high, the network card can't handle it anymore. After that, there will be a big connection lost.

The only thing you can do is invest in professional anti-ddos hardware, that can filter the incoming packets. And you need a huge bandwidth.

[Mr.Anonymous]

Quote:

Originally Posted by Ballu Miaa I wanted to know is how actually do these attacks work?

Most probably by flooding the target's network.

Quote:

Originally Posted by Ballu Miaa Is the attacker , a Programmer or a Noob with a software?

Can be both. Even newbie's can now download some DDoS'ing tools and start messing up.

Quote:

Originally Posted by Ballu Miaa Are there any multi-attacks also done?

Yeah. The more attackers, the more downtime.

Quote:

Originally Posted by Ballu Miaa What all we can do about these Ddos attacks?

Better search online.

Quote:

Originally Posted by Ballu Miaa I know some well known communities who are always up and i never sew them getting attacked or something. CrazyBob's , LS-RP , GamerX?

...

Quote:

Originally Posted by Ballu Miaa Websites can be attacked too right? Any connection can be?

Yeah. Some servers are connected with their websites.

[int3s0]

As far as I remember GamerX was getting hit with DDOS attacks very often.

[MyNinja]

GamerX has this feature in their DDoS protection called server mitigation. When someone begins a DDoS, the fire-wall detects it, and automatically moves the server to a backup server, where the IP is still the same. The DDoSer won't know that even he is attacking, no harm is coming to the server. The firewall protects until the DDoSer stops his actions, his mind confused when he sees the server still active with its players.

I don't know about LS-RP, but I think DDoS is rare or it just bounces or reflects off, and the connection is secure, and I think that's why DDoSes are not coming to LS-RP

[ColorHost-Kevin]

Most of what ive seen is people who buy those cheap booting websites to take off servers. Anyone can do it nowadays sadly.

Only way to stop it is to invest into hardware that can handle the attacks.

[TheChimpJr]

Note: NO need to spend $100's of bucks on a host/firewall..

I also got ddosed alot, than I came across nfoservers.com, good dude I can't explain how good they are. You have a firewall protection on your panel, so when heavy packets come In you can block them. Also block port UDP 80 and TCP 80, that will stop 90% attacks, people use PORT: 80 to ddos the most. If you want more information let me know, the prices start has low has $50.00/month, and they have 10gb up port.

Up Time Report:

Last Year ( Another DataCenter: 35% )
Now ( NFO SERVERS : 97% )

FAQ:

This Isn't a ddos firewall protection site?
A: No no but you can customize your firewall to block certain ports and etc.. Also you can move/upgrade/downgrade at any time and takes only ( 5mins )

How much GB did you get attacked?
A: I was attacked with 10gb+ sometimes 1tb, but now its all done...

Can I ddos other people with this?
A: NO NO why should you? If you are just don't... They scan your OS every week, so I wouldn't be you. My friend did it and got blocked from the company + fire walled.

Will they take action?
A: Yes If you can't stop it after they gave you the firewall panel, than they will do it for you, and If you make a ticket response time Is under 15mins.


Firewall ( NOTE: There Is more options/rules, due to some IP's being blocked I will not release those IP'S )



PS: They have a 48hr trial, If you wanna check if it's worth it.


Hope I helped In something, if you still want full information on this, please PM me, or check ****** on the reviews of the datacenter.

[Gandalf]

The best way to fight is to take down the people doing it. Even if they think to be safe by using a VPN or hiding service, usually they are stupid enough to identify them selves. By searching your past records, their real IP and provider are known.
Most providers will take action, just as most DNS servers will block the networks that spoof them for attacks.
It takes a lot of patience and constant work, but by sending out reports every time you can get results.
Depending on their organization, booter services can be deemed criminal and taken down as well.

The main thing is to not give up and fight back.

[Mellnik]

Quote:

Originally Posted by MyNinja GamerX has this feature in their DDoS protection called server mitigation. When someone begins a DDoS, the fire-wall detects it, and automatically moves the server to a backup server, where the IP is still the same. The DDoSer won't know that even he is attacking, no harm is coming to the server. The firewall protects until the DDoSer stops his actions, his mind confused when he sees the server still active with its players.

What lol this wont work because attacker is still DDoSing IP X.X.X.X (which is on the backup server now)

[MyNinja]

Quote:

Originally Posted by Mellnik What lol this wont work because attacker is still DDoSing IP X.X.X.X (which is on the backup server now)

Firewall, you read that?

[3ventic]

Let me get this clear:
DoS = single user (or other sources) using up all your connection
DDoS = multiple users (or other sources) using up all your connection + IF the connection is blocked, using up your CPU (blocking 1000s of connection attempts in a second takes up a lot of it!)

DoS is simply prevented by blocking the source IP in your firewall. DDoS, if powerful enough, cannot be stopped without extensive firewall services (separate firewall machine between the router and your server taking care of blocking bad connections using up a separate CPU, preventing harm) which are VERY expensive and hardly a possibility for smaller communities.

Simple booter attacks can be blocked easily using a firewall.

You're best off keeping people friendly towards your community. If you still get attacked, wait it out, they rarely last long.

And remember to (try to) punish the attacker after it's done.

P.S. I'm not an expert but I've looked into it after some attacks against my servers.

[Killa[DGZ]]

Quote:

Originally Posted by RealWorldGaming Note: NO need to spend $100's of bucks on a host/firewall.. I also got ddosed alot, than I came across nfoservers.com, good dude I can't explain how good they are. You have a firewall protection on your panel, so when heavy packets come In you can block them. Also block port UDP 80 and TCP 80, that will stop 90% attacks, people use PORT: 80 to ddos the most. If you want more information let me know, the prices start has low has $50.00/month, and they have 10gb up port.

Yes, I'm also with Nuclear Fallout Enterprises and I'm a very happy customer indeed, they have absolutely brilliant servers, service & support.. I have no complaints at all.

For example, just few days ago I was sent this message via email and UCP,

'We noticed that you're being hit with a DoS from external IP xxx.xxx.xxx.xxx We have added a filter on our end to block this IP from reaching your server'

I never had to lift a finger.. now that is service

[Criswell]

Well, LS-RP is also being DDOS'ed some times, so well they're not houndred percent secured for DDOS. But to be honest, I don't know what they are doing to the DDOSing, not often they're getting DDOsed

[Rayan_black]

For fuck sake! SA-MP needs to do something about those DDoS'ers! we just lost a legend community COD5!

[Mauzen]

Quote:

Originally Posted by Rayan_black For fuck sake! SA-MP needs to do something about those DDoS'ers! we just lost a legend community COD5!

DoS/DDoS really isnt samps matter. Small dos attacks can simply be blocked by a firewall, and for big ddos attacks theres nothing to do at all, you can have a whole array of hardware firewalls, theyll also fail when there are billions of connections every second.
There are so many "server owners" around, and as soon as they get attacked they start moaning at samp, because it offers no protection, while there are about no programs at all that offer a built-in firewall. And i wouldnt like to give the complete connection control to the samp server anyways. People should just learn how to protect themselves before calling themselves "admin".