Connection flood

I saw some servers which are working normally like UIF that means these servers have any strong protection against these attacks?
Reply

Quote:
Originally Posted by iLearner
Посмотреть сообщение
Ad: looking for some guys who are cookie flooding samp servers to make a contract with them to stop the floods on my servers.

Contact me via pm or discord!

PS: moderators should stop deleting our threads regarding this issue, it's not going to help.
Same Words i have to say about my server.
Contact me via pm and we will have a peace talk..
Reply

Quote:
Originally Posted by Shaheen
Посмотреть сообщение
Same Words i have to say about my server.
Contact me via pm and we will have a peace talk..
Protection for this attack! https://sampforum.blast.hk/showthread.php?tid=639962

add these rules in Hardware firewall and block 95 % fake packets !
Reply

Quote:
Originally Posted by RDM
Посмотреть сообщение
Protection for this attack! https://sampforum.blast.hk/showthread.php?tid=639962

add these rules in Hardware firewall and block 95 % fake packets !
this is useless to anyone using a VPS unfortunately and I do not feel like switching out to a dedicated machine just for one sa-mp serv
Reply

Quote:
Originally Posted by Christofski
Посмотреть сообщение
this is useless to anyone using a VPS unfortunately and I do not feel like switching out to a dedicated machine just for one sa-mp serv
It is not useless if the company you hire adds similar rules in the hardware firewall !!

I could help you if you were on a network within my reach!
Reply

Quote:
Originally Posted by RDM
Посмотреть сообщение
Protection for this attack! https://sampforum.blast.hk/showthread.php?tid=639962

add these rules in Hardware firewall and block 95 % fake packets !
I tested it and this doesnt works for me, and i think doesnt works for anyone. Stop to difuse lies here. You cannt test itself because you dont get attacked by this kind of attack. So delete your unusefull postings and you do a lot good for us victims.
Reply

Quote:
Originally Posted by Christofski
Посмотреть сообщение
this is useless to anyone using a VPS unfortunately and I do not feel like switching out to a dedicated machine just for one sa-mp serv
I have a dedicated machine with debian 9 and all securitys for spoof attacks, so this isnt a problem only of VPS owners.
Reply

Quote:
Originally Posted by RDM
Посмотреть сообщение
It is not useless if the company you hire adds similar rules in the hardware firewall !!

I could help you if you were on a network within my reach!
I am with OVH and am in contact with them, PM me some more details, I have rules set in my firewall currently.
Reply

Quote:
Originally Posted by PrettyDiamond
Посмотреть сообщение
I tested it and this doesnt works for me, and i think doesnt works for anyone. Stop to difuse lies here. You cannt test itself because you dont get attacked by this kind of attack. So delete your unusefull postings and you do a lot good for us victims.
Hello my servers are on the attack ..

My hardaware firewall is barring fake packages!

My hosted tab server: 167.114.201.74:7777


I am making significant improvements in my rules,
I am migrating to iptables and soon I will update them in my github!
Reply

The attacker should be dumb as hell to share a solution with you even if you donate him a fortune, because obviously, this solution will be shared publicly here, quit whining, sit on your ass and let the kiddo spend mom and dad's money and enjoy while it lasts. Actually, why not create a GoFundMe for him?

The flood itself isn't big of a deal and can barely do shit, except making your server query slow, stop panicking and praising 'Lord Mr. Flooder', I bet he's around here, laughing his ass off on cringe comments, which 80% of this thread consist of.
Reply

Quote:
Originally Posted by PrettyDiamond
Посмотреть сообщение
I have a dedicated machine with debian 9 and all securitys for spoof attacks, so this isnt a problem only of VPS owners.
You did not understand my locking logic,
The attack is spoofed, the attacker only sends a packet of each query and cookie connection, after he does not send more with the same ip!

So I drop all 1 pack of all the customers!


Please see new version in my github! :https://github.com/Edresson/SAMP-Fir...er/Firewall.sh


In my github has a simple script that simulates the attacker attack to test, I created the same in 3 minutes!
It's very simple to fake udp packages!
Reply

Quote:
Originally Posted by 1nspire
View Post
The attacker should be dumb as hell to share a solution with you even if you donate him a fortune, because obviously, this solution will be shared publicly here, quit whining, sit on your ass and let the kiddo spend mom and dad's money and enjoy while it lasts. Actually, why not create a GoFundMe for him?

The flood itself isn't big of a deal and can barely do shit, except making your server query slow, stop panicking and praising 'Lord Mr. Flooder', I bet he's around here, laughing his ass off on cringe comments, which 80% of this thread consist of.
The 'not a big deal you're talking about dropped my players avg from 90 to 40, and not only mine but other popular servers as well, how about that?
Stop shit talking, yor reply is useless and not at all helpful, keep your irony for yourself
Reply

Quote:
Originally Posted by Battlezone
View Post
The 'not a big deal you're talking about dropped my players avg from 90 to 40, and not only mine but other popular servers as well, how about that?
Stop shit talking, yor reply is useless and not at all helpful, keep your irony for yourself
I'm pretty sure the 'no big deal' I'm talking about didn't drop your average player-base from 90 to 40, or even if it did - that means you haven't informed your players about what's going on the same way Kalcor doesn't inform us what's going on, having said that, I do NOT see any changes in the playerbase of popular serves, another funny thing is that you cannot just say your average playerbase dropped with more than 50% for 48 hours, that's something you calculate monthly, not daily, so excuse mua.

https://gyazo.com/85abd6696d7d766d003ccb4cd6a9977c
I don't clearly see a major drop in your player-base, don't know where you took all these numbers from.

If you consider my post shit-talking (obviously against the ehm... attacker?) then you should go learn the definition of shit-talking, I was actually trying to calm people down and not let them fund the one who's ruining shit, my reply is less useless and more helpful than other replies that advice you to ban millions of IPs from all around the world in order to "save your server" for a single day before they start using new ranges, smart.

__
EDIT: Your Discord invite link is expired, no actual announcements on your forums nor the webpage about the issue, you could either start communicating with your players or expect even bigger drops of your player-base, go with the first option and quit blaming people over SA-MP forums.
Reply

Did anyone receive a demand from the flooders?
Reply

The best solution for now is turning your server off till all of this is solved
Reply

Quote:
Originally Posted by Crystallize
Посмотреть сообщение
The best solution for now is turning your server off till all of this is solved
I disagree. If you have a vps just change port and Create a default server on current port and tell your users to go there.

(why our posts are being deleted)
Reply

cuber found the tool that the attackers use, but his post got delleted...
Reply

Quote:
Originally Posted by iLearner
Посмотреть сообщение
I disagree. If you have a vps just change port and Create a default server on current port and tell your users to go there.

(why our posts are being deleted)
I have no idea its so annyoing 99% of my posts are gone.What do you mean with ports?
Reply

Quote:
Originally Posted by 10MIN
Посмотреть сообщение
cuber found the tool that the attackers use, but his post got delleted...
Because posting shit like that sends it out to more people that don't know about it, and more attacks happen...

After all, same with the hacks and all that shit... Do you think it's a good thing to simply post out "Oh it's XXX" and blatantly inform everyone of what it is that's causing it, without any thinking that others will download and start attacking other peoples servers?
Reply

Quote:
Originally Posted by Crystallize
Посмотреть сообщение
I have no idea its so annyoing 99% of my posts are gone.What do you mean with ports?
The attackers have a script for port 7777 if you use another els will have greater difficulty! If you use a different port they will have to clone the packages again!

If we all use ports one very different from the other makes it impossible to do them!
Reply


Forum Jump:


Users browsing this thread: 16 Guest(s)