[M870]

My server recently getting two main problems. We banned a lot of people recently for hacking, DMing, trolling. We are a roleplay server trying to produce some of the best on SAMP because I notice a lot are a little poor quality, not insulting anyone.

Anyway they might all be friends working in some group I think. They seem to be DDoSing our server somehow, and claim to be ban evading. And they're saying things like "We gonna ban evade and if you stop us we'll just stop your whole server!".

I need two things. I want to know how I can stop DDoS attacks and how I can detect the ban evders please. Our server won't survive!!!

[adsy]

are you using a database?
can you link a database to a website to verify registered players?
if you can, autokick(or ban) players who arent registered.

Thats my suggestion, DDoS is difficult to stop without proper protection but if you are using a hosted server, you should be able to log a ticket with the hosters and they will be able to help with preventing DDoS trouble.

[M870]

Yes but when I say ban evading I think they're doing it some really technical ways, like changing their IP addresses and making new emails, accounts, etc.

[Alex Magaсa]

Quote:

Originally Posted by adsy are you using a database? can you link a database to a website to verify registered players? if you can, autokick(or ban) players who arent registered. Thats my suggestion, DDoS is difficult to stop without proper protection but if you are using a hosted server, you should be able to log a ticket with the hosters and they will be able to help with preventing DDoS trouble.

LOL wtf??

OT: try to find their IP's and range ban them from IP*.*.*!!Also if they are using Blank Scripts & Proxy no way to ban them!

[adsy]

Quote:

Originally Posted by Alex Magaсa LOL wtf?? OT: try to find their IP's and range ban them from IP*.*.*!!Also if they are using Blank Scripts & Proxy no way to ban them!

Still, a whitelisting system is the most efficient way to allow people on. It might be high maintenance but it will still throw an effort ball to the offending party.

[M870]

The problem with IP range is that their ISP overiously shares it throughout the country. So if I ban the range I ban everyone in UK on that ISP broadband provider.

Could I find out their MAC address or any other details to identify the specific people?

[linuxthefish]

Post the evading ranges here please.

[M870]

Quote:

Originally Posted by adsy Still, a whitelisting system is the most efficient way to allow people on. It might be high maintenance but it will still throw an effort ball to the offending party.

What is this? My playerbase is creeping up and I could get a lot of highly trusted well known members to dedicate time into something if it deals with people accordingly.

[$mooth]

A few people DDoSing wont harm your server (will never do) as they cant put it down.
DDoSing is just a way for someone to download an amount of information alot of times.
If they are a "group" still cant shut it down.

BUT, it may cuse lagg.
If you have your server at a host, they cant attack your server IP, then need to attack the host id. Which wont show. And i guess they are newbies aswell.

Want to know about DDoSing?
http://en.wikipedia.org/wiki/Denial_of_Service

And i might guess that the are using 2 newbie programs, that sucks. But wont put up the names here due to "fuckups".

[M870]

I think they have a botnet.

But if you're right then I should concentrate on banning them every time they evade. I've been on a lot of servers and seen people suddenly disappearing, and the log saying "Player *** Has been banned Reason: Ban Evading Admin: ***".

Are there any advanced methods of tracking ban evaders? Blocking the IP range would mean blocking a large amount of people in our main country, it's not an option. How can I distinguish the evaders from the legit players within the same range?