[TomCool]

Hi,

I thought of a new idea to stop ddos that teamspeak has been using for a long time now. Basically in teamspeak if you want your teamspeak server to be accessed with an address such as "ts.sa-mp.com" you can do that by running their software on your server that hosts sa-mp.com and changing the DNS settings file which they provide. I guess it works by the software telling the teamspeak company's server that "ts.sa-mp.com" should send the user to "255.255.255.255" (example of an IP) so really the user never knows the actual IP address because "ts.sa-mp.com" doesn't actually exist and therefore cannot attack it. The attacker could still ddos "sa-mp.com" and users could not connect to the server but at least the sa-mp server would be intact and you could also block the incoming traffic. My suggestion is that SA-MP should do the same to protect servers.

Unless of course it's somehow possible to see the address of the server you are connected to by using software to trace data leaving/entering your computer to/from the SA-MP server.

[AaronKillz]

The name address can easily be resolved/pinged.

[TomCool]

Quote:

Originally Posted by AaronKillz The name address can easily be resolved/pinged.

The name address "ts.sa-mp.com" is never registered in the DNS. It is only entered in the teamspeak's settings.ini file. Therefore is never actually linked to an IP address.


Seriously this is like one of the best ideas ever. You could buy a domain name, like "www.ts-samp.com" (example) link it to a small server. Using sa-mp's software (just like teamspeak's) tell the main sa-mp server (which acts as a virtual DNS) to send every user queries for "www.ts-samp.com" to "255.255.255.255" IP and block all the incoming traffic to the small server so it cannot be ddosed. This could be done by opening a file like settings.ini and writing in "www.ts-samp.com=255.255.255.255" and once you run the software these values are sent to sa-mp. Meanwhile the actual sa-mp server should be hosted on another server with IP "255.255.255.255". Therefore there is NO way to ddos any of the servers.

I guess the only disadvantage is that SA-MP will have to host their own servers that can handle this information and act as a virtual DNS.

[linuxthefish]

Won't work, anyone can open up Resource Monitor and see what they are connecting to...

Do you have an example teamspeak address like this?

[Mauzen]

That doesnt work. No matter what name/ip/link you use to connect to any server, this identifier is used to communicate with it. Even if you dont got the exact IP (however it should work) you can spam the identifier address with invalid requests. This is called a denial of service attack (DoS).
Thats the way the internet works. Sure you could use a proxy connection by some other server, so the user doesnt know the identifier of the real server, attackers would attack the proxy instead, shut down that one, and so block all servers running over the proxy. Making the proxy ddos-safe is as impossible as making a single server safe. There are ddos-shield services that offer a protected proxy, but they arent 100% safe and are extremely expensive. The samp team wont ever offer protected proxies for everyone, unless they charge a routing fee for every server, which wont happen as samp will always stay free.
If the server connection ip is always resolved to 255.255.255.255, you couldnt communicate with the server. If it just leads to that invalid ip in some cases, there will always be an (easy) way to get the real IP.

You should inform about how the internet/network connections work, then youll see why your idea simply cant work.

[TomCool]

Quote:

Originally Posted by linuxthefish Won't work, anyone can open up Resource Monitor and see what they are connecting to... Do you have an example teamspeak address like this?

Ahhh... You're right it can be traced with a Resource Monitor, well, then this thread is pointless and can be deleted.

Quote:

Originally Posted by Mauzen That doesnt work. No matter what name/ip/link you use to connect to any server, this identifier is used to communicate with it. Even if you dont got the exact IP (however it should work) you can spam the identifier address with invalid requests. This is called a denial of service attack (DoS). Thats the way the internet works. Sure you could use a proxy connection by some other server, so the user doesnt know the identifier of the real server, attackers would attack the proxy instead, shut down that one, and so block all servers running over the proxy. Making the proxy ddos-safe is as impossible as making a single server safe. There are ddos-shield services that offer a protected proxy, but they arent 100% safe and are extremely expensive. The samp team wont ever offer protected proxies for everyone, unless they charge a routing fee for every server, which wont happen as samp will always stay free. If the server connection ip is always resolved to 255.255.255.255, you couldnt communicate with the server. If it just leads to that invalid ip in some cases, there will always be an (easy) way to get the real IP. You should inform about how the internet/network connections work, then youll see why your idea simply cant work.

I don't think you understood me but it doesn't matter as the actual server IP can be traced. This thread can be deleted.

[Ha$H_Sexyboy]

You cannot stop a DDoS attack it's just annoying