[zRan]

Boa noite, pessoal.

Sei lб o que tб rolando, sei que й logar no meu servidor e receber "The server is full".

Usei um cуdigo de um membro aqui da board mas nгo adiantou muito.

Minha versгo й a 0.3z-r4.

Alguйm pode ajudar?

Obrigado.

@EDIT

Alguns logs do console:

Код:

[18:40:12] Incoming connection: 189.199.30.230:33404
[18:40:12] Incoming connection: 189.187.49.181:29707
[18:40:12] Incoming connection: 189.244.192.130:10779
[18:40:12] Incoming connection: 189.165.177.204:61956
[18:40:12] Incoming connection: 189.4.178.38:7784
[18:40:12] Incoming connection: 189.124.202.107:9929
[18:40:12] Incoming connection: 189.245.106.237:4784
[18:40:12] Incoming connection: 189.163.232.1:21695
[18:40:12] Incoming connection: 189.137.82.229:17355
[18:40:12] Incoming connection: 189.13.69.186:57695
[18:40:12] Incoming connection: 189.251.115.21:21554
[18:40:12] Incoming connection: 189.121.4.141:60715
[18:40:12] Incoming connection: 189.4.34.227:26566
[18:40:12] Incoming connection: 189.245.105.255:19145
[18:40:12] Incoming connection: 189.217.133.137:13831
[18:40:12] Incoming connection: 189.5.17.233:3851
[18:40:12] Incoming connection: 189.204.141.25:32810
[18:40:12] Incoming connection: 189.138.219.123:1297
[18:40:12] Incoming connection: 189.234.205.220:39148
[18:40:12] Incoming connection: 189.112.2.219:34683
[18:40:12] Incoming connection: 189.56.185.9:11563
[18:40:12] Incoming connection: 189.65.179.167:24547
[18:40:12] Incoming connection: 189.52.142.241:13593
[18:40:12] Incoming connection: 189.103.7.1:52332
[18:40:12] Incoming connection: 189.122.124.74:47696
[18:40:12] Incoming connection: 189.163.83.238:36328
[18:40:12] Incoming connection: 189.91.85.130:30289
[18:40:12] Incoming connection: 189.179.171.19:22002
[18:40:12] Incoming connection: 189.231.33.171:1071
[18:40:12] Incoming connection: 189.206.131.158:10746
[18:40:12] Incoming connection: 189.49.222.60:9249
[18:40:12] Incoming connection: 189.139.233.121:47444
[18:40:12] Incoming connection: 189.102.112.178:16872
[18:40:12] Incoming connection: 189.249.137.4:17368
[18:40:12] Incoming connection: 189.144.84.25:28519
[18:40:12] Incoming connection: 189.89.134.100:53709
[18:40:12] Incoming connection: 189.29.108.120:11301
[18:40:12] Incoming connection: 189.7.167.174:18583
[18:40:12] Incoming connection: 189.86.90.129:28744
[18:40:12] Incoming connection: 189.191.201.92:22222
[18:40:12] Incoming connection: 189.17.89.84:5761
[18:40:12] Incoming connection: 189.4.51.88:22845
[18:40:12] Incoming connection: 189.5.78.243:45537
[18:40:12] Incoming connection: 189.26.103.31:53832
[18:40:12] Incoming connection: 189.37.22.130:337
[18:40:12] Incoming connection: 189.217.69.142:43654
[18:40:12] Incoming connection: 189.176.224.139:60473
[18:40:12] Incoming connection: 189.248.8.108:65024
[18:40:12] Incoming connection: 189.190.203.101:22970
[18:40:12] Incoming connection: 189.23.101.176:25433
[18:40:12] Incoming connection: 189.173.173.182:22737
[18:40:12] Incoming connection: 189.2.123.201:62912
[18:40:12] Incoming connection: 189.80.215.49:39481
[18:40:12] Incoming connection: 189.16.195.7:11029
[18:40:12] Incoming connection: 189.149.162.233:27053
[18:40:12] Incoming connection: 189.150.195.116:52404
[18:40:12] Incoming connection: 189.219.40.227:24492
[18:40:12] Incoming connection: 189.188.42.191:34449
[18:40:12] Incoming connection: 189.126.128.30:5493
[18:40:12] Incoming connection: 189.180.150.144:58799
[18:40:12] Incoming connection: 189.176.161.161:3510
[18:40:12] Incoming connection: 189.131.73.155:7105
[18:40:12] Incoming connection: 189.33.207.65:562
[18:40:12] Incoming connection: 189.36.191.48:32064
[18:40:12] Incoming connection: 189.119.174.103:46544
[18:40:12] Incoming connection: 189.109.212.253:55970
[18:40:12] Incoming connection: 189.168.184.55:29213
[18:40:12] Incoming connection: 189.57.7.50:17599
[18:40:12] Incoming connection: 189.181.51.124:64221
[18:40:12] Incoming connection: 189.161.90.28:58220
[18:40:12] Incoming connection: 189.27.145.221:6990
[18:40:12] Incoming connection: 189.231.123.243:25375
[18:40:12] Incoming connection: 189.44.10.34:51297
[18:40:12] Incoming connection: 189.125.22.235:208
[18:40:12] Incoming connection: 189.5.112.106:40022
[18:40:12] Incoming connection: 189.47.134.167:955
[18:40:12] Incoming connection: 189.128.37.103:50318
[18:40:12] Incoming connection: 189.71.242.32:1866
[18:40:12] Incoming connection: 189.72.215.236:28451
[18:40:12] Incoming connection: 189.65.61.87:43393
[18:40:12] Incoming connection: 189.56.60.251:36112
[18:40:12] Incoming connection: 189.214.174.6:56299
[18:40:12] Incoming connection: 189.119.138.238:32437
[18:40:12] Incoming connection: 189.164.31.239:27568
[18:40:12] Incoming connection: 189.205.144.37:32858
[18:40:12] Incoming connection: 189.44.164.220:15158
[18:40:12] Incoming connection: 189.249.124.2:55564
[18:40:12] Incoming connection: 189.168.198.40:14683
[18:40:12] Incoming connection: 189.5.40.160:38363
[18:40:12] Incoming connection: 189.8.4.252:45316
[18:40:12] Incoming connection: 189.172.120.38:36688
[18:40:12] Incoming connection: 189.17.69.47:60393
[18:40:12] Incoming connection: 189.86.117.237:34821
[18:40:12] Incoming connection: 189.104.6.65:10144
[18:40:12] Incoming connection: 189.217.97.24:45986
[18:40:12] Incoming connection: 189.96.240.190:21604
[18:40:12] Incoming connection: 189.16.69.163:23439
[18:40:12] Incoming connection: 189.228.149.162:53111
[18:40:12] Incoming connection: 189.177.161.104:18705

[connork]

Dependendo do pacote vocк pode bloquear utilizando iptables, ou vocк estб recebendo um ataque com Invisible Bot ou й DDoS, consegue sniffar o ataque utilizando tcpdump?

Ataque spoofado com class 189... hmmmm

[zRan]

Pois й.

Pelo que parece й um ataque bem idiota, visto que nгo faz meu servidor cair. Acredito fielmente que seja um Invisible Bot.

@EDIT

Vou rodar um sniff aqui.

[connork]

Nгo acredito que seja invible bot, isso aн й spoofado... Pode ser atй mesmo um ataque especнfico do SAMP layer7, poste os pacotes que vocк estб recebendo utilizando tcpdump.

[Marlon307]

Tente isso, creio que possa amenizar o seu problema

pawn Код:

#include <a_samp>

enum iI
{
    IncomingIP[16],
    IncomingVezes,
    IncomingTempo
}
new IncomingConnection[iI];

public OnIncomingConnection(playerid, ip_address[], port)
{
    if(!strcmp(IncomingConnection[IncomingIP], ip_address, true) && IncomingConnection[IncomingTempo] > gettime())
    {
        if(IncomingConnection[IncomingVezes] > 3) return BlockIpAddress(ip_address, 0), printf("ip_%d:%d bloqueado!", ip_address, port);
        IncomingConnection[IncomingVezes]++;
        return Ban(playerid);
    }
    format(IncomingConnection[IncomingIP], 16, ip_address);
    IncomingConnection[IncomingVezes] = 0;
    IncomingConnection[IncomingTempo] = gettime()+2;
    return 1;
}

[connork]

Marlon, й spoofado, nгo vai resolver.

Irб mandar a classe 189.*.*.*

[zRan]

Vou ter que esperar esse cotoco lanзar o ataque de novo. --'

@EDIT

Marlon, esse foi o cуdigo que eu disse que jб tentei.

Spoofing й covardia. PQP.

[connork]

Spoofing й simples mitigar, reduz muito o link do ataque e em alguns casos altera tambйm o tamanho da header do pacote, dependendo da ferramenta utilizada pra atacarem seu servidor й fбcil mitigar.

[zRan]

Й? Como?

Nunca consegui, porque block por IP nгo funciona.

Isso com IPTables? Porque as proteзхes da empresa que eu contratei (resolvi deixar o meu servidor fora da minha empresa de hospedagem por causa de algumas mбs bocas) sгo da Arbor... E sempre apanham pra mitigar Spoofing.

[connork]

Mitigar por IP й burrice, o correto й mitigar pela header do pacote.