Gamesocket Listener getting DDoS'ed by a Botnet

Status
Not open for further replies.

Calcium

Member
Jan 7, 2017
56
6
I was told that I should get a ddos protected server.
So I got a premium vps at hostsavor which contains game anti-ddos
Unfortunately I got an attack a week ago which had 9000 different IPs.

I wrote to the support of hostsavor who told me to block the IP's from my server.
So I installed an additional program (PeerBlock) and changed the gamesocketmanager so that I make an automatic block with unregistered IPS (users.sql - ip_last column).

However, in 20% of cases this leads to a block which is not a DDOS Ip although the user has an ip address (users.sql - iplast)

Slowly I'm really desperate and am already thinking about giving up the project.

At other successful hotels, things are going so well and have done several tests and I have not come across a result

I hope someone can help me there.

Thanks.


Also, I own cloudflare but I hardly think it's not cloudflare.
 

Joe

Well-Known Member
Jun 10, 2012
4,172
1,955
Firstly, HostSavor anti-ddos game servers aren’t exactly the best.

Why don’t you try an OVH game server with an actual working firewall? Or JavaPipe web and application protection? You can then protect your ports 80 and 30000 or whatever, as well as your IP address. Sucuri maybe?

Personally I’ve used JavaPipe, although it’s quite expensive it actually does work. I recommend to stop using websites like HostSavor if you’re constantly getting attacked as well, they’re useless :p
 

Calcium

Member
Jan 7, 2017
56
6
Firstly, HostSavor anti-ddos game servers aren’t exactly the best.

Why don’t you try an OVH game server with an actual working firewall? Or JavaPipe web and application protection? You can then protect your ports 80 and 30000 or whatever, as well as your IP address. Sucuri maybe?

Personally I’ve used JavaPipe, although it’s quite expensive it actually does work. I recommend to stop using websites like HostSavor if you’re constantly getting attacked as well, they’re useless :p
They are many Hotels that are use Hostsavor.
Habbo.ST , Habbo.AL .
And all runs perfectly.

I think i get the wrong DDoS mitigation.

My Server RIPE Information are different then the other two's.
But Hostsavor says me it's my problem and it doesnt a server issue.

I dont wanna pay 40$ for a small hotel with 20 users online.
this is dumb asf
 

Joe

Well-Known Member
Jun 10, 2012
4,172
1,955
They are many Hotels that are use Hostsavor.
Habbo.ST , Habbo.AL .
And all runs perfectly.

I think i get the wrong DDoS mitigation.

My Server RIPE Information are different then the other two's.
But Hostsavor says me it's my problem and it doesnt a server issue.

I dont wanna pay 40$ for a small hotel with 20 users online.
this is dumb asf
I’ve tried to boot my own HS server before. It went down within 60 seconds. Especially if you target the emulator port, it says like 9,000 online.

Ask around, anybody would recommend OVH. Make sure you’re using a TCP proxy and Cloudflare as well.

If all else fails and you don’t want to upgrade, try using 2x 4GB servers and split the MySQL and emulator to different servers. I’ve also done that before.

You can use OVH servers, they’re not expensive at all, use your own Windows instead of buying it then setup your own proxy using a linux server?
 

Calcium

Member
Jan 7, 2017
56
6
I’ve tried to boot my own HS server before. It went down within 60 seconds. Especially if you target the emulator port, it says like 9,000 online.

Ask around, anybody would recommend OVH. Make sure you’re using a TCP proxy and Cloudflare as well.

If all else fails and you don’t want to upgrade, try using 2x 4GB servers and split the MySQL and emulator to different servers. I’ve also done that before.

You can use OVH servers, they’re not expensive at all, use your own Windows instead of buying it then setup your own proxy using a linux server?

Why should I get a TCP proxy?
did you ever look at habboon they using windows themselves and also OVH.
It makes no sense if I get a second server, especially not in the number of users I currently have!
<irony>2x 4GB rofl better 2x32 for a 10 users hotel. </irony>

dumb asf
 
Last edited:

Joe

Well-Known Member
Jun 10, 2012
4,172
1,955
Why should I get a TCP proxy?
did you ever look at habboon they using windows themselves and also OVH.
It makes no sense if I get a second server, especially not in the number of users I currently have!
2x 4GB rofl
TCP proxy so people can’t see your IP and attack you? Obviously. Yes. Habboon use OVH, probably the game dedicated sever with an anti-ddos firewall. You’d use linux to setup a proxy, not use it for your server LUL

Proxies are a good way of redirecting traffic, a good host would let you manage this so you could easily block and only allow certain amounts of connections etc.

Things like sucuri and JavaPipe do this for you. I’m not sure why you mentioned Habboon.

Edit: This is seeming like an argument, you asked for advice yet go against everything I’m saying. Maybe that’s why people don’t reply to your help requests. I’m speaking from experience, not word of mouth.
 

Calcium

Member
Jan 7, 2017
56
6
TCP proxy so people can’t see your IP and attack you? Obviously. Yes. Habboon use OVH, probably the game dedicated sever with an anti-ddos firewall. You’d use linux to setup a proxy, not use it for your server LUL

Proxies are a good way of redirecting traffic, a good host would let you manage this so you could easily block and only allow certain amounts of connections etc.

Things like sucuri and JavaPipe do this for you. I’m not sure why you mentioned Habboon.

Edit: This is seeming like an argument, you asked for advice yet go against everything I’m saying. Maybe that’s why people don’t reply to your help requests. I’m speaking from experience, not word of mouth.

It makes no difference if I have one shitty server or two shitty server.

Then they ddos just the TCP proxy IP ?
What is missing is the network level firewall.
I certainly do not pay 80 € for a server where 10 people play.
 

Joe

Well-Known Member
Jun 10, 2012
4,172
1,955
It makes no difference if I have one shitty server or two shitty server.

Then they ddos just the TCP proxy IP ?
What is missing is the network level firewall.
I certainly do not pay 80 € for a server where 10 people play.
That’s why you get a TCP proxy IP, people can’t DDoS your server. Although this doesn’t cover your port protection, add a PHP gateway or something so noobs can’t view source.

It seems ridiculous to buy a 32GB server from a reseller for 10 users though, you’d only need a 4GB SSD machine for the speed.
 

M8than

yes
Mar 16, 2012
463
102
That’s why you get a TCP proxy IP, people can’t DDoS your server. Although this doesn’t cover your port protection, add a PHP gateway or something so noobs can’t view source.

It seems ridiculous to buy a 32GB server from a reseller for 10 users though, you’d only need a 4GB SSD machine for the speed.
"PHP gateway so noobs can't view source" what do you even mean?
 

Joe

Well-Known Member
Jun 10, 2012
4,172
1,955
I honestly have no idea what you're trying to say? So if I add a captcha to my client they can't view the source of the page?
I did this before using a pin to enter the client, when you’re prompt to enter a pin and try viewing the source on the client (when connected) it’ll just show you the source for the pin which was in PHP. I thought this would work the same too, edited slightly.
 

Calcium

Member
Jan 7, 2017
56
6
I did this before using a pin to enter the client, when you’re prompt to enter a pin and try viewing the source on the client (when connected) it’ll just show you the source for the pin which was in PHP. I thought this would work the same too, edited slightly.

Open Internet browser write : ip: port in the url bar and then press enter
Congratulations you have just made a connection to the server.
 

M8than

yes
Mar 16, 2012
463
102
I did this before using a pin to enter the client, when you’re prompt to enter a pin and try viewing the source on the client (when connected) it’ll just show you the source for the pin which was in PHP. I thought this would work the same too, edited slightly.
Oh, I doubt the people doing it are that noob though. You can literally see what connections you have within windows.
 
  • Like
Reactions: Joe

Calcium

Member
Jan 7, 2017
56
6
Oh, I doubt the people doing it are that noob though. You can literally see what connections you have within windows.

this is the stupidest idea to try to hide the IP address anyway
There are a thousand variants to get to the client ip.


Network layer or application layer one of both you have to edit or configure something there. in that case it would be the gamesocketmanager or the so-called "game anti ddos" firewall. Too bad the hostsavor offers something but it does not look like it in practice.
 

Joe

Well-Known Member
Jun 10, 2012
4,172
1,955
this is the stupidest idea to try to hide the IP address anyway
There are a thousand variants to get to the client ip.


Network layer or application layer one of both you have to edit or configure something there. in that case it would be the gamesocketmanager or the so-called "game anti ddos" firewall. Too bad the hostsavor offers something but it does not look like it in practice.
I’m talking about the port, but whatever. A proxy hides your IP.

Wonder why a 10 user hotel is getting bombarded though lol, who did you piss off?
 

Calcium

Member
Jan 7, 2017
56
6
I’m talking about the port, but whatever. A proxy hides your IP.

Wonder why a 10 user hotel is getting bombarded though lol, who did you piss off?

A proxy still allows the connections to the server.
If 9000 different IP addresses connect to the port 30000 then connect 9000 different IPs to the port?

What would be necessary here is to distinguish these IP's which of these IPs is a DDOS IP and which not. But unfortunately there is no method that I know.
 
  • Like
Reactions: Joe
Status
Not open for further replies.

Users who are viewing this thread

Top