Gamesocket Listener getting DDoS'ed by a Botnet

[Calcium]

I was told that I should get a ddos protected server.
So I got a premium vps at hostsavor which contains game anti-ddos
Unfortunately I got an attack a week ago which had 9000 different IPs.

I wrote to the support of hostsavor who told me to block the IP's from my server.
So I installed an additional program (PeerBlock) and changed the gamesocketmanager so that I make an automatic block with unregistered IPS (users.sql - ip_last column).

However, in 20% of cases this leads to a block which is not a DDOS Ip although the user has an ip address (users.sql - iplast)

Slowly I'm really desperate and am already thinking about giving up the project.

At other successful hotels, things are going so well and have done several tests and I have not come across a result

I hope someone can help me there.

Thanks.


Also, I own cloudflare but I hardly think it's not cloudflare.

 

[M8than]

A proxy still allows the connections to the server.
If 9000 different IP addresses connect to the port 30000 then connect 9000 different IPs to the port?

What would be necessary here is to distinguish these IP's which of these IPs is a DDOS IP and which not. But unfortunately there is no method that I know.

Is it a connection flood then or?

 

[Calcium]

Never had a problem using a Linux reverse proxy though.

Then you've never had a real DDOS attack in my eyes?

@Muffinss

Yes, one could simply set an IP limit and everything about it is simply block per peer block.
But the existing connections are still there so everything is about 5 IP connections is blocked but the lower 5 not just and that's just the problem.

 

[Joe]

Then you've never had a real DDOS attack in my eyes?

@Muffinss

Yes, one could simply set an IP limit and everything about it is simply block per peer block.
But the existing connections are still there so everything is about 5 IP connections is blocked but the lower 5 not just and that's just the problem.

Yeah, like I said 2 hours ago. I used OVH firewalls and/or Securi/JavaPipe.

Not sure what to do if you don’t wanna spend an extra £35

 

[Calcium]

Then you've never had a real DDOS attack in my eyes?

@Muffinss

Yes, one could simply set an IP limit and everything about it is simply block per peer block.
But the existing connections are still there so everything is about 5 IP connections is blocked but the lower 5 not just and that's just the problem.

There must be a trick for this, but nobody wants to give a price

 

[M8than]

Yeah, like I said 2 hours ago. I used OVH firewalls and/or Securi/JavaPipe.

Not sure what to do if you don’t wanna spend an extra £35

Yeah these firewalls dont do anything reactively to block ddos attacks. I know because I tried them and had to develop my own solution back when I was getting attacked 24/7.

 

[Joe]

Yeah these firewalls dont do anything reactively to block ddos attacks. I know because I tried them and had to develop my own solution back when I was getting attacked 24/7.

Javapipe will block connections to the IP and ports selected. If you want protection for both it’s not cheap.

Same with OVH game dedicated server, you can easily manage the firewall to stop this stuff.

Previously used both and been attacked many ways, I recommend Javapipe though, can be used using any reseller.

 

[Calcium]

Javapipe will block connections to the IP and ports selected. If you want protection for both it’s not cheap.

Same with OVH game dedicated server, you can easily manage the firewall to stop this stuff.

Previously used both and been attacked many ways, I recommend Javapipe though, can be used using any reseller.

So you want to manually block 9000 different specific ip adresses?
this isnt a joke right?

my windows server has endured these attacks although i had massive CPU problems due to the emulator but had no problems with laggs in the remotedesktop client.

as I said gamesocketmanager needs to be changed and to do this, a second program must be installed or programmed that receives these connections and no longer accepts them (ipsec, windows firewall, peerblock, etc.)

 

[Joe]

So you want to manually block 9000 different specific ip adresses?
this isnt a joke right?

Read up on these websites I’m giving you, it’s what they specialise in. Sucuri is probably the best, it’s their job to do these things. You’re making no sense at all.

You must be registered for see links

You must be registered for see images attach

 

[M8than]

Read up on these websites I’m giving you, it’s what they specialise in. Sucuri is probably the best, it’s their job to do these things. You’re making no sense at all.

You must be registered for see links

You must be registered for see images attach

javapipe is expensive and its crap.

 

[Calcium]

Read up on these websites I’m giving you, it’s what they specialise in. Sucuri is probably the best, it’s their job to do these things. You’re making no sense at all.

You must be registered for see links

You must be registered for see images attach

How can the internet detect whether it is a "bad traffic" or "good traffic"? : D
you do not need a javapipe to stop floods there is a simple tcp blocker what is available for free is also available?

and you pay $ 35 for that? haha

what if it is not a flood and you suddenly get connected to 10,000 different ip addresses in 1-3 seconds?

 

[Joe]

I’ve used it and it works. That’s all Im saying. They offer port protection too

I guess I can’t help you here, sorry!

 

[Calcium]

I’ve used it and it works. That’s all Im saying. They offer port protection too

I guess I can’t help you here, sorry!

sorry without having to attack you now. But your methods you have listed me you can find in any 0815 forum.

 

[Joe]

sorry without having to attack you now. But your methods you have listed me you can find in any 0815 forum.

Solutions that worked for me, that’s all. DDOS protection is used in a lot of popular retro’s, especially Securi ($200/year) Habboon have used it previously I believe.

Using a reseller of OVH (HostSavor) and trying to stop a botnet attack by using Windows features doesn’t seem likely to my knowledge, never seen anything been posted here or a tutorial on how to do this, which is why I used these websites, and trust me they really do work.

I hope you find what you’re looking for though, sorry

 

[Calcium]

Solutions that worked for me, that’s all. DDOS protection is used in a lot of popular retro’s, especially Securi ($200/year) Habboon have used it previously I believe.

Using a reseller of OVH (HostSavor) and trying to stop a botnet attack by using Windows features doesn’t seem likely to my knowledge, never seen anything been posted here or a tutorial on how to do this, which is why I used these websites, and trust me they really do work.

I hope you find what you’re looking for though, sorry

will certainly not pay 80 € per month to get these problems fixed, especially not at a 10 user hotel.

I have already found the solution for this and have also fixed it by using the plus emulator with another program. like in the phoenix times (actually the same code) works fine. the whole CPU load is set to another program so the emulator can then continue to work without problems without getting cpu problems

the more connections are allowed at the same time, the more the cpu goes up. I noticed that