• Server being DDOS attacked.
    39 replies, posted
-snip- [B]If you are dealing with a DDoS scare PM me.[/B] This was a while ago and I was stupid and naive. Happy to help.
Oh snap. I remember him. He was in a TTT with me and started speed-hacking. My friend and I just rdm'd him/trolled him and he got so fucking pissed and left. Good times, but yeah, this guy cheats
[QUOTE=Samg381;40211939]Hello, Recently I banned a player from my server due to the fact that he was obviously hacking. He sent me a steam message threatening me, and claiming I was making a 'huge mistake'. Now, everyone's ping on my server is skyrocketing, and wireshark has detected an extremely large amount of incoming packets from his IP address. I would like to make this player known to the community, so that he can be reported and dismantled. The user is 'Niger Prince'. [URL="http://steamcommunity.com/profiles/76561198043375099"]The User's Steam Profile can be found here.[/URL] He also has VAC bans on record, which adds to the suspicion. Please report this player, or at least ban him from your servers. My apologies if this is in the wrong section. And, thank you.[/QUOTE] Gotta love the little kids. Just wait it out... He will get bored soon, either that or his ISP will bitch at him for excessive bandwidth. You have his IP so you could call the provider and press charges against him if you'd like. That would shut him up real quick.
Keep in mind, if it only comes from one IP it's not a DDOS, but a DOS
If it's only coming from one IP, firstly the kid is an idiot, secondly; get the IP that the packets are coming from, run a whois trace on the IP, get the provider, email the provider with proof of excessive packet spamming coming from this IP. Not only is DoS illegal, it also breaches most ISP's T&C. You can also block this IP from sending packets to your server.
[QUOTE=SeveredSkull;40213083]Gotta love the little kids. Just wait it out... He will get bored soon, either that or his ISP will bitch at him for excessive bandwidth. You have his IP so you could call the provider and press charges against him if you'd like. That would shut him up real quick.[/QUOTE] [QUOTE=>>oubliette<<;40217007]If it's only coming from one IP, firstly the kid is an idiot, secondly; get the IP that the packets are coming from, run a whois trace on the IP, get the provider, email the provider with proof of excessive packet spamming coming from this IP. Not only is DoS illegal, it also breaches most ISP's T&C. You can also block this IP from sending packets to your server.[/QUOTE] Even with significant evidence of him being responsible for the attacks, nothing will happen. No law enforcement agency or government cares about your Garry's Mod server being DDoSed.
[QUOTE=rokrox;40217576]Even with significant evidence of him being responsible for the attacks, nothing will happen. No law enforcement agency or government cares about your Garry's Mod server being DDoSed.[/QUOTE] That's not the point, (D)DoS attacks are still illegal.
[QUOTE=rokrox;40217576]Even with significant evidence of him being responsible for the attacks, nothing will happen. No law enforcement agency or government cares about your Garry's Mod server being DDoSed.[/QUOTE] If he is breaking the rules then they don't need to contact the law for it. They are providing his internet so they can just throw him out or bottleneck the internet line. Its worth a shot OP
[QUOTE=Mors Quaedam;40217618]That's not the point, (D)DoS attacks are still illegal.[/QUOTE] Yes, they're illegal. The problem is there is far too many attacks for any law enforcement agency to moderate. [QUOTE=darth-veger;40217632]If he is breaking the rules then they don't need to contact the law for it. They are providing his internet so they can just throw him out or bottleneck the internet line. Its worth a shot OP[/QUOTE] It's not worth a shot, it's a waste of time. If it's coming from one IP just drop any inbound connections from that IP. You think all these DDoS Protection companies exist now because there's no market?
[QUOTE=rokrox;40217680]Yes, they're illegal. The problem is there is far too many attacks for any law enforcement agency to moderate. It's not worth a shot, it's a waste of time. If it's coming from one IP just drop any inbound connections from that IP. You think all these DDoS Protection companies exist now because there's no market?[/QUOTE] Who has said anything about contacting law enforcement? He should contact his ISP, afaik they take DDoS pretty seriously, it doesn't matter if it was Garry's mod or Runescape private server they were hosting.
[QUOTE=Rancor26;40217897]Who has said anything about contacting law enforcement? He should contact his ISP, afaik they take DDoS pretty seriously, it doesn't matter if it was Garry's mod or Runescape private server they were hosting.[/QUOTE] It's DoS, it's coming from one address, therefore it's not distributed. And the majority of ISPs don't take DoS attacks seriously because they're residential speeds. The average 13Mb/s line isn't going to saturate their network.
-snip- My issue was resolved. [B]If you are dealing with a DDoS scare PM me or hit me up on Steam. [/B] This was a while ago and I was stupid and naive. Happy to help.
[QUOTE=rokrox;40217680]It's not worth a shot, it's a waste of time. If it's coming from one IP just drop any inbound connections from that IP.[/QUOTE] You clearly don't know how a DOS works then if you think you can simply "Drop an inbound connection" on these types of attacks. The whole point is to flood the connections and overload the system by keeping the hardware busy trying to sort out the packets and deciding whether or not to take them. Once you hit hardware with a DOS you're done for. You cant simply ignore packets from an IP either as it still takes a small amount of processing to see where the packets came from. [editline]9th April 2013[/editline] [QUOTE=rokrox;40217576]Even with significant evidence of him being responsible for the attacks, nothing will happen. No law enforcement agency or government cares about your Garry's Mod server being DDoSed.[/QUOTE] Not true at all. I've gotten 3 attackers removed from contacting either the local police or the ISP directly.
[QUOTE=SeveredSkull;40224420]You clearly don't know how a DOS works then if you think you can simply "Drop an inbound connection" on these types of attacks. [B]The whole point is to flood the connections and overload the system by keeping the hardware busy trying to sort out the packets and deciding whether or not to take them. [/B]Once you hit hardware with a DOS you're done for. You cant simply ignore packets from an IP either as it still takes a small amount of processing to see where the packets came from. [editline]9th April 2013[/editline] Not true at all. I've gotten 3 attackers removed from contacting either the local police or the ISP directly.[/QUOTE] You have not, because you don't even understand the basics of networking if you think every DoS attack is overloading hardware. You can simply ignore packets from an IP, just it's generally not effective with software firewalls if the attack is distributed because it will saturate the line. Your local police aren't going to do anything about someone attacking your Garry's Mod server. [QUOTE=Samg381;40223768]I will try, thanks. I will call my ISP.[/QUOTE] Calling your ISP isn't even what was advised, they were telling you to contact the attacker's ISP with the logs.
The local police will not do anything about it. it's true, they would rather help some old lady cross a street than go after a DoS'er. Hell, most cops prolly don't even know what that is. Anyway, If you were to contact the ISP the IP belongs to and request them to do something, they should. If it continues to happen 2+ days after you have contacted them, 1. they are a shitty ISP, 2. Ask for their lawyer's contact information. Now if dat don't work, just get a bowl of fried chicken and munch away until they kid gets bored.
It just takes one kid who thinks they're cool to post on 4chan. Sadly it's the whiny kids who think they're ub3r "smat".
[QUOTE=Turbine;40228704]It just takes one kid who thinks they're cool to post on 4chan.[/QUOTE] They'll just say "we're not your personal army".
[QUOTE=Turbine;40228704]It just takes one kid who thinks they're cool to post on 4chan. Sadly it's the whiny kids who think they're ub3r "smat".[/QUOTE] Have you even experienced 4chan before?
-snip- My issue was resolved. [B]If you are dealing with a DDoS scare PM me or hit me up on Steam. [/B] This was a while ago and I was stupid and naive. Happy to help.
[U]His ISP[/U]. Give the company the IP address and tell them hes doing a DoS.
-snip- My issue was resolved. [B]If you are dealing with a DDoS scare PM me or hit me up on Steam. [/B] This was a while ago and I was stupid and naive. Happy to help.
I doubt someone would be using a proxy while gaming, wouldn't that substantially increase his ping?
-snip-
why does it strike me as if you're making this up and you just want to screw this guy over, and you just happened to find his IP address. I mean, it was already hard to believe the guy was doing a non-distributed attack, but now you somehow got his IP from your network traffic and you can't figure out where that came from?
You need to find his IP then use [url]http://www.whatsmyip.org/whois-dns-lookup/[/url] and use the Whois... it will tell you his ISP
[QUOTE=Pandaman09;40251235]You need to find his IP then use [url]http://www.whatsmyip.org/whois-dns-lookup/[/url] and use the Whois... it will tell you his ISP[/QUOTE] This, or "nslookup [IP]" in command prompt. It will give you something like this: [QUOTE]Microsoft Windows [Version 6.2.9200] (c) 2012 Microsoft Corporation. All rights reserved. C:\Users\Me>nslookup localhost Server: cdns1.cox.net Address: 68.105.28.11 *** cdns1.cox.net can't find localhost: Non-existent domain C:\Users\Me>[/QUOTE] Used localhost so you guys don't get my IP :D
[QUOTE=SeveredSkull;40252384]This, or "nslookup [IP]" in command prompt. It will give you something like this: Used localhost so you guys don't get my IP :D[/QUOTE] [QUOTE]68.105.28.11[/QUOTE] Yeah..
-snip- My issue was resolved.
[QUOTE=darth-veger;40253336]Yeah..[/QUOTE] Correct me if I'm wrong, but isn't that his DNS?
[QUOTE=Mors Quaedam;40217618]That's not the point, (D)DoS attacks are still illegal.[/QUOTE] I said his provider; not the police. His ISP cares if their network is being used illegally.
Sorry, you need to Log In to post a reply to this thread.