DDOS Attacks on Servers
Posted: Fri Sep 09, 2022 12:24 am
Hi there,
I really like the Community here. This community has a lot of servers + players, which is impressive considering it's totally free.
It's very sad that the server is experiencing a lot of DDoS attacks. In the Discord channel #bot-cmds there are a lot of DDoS statuses. My assumption why the server is getting attacked is simple: competition. If this network has problems over a long period of time, the people will go somewhere else. I've experienced successful attacks, where afterwards no one was playing anymore on most DDnet servers.
I've read in another post that it's hard to determine the attacker's network traffic. That's probably why VPNs are not allowed. Enough talking, there are multiple (possible) solutions:
Costly solutions:
- Move to the Cloud. Most cloud providers offer effective DDoS protection. Example: Microsoft Servers. Attacking them is not very smart and not effective. They have servers that won't go down easily. Also: If the attackers get caught, they will have other problems than competition.
- DDoS protection via SLA (Service Level Agreement). When doing an SLA, Companies have will hold their promises. This is VERY Costly, but also effective depending on the SLA contract.
- Pay a company to figure out the problem. Companies have capacities. Paying a company to research network traffic can be useful for finding the source of the problem.
- Pay a company to attack the community servers. This sounds ridiculous, but the company can create a detailed report with all weaknesses.
- Distribute Servers (if haven't already). Attacking multiple targets is a lot harder.
(- A DNS for the servers instead of an IP-Address.)
Less costly solutions:
- Introducing accounts, with credentials, to be able to play on DDNet. It is not famous and also costs money. But authenticating is a great way to ensure that most people are customers. This solution will help go the right way, but it will not fix the attacks. It's sometimes impressive how creative attackers can get to gather stuff.
- Limit all kind of requests (if haven't already). If the attack does not come from a botnet, this will help.
- A not-so-nice solution is geo-blocking. There is no guaranty that it will work, and it is very imprecise. There are specific locations where lots of DDoS attacks are launched from. This can possibly kill a good amount of the player-base.
- Start blocking IP-Lists from the internet. This may be a bit problematic, since it can happen that someone's IP-Address may get blocked by accident. But restarting the internet router will fix the problem in most cases. By restarting the router, you get a new IP-Address from the Internet provider.
I've sat down a few hours thinking and writing this post. All of this are assumptions and ideas to improve the situation. I'm a website-application-developer apprentice and know a tiny bit about network stuff.
During googling, I've found this open source tool: https://www.haproxy.org/. I've no idea if it's suitable here, but it's worth taking a looking at it. I'm sorry in advance for my horrible grammar.
I hope this helps a tiny bit, cheers!
I really like the Community here. This community has a lot of servers + players, which is impressive considering it's totally free.
It's very sad that the server is experiencing a lot of DDoS attacks. In the Discord channel #bot-cmds there are a lot of DDoS statuses. My assumption why the server is getting attacked is simple: competition. If this network has problems over a long period of time, the people will go somewhere else. I've experienced successful attacks, where afterwards no one was playing anymore on most DDnet servers.
I've read in another post that it's hard to determine the attacker's network traffic. That's probably why VPNs are not allowed. Enough talking, there are multiple (possible) solutions:
Costly solutions:
- Move to the Cloud. Most cloud providers offer effective DDoS protection. Example: Microsoft Servers. Attacking them is not very smart and not effective. They have servers that won't go down easily. Also: If the attackers get caught, they will have other problems than competition.
- DDoS protection via SLA (Service Level Agreement). When doing an SLA, Companies have will hold their promises. This is VERY Costly, but also effective depending on the SLA contract.
- Pay a company to figure out the problem. Companies have capacities. Paying a company to research network traffic can be useful for finding the source of the problem.
- Pay a company to attack the community servers. This sounds ridiculous, but the company can create a detailed report with all weaknesses.
- Distribute Servers (if haven't already). Attacking multiple targets is a lot harder.
(- A DNS for the servers instead of an IP-Address.)
Less costly solutions:
- Introducing accounts, with credentials, to be able to play on DDNet. It is not famous and also costs money. But authenticating is a great way to ensure that most people are customers. This solution will help go the right way, but it will not fix the attacks. It's sometimes impressive how creative attackers can get to gather stuff.
- Limit all kind of requests (if haven't already). If the attack does not come from a botnet, this will help.
- A not-so-nice solution is geo-blocking. There is no guaranty that it will work, and it is very imprecise. There are specific locations where lots of DDoS attacks are launched from. This can possibly kill a good amount of the player-base.
- Start blocking IP-Lists from the internet. This may be a bit problematic, since it can happen that someone's IP-Address may get blocked by accident. But restarting the internet router will fix the problem in most cases. By restarting the router, you get a new IP-Address from the Internet provider.
I've sat down a few hours thinking and writing this post. All of this are assumptions and ideas to improve the situation. I'm a website-application-developer apprentice and know a tiny bit about network stuff.
During googling, I've found this open source tool: https://www.haproxy.org/. I've no idea if it's suitable here, but it's worth taking a looking at it. I'm sorry in advance for my horrible grammar.
I hope this helps a tiny bit, cheers!