Jump to content
  • 0

DDos attacks


TryHard

Question

Hello guys , I hope your all fine

I need to ask about DDOS attacks

As you know, when a DDOS attack occurs, server lag increases for some time
So is there a way to reduce impact on the server?
Is that done just by the hosting ? or are there any way to do that by server files ?

Link to post

4 answers to this question

Recommended Posts

  • 0
  • VIP

A good degree in telecommunications.

 

Jk, create a secure and serious infrastructure. They can still attack you from the game you have to be sure of every thing.

Edited by WeedHex
  • Love 1
Link to post
  • 0

First things first, here's a rough (and obviously incomplete) explanation. You'd differ between DoS and DDoS.

 

DoS (Denial of Service) simply put is using up the resources of the machine by leveraging on a weak spot of the program. You'll see often people targeting the auth server and flooding it with packets and if the server has bad code in it, it'll use up too many resources. This could lead to lags or in worst cases the server to not respond anymore.

 

Now, if you think DoS is bad, we're gonna take it to a new level: DDoS (Distributed Denial of Service). This time it's not only one pc trying to flood the server and consuming all it's resources.. it's a lot. The strength of the attack varies and depends on how many attackers are gonna target your server. There are many ways on how a DDoS works and you don't necessarily need to leverage on bad code in order to attack the server: Even a SYN/FIN Flood can make the server say bye bye - or at least it would, if it could.

 

Now let's get on how to protect against it. If you know how it works you can think about a few strategies on how to fortify against those attacks:

1. Make sure your source doesn't have flaws that could be exploited by attackers to use up your resources

2. Set up a good hardware firewall to block incoming attacks

3. Configure your firewall correctly to drop connections once a connections seems to go mad

4. Harden your system (there are some tunables you can set to harden your system a bit against attacks)

 

There are also more techniques (rerouting traffic, etc..) but I guess for the most people this does not matter too much.

  • Metin2 Dev 1
  • Love 1

We are the tortured.
We're not your friends.
As long as we're not visible.
We are unfixable.

Link to post
  • 0
  • VIP

Here's a pretty good writeup about the subject:

 

https://www.imperva.com/docs/DS_Incapsula_The_Top_10_DDoS_Attack_Trends_ebook.pdf

 

TLDR; get an OVH server, enable the permanent DDoS protection, use secondary IPs for your public stuff, set up pf, rate limit your auth ports and game ports as well because Layer 7 attacks on Metin2 are getting popular and not just the typical auth flood.

 

These usually work by flooding poorly written systems that directly interact with the database.

 

The golden rule for both your website and game is that a user should not be able to trigger a database connection or query directly and unrestricted (such as through loading a page or sending a packet). Either use a cache (the dbcache in Metin or Redis for web applications are an example) or throttle the connection (you can use nginx's ReqLimit module in a webserver and pf in your game server)

 

Another case of involuntary DDos is when your server is too successful and people jam your uplink trying to download or patch your client.

  • Love 2

 

 

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Answer this question...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...

Important Information

Terms of Use / Privacy Policy / Guidelines / We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.