Jump to content
  • 0

DDos attacks



4 answers to this question

Recommended Posts

  • 0

First things first, here's a rough (and obviously incomplete) explanation. You'd differ between DoS and DDoS.


DoS (Denial of Service) simply put is using up the resources of the machine by leveraging on a weak spot of the program. You'll see often people targeting the auth server and flooding it with packets and if the server has bad code in it, it'll use up too many resources. This could lead to lags or in worst cases the server to not respond anymore.


Now, if you think DoS is bad, we're gonna take it to a new level: DDoS (Distributed Denial of Service). This time it's not only one pc trying to flood the server and consuming all it's resources.. it's a lot. The strength of the attack varies and depends on how many attackers are gonna target your server. There are many ways on how a DDoS works and you don't necessarily need to leverage on bad code in order to attack the server: Even a SYN/FIN Flood can make the server say bye bye - or at least it would, if it could.


Now let's get on how to protect against it. If you know how it works you can think about a few strategies on how to fortify against those attacks:

1. Make sure your source doesn't have flaws that could be exploited by attackers to use up your resources

2. Set up a good hardware firewall to block incoming attacks

3. Configure your firewall correctly to drop connections once a connections seems to go mad

4. Harden your system (there are some tunables you can set to harden your system a bit against attacks)


There are also more techniques (rerouting traffic, etc..) but I guess for the most people this does not matter too much.

  • Metin2 Dev 1
  • Love 1

We are the tortured.
We're not your friends.
As long as we're not visible.
We are unfixable.

Link to comment
Share on other sites

  • 0
  • Premium

Here's a pretty good writeup about the subject:




TLDR; get an OVH server, enable the permanent DDoS protection, use secondary IPs for your public stuff, set up pf, rate limit your auth ports and game ports as well because Layer 7 attacks on Metin2 are getting popular and not just the typical auth flood.


These usually work by flooding poorly written systems that directly interact with the database.


The golden rule for both your website and game is that a user should not be able to trigger a database connection or query directly and unrestricted (such as through loading a page or sending a packet). Either use a cache (the dbcache in Metin or Redis for web applications are an example) or throttle the connection (you can use nginx's ReqLimit module in a webserver and pf in your game server)


Another case of involuntary DDos is when your server is too successful and people jam your uplink trying to download or patch your client.

  • Good 1
  • Love 3

Currently working on my FreeBSD blog:

FreeBSD is Fun, practical tutorials and articles

⚠️                Are you under attack?               ⚠️

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Create New...

Important Information

Terms of Use / Privacy Policy / Guidelines / We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.