Author Topic: Blockland Glass Hosting Service [Closing] (Read 56023 times)

Scout31 · August 28, 2017, 08:10:09 PM

Linode sent me a sample of the "attack traffic" they observed. It's the Blockland loading system. Either they incorrectly flagged the traffic or there is some exploit that causes the server to send back massive amounts of traffic. Still investigating.

Ad Bot · Advertisement

Marios · August 28, 2017, 08:59:16 PM

Are people still trying to do damage to this here game which gets fixed relatively soon?

I guess cheating at CS:GO, TF2 or PU Battlegrounds isn't cool anymore.

Scout31 · August 28, 2017, 09:46:31 PM

The issue has been mostly dismissed as them incorrectly flagging the outgoing traffic from us6, but there was also a lot of inbound traffic at the same time that could possibly be a DoS. Will keep an eye out moving forward, but us6 should be up and running again in a few minutes.

theviacom · August 29, 2017, 05:37:52 AM

really good loving work for actually making the site work on mobile for the all-fabled """"mobile server administration"""" without sshing into your own server through hacky linux terminal use

i would use it if i were still interested in getting dedicated blockland server hosting

Dannu · August 29, 2017, 06:01:57 AM

Wasn't there a DLL or mod that would rapidly send connection requests to a server and the server would attempt to send back data tens of times larger each time.

Pecon · August 29, 2017, 02:41:43 PM

Quote from: Dannu on August 29, 2017, 06:01:57 AM

Wasn't there a DLL or mod that would rapidly send connection requests to a server and the server would attempt to send back data tens of times larger each time.

Yes, it would also cause the server to hang up trying to comply with all the requests. I ended up building a mod that would generate a report to the server node if someone sent more than ~15 connection requests in a short period, and the node would start dropping traffic from that address. It worked, though unfortunately there were somehow a number of false positives. I still can't see how a normal user would end up generating more than 15 connect requests, considering they normally should have to dismiss the connection box each time they retried.

Scout31 · August 29, 2017, 04:37:12 PM

us10 has been null routed by Linode due to an incoming DoS attack impacting their network performance. Several other servers receiving inbound DoS attacks, but they typically only last long enough to crash the server and then stop.

There really isn't much I can do moving forward except hope that this stops. This is indeed Linode's policy, and if this continues to happen there is nothing I can do about it. I will continue to search for solutions.

Conan · August 29, 2017, 04:38:15 PM

Quote from: Scout31 on August 28, 2017, 08:10:09 PM

Linode sent me a sample of the "attack traffic" they observed. It's the Blockland loading system. Either they incorrectly flagged the traffic or there is some exploit that causes the server to send back massive amounts of traffic. Still investigating.

fastpackets maybe?

Mr. Noobalot · August 29, 2017, 09:14:26 PM

If all else fails, get a connection ban add-on.
Unless that's useless, in any way.

~Cloud Zero, BL_ID 37977

Metario · August 30, 2017, 08:06:32 PM

Quote from: Scout31 on August 29, 2017, 04:37:12 PM

us10 has been null routed by Linode due to an incoming DoS attack impacting their network performance. Several other servers receiving inbound DoS attacks, but they typically only last long enough to crash the server and then stop.

There really isn't much I can do moving forward except hope that this stops. This is indeed Linode's policy, and if this continues to happen there is nothing I can do about it. I will continue to search for solutions.

Do you have the source IPs? Release them so we can cross reference with server logs and connection attempts.

Frankie� · August 30, 2017, 08:22:26 PM

Quote from: Mr. Noobalot on August 29, 2017, 09:14:26 PM

If all else fails, get a connection ban add-on.
Unless that's useless, in any way.

~Cloud Zero, BL_ID 37977

that would be very useless because they would still be sending data to the server in a rapid succession, which is what a dos does
also dont sign your posts

FlavouredGames · August 30, 2017, 09:05:22 PM

Could you possibly get DDoS prevention software?

Squib · August 30, 2017, 09:29:48 PM

Quote from: FlavouredGames on August 30, 2017, 09:05:22 PM

Could you possibly get DDoS prevention software?

guess how much this costs

Trogtor · August 30, 2017, 09:36:42 PM

Quote from: FlavouredGames on August 30, 2017, 09:05:22 PM

Could you possibly get DDoS prevention software?

ask zedrow

Scout31 · August 30, 2017, 10:04:48 PM

Issue is beyond software, really. Flooding the network and sending more information than the machine can handle.

I am looking in to switching to a new VPS provider that offers DDoS protection up to 10Gbps (we've been receiving 1.5Gbps). This could either replace the current provider or act in parallel at an increased price, I will continue to look in to it.

edit: Pricing indicates we would have to restructure the service to a degree and a small price increase. Transfer process (and related coding) could get complicated.

edit2: If you're interested in getting a DDoS protected server immediately and are willing to pay an increased rate, PM me.