•     Please make sure you check the Support FAQ and relevant Guides before you create a new thread in this section!

[OUT OF SCOPE] Ddos attacks on multiple servers!

  • Thread starter Deleted member 3500
  • Start date
D

Deleted member 3500

Guest
Devs, you guys need to fix this. We've had countless hackers, and trolls attacking multiple servers including CA using Ddos. This needs to stop ASAP! Whoever is behind the attacks needs to be banned, as well as anyone associating with the attacker. Ddosing is an illegal cyber-terrorist act here in the US, and it can not be allowed to happen, at all, on ANY server. Fix it please, for the sake of the Community and your mod's survival.
 
Posts
39
Likes
28
You believe very incorrectly. Security of hosts is the responsibility of the hosts. It's enough trouble being responsible for one set of infrastructure taking on responsibility for everyone else's is plain ridiculous. Every server host operates in a unique environment, what works well for one host might not work at all for another host, and what works well today might not work at all tomorrow for any given host.

I don't think Valkyrie was asking for you to take over security of everyone's servers, but that it would be helpful to share what has and hasn't worked to help the community as a whole. It would of course still be up to the individual servers to adapt that information to work on their own unique environment. You apparently know him better than I do though, so maybe I am misunderstanding, but basically that was what I was hoping for, some collaboration.

It is best for the community to have as many different unique solutions as possible. Not only will these be better tailored to protect each bit of infrastructure it gives the community as a whole defense in depth by preventing a one size fits all DDOS.

I have to say I disagree with this though, especially since it seems like we're already being hit with a one size fits all DDoS, but it is what it is if that's what you feel is best for your game. If I do come across anything that helps my server though, I will still share it with the community.

I appreciate you sharing your thoughts on this and general ideas on how things could potentially be mitigated though.
 

The Unguided

Moderator
Movie Battles II Team
Posts
286
Likes
261
Apologise, next time we make your game alive by paying from our pocket, I'll remember it's causing you troubles...

Nah, it's too much to say that only the community/hosts keep the mod alive even when it is greatly appreciated that people pay money in order to keep servers running. Nonetheless, if there were no dev team, there would be no community. If there was no community and people to play at all, the dev team would find no point in existing anymore. We're in this together. It's up to teamwork. Therefore everybody's reponsible for the mod's state. So I don't think it's fair to point at anyone being responsible for this or that.
 

Defiant

Nerd
Project Leader
Movie Battles II Team
Code Leader
Posts
1,046
Likes
1,518
I don't think Valkyrie was asking for you to take over security of everyone's servers, but that it would be helpful to share what has and hasn't worked to help the community as a whole. It would of course still be up to the individual servers to adapt that information to work on their own unique environment. You apparently know him better than I do though, so maybe I am misunderstanding, but basically that was what I was hoping for, some collaboration.



I have to say I disagree with this though, especially since it seems like we're already being hit with a one size fits all DDoS, but it is what it is if that's what you feel is best for your game. If I do come across anything that helps my server though, I will still share it with the community.

I appreciate you sharing your thoughts on this and general ideas on how things could potentially be mitigated though.

If we had anything that could help everyone we wouldn't keep it to ourselves. If this were a solvable problem in the generic sense then there would be as many blog posts and articles about it as there are about preventing SQL injection. Protections would be baked into operating systems and the hyper-expensive routers used in data centers. But there is no such thing.
 
Posts
39
Likes
28
If we had anything that could help everyone we wouldn't keep it to ourselves. If this were a solvable problem in the generic sense then there would be as many blog posts and articles about it as there are about preventing SQL injection. Protections would be baked into operating systems and the hyper-expensive routers used in data centers. But there is no such thing.

Thank you, that is fine and understandable. I wasn't thinking that you were hiding some secret answer to stop all DDoS attacks in general. It was just that when I see this type of message enough:

We cannot do anything about DDOS attacks on servers we do not own. That is up to the server owners and their providers.

It makes me think that there's something you're doing that we're not that could help with the particular attacks we've all been experiencing, so I had to check. Glad to hear you'd be willing to share if you do come across something.
 

Defiant

Nerd
Project Leader
Movie Battles II Team
Code Leader
Posts
1,046
Likes
1,518
Thank you, that is fine and understandable. I wasn't thinking that you were hiding some secret answer to stop all DDoS attacks in general. It was just that when I see this type of message enough:



It makes me think that there's something you're doing that we're not that could help with the particular attacks we've all been experiencing, so I had to check. Glad to hear you'd be willing to share if you do come across something.

Both are true. We are not holding anything back and the protections in place for our infrastructure are uniquely tailored to our environment. Some of the utilities may or may not be used by other server hosts - and we have no way of knowing if what we have is any more effective than what anyone else has. Unfortunately every host must come to their own conclusions about how much time and money they are willing to commit. Thanks to the kindness of the community via donations we probably have more resources to keep the lights on than most.
 
Posts
1,388
Likes
1,310
The real issue here is you Defiant. You're being too honest and practical about what can be done.

Better to lie and mislead the children. Tell them Santa's a black woman from China. Give the illusion rather than the simple truth. 9 out of ten times Santa is your father or the mailman.

You would make a poor politician.

So +1 for being a human being. -5 for not being a Meat-hungry Shark. There's so much chum to be had, yum!
 
Posts
761
Likes
662
The real issue here is you Defiant. You're being too honest and practical about what can be done.

Better to lie and mislead the children. Tell them Santa's a black woman from China. Give the illusion rather than the simple truth. 9 out of ten times Santa is your father or the mailman.

You would make a poor politician.

So +1 for being a human being. -5 for not being a Meat-hungry Shark. There's so much chum to be had, yum!
bro what lol
 
Posts
39
Likes
28
We are not holding anything back and the protections in place for our infrastructure are uniquely tailored to our environment.

I'm sorry, but you're literally talking about what you're holding back in the same sentence that you say you aren't holding anything back... If you don't want to share for your own reasons, that's whatever, but you can't have it both ways.

Maybe the protections are out of reach for other server owners, maybe it's not compatible with their current setup, maybe they aren't as effective as what they already have, or maybe they aren't effective at all, but I think that's something the individual server owners could assess. I personally think it's better to share knowledge and try to work together when facing a common problem, even an insurmountable one, than for everyone to fend for themselves, but apparently I'm in the minority there.
 
Posts
81
Likes
34
I'm sorry, but you're literally talking about what you're holding back in the same sentence that you say you aren't holding anything back... If you don't want to share for your own reasons, that's whatever, but you can't have it both ways.

Maybe the protections are out of reach for other server owners, maybe it's not compatible with their current setup, maybe they aren't as effective as what they already have, or maybe they aren't effective at all, but I think that's something the individual server owners could assess. I personally think it's better to share knowledge and try to work together when facing a common problem, even an insurmountable one, than for everyone to fend for themselves, but apparently I'm in the minority there.
stop ddosing
 

MaceMadunusus

Level Designer
Donator
Movie Battles II Team
Posts
1,913
Likes
2,672
I'm sorry, but you're literally talking about what you're holding back in the same sentence that you say you aren't holding anything back...

Remember that our infrastructure contains things like the website, launcher backend, master server, gamestats servers, public stats server, etc. Our situation is unique cause it is just not the game server. Some of our protections are options available through cloudflare, which are not relevant at all to the game server.
 
Posts
276
Likes
256
I would love to hear those so called "complaints", really I would love to. Injustice is too high, I will go back to being spectator, each time I try to mitigate this injustice I again get caught in this paradise of non-sense.
 
Top