community fundraiser for invite/prem ddos negating servers dollarlayer mentioned, for league/tournament use only? :D even outside of invite/prem, i wonder how many etf2l users would be willing to pay league fees in order to have access to these servers?
anyone who knows about that stuff willing to look into server prices?
community fundraiser for invite/prem ddos negating servers dollarlayer mentioned, for league/tournament use only? :D even outside of invite/prem, i wonder how many etf2l users would be willing to pay league fees in order to have access to these servers?
anyone who knows about that stuff willing to look into server prices?
Stop pointing your goddamn fingers everywhere.
Normally no ddosser, 13 or 30, is stupid enough to leak all their information to turn a complex equation into 2 + 2. Trying to start some sort of witch hunt isn't going to go anywhere, and it may not always be the same person/group of people.
TL;DR
get some good ddos preventative measures/protection, and lets leave it as that.
start here: https://www.youtube.com/watch?v=0I4O4hoKzb8
Stop pointing your goddamn fingers everywhere.
Normally no ddosser, 13 or 30, is stupid enough to leak all their information to turn a complex equation into 2 + 2. Trying to start some sort of witch hunt isn't going to go anywhere, and it may not always be the same person/group of people.
TL;DR
get some good ddos preventative measures/protection, and lets leave it as that.
start here: https://www.youtube.com/watch?v=0I4O4hoKzb8
MightyStop pointing your goddamn fingers everywhere.
Normally no ddosser, 13 or 30, is stupid enough to leak all their information to turn a complex equation into 2 + 2. Trying to start some sort of witch hunt isn't going to go anywhere, and it may not always be the same person/group of people.
I wasn't starting a witch hunt or anything, I was genuinely upset that this has been happening to such a nice and hardworking community and felt compelled to ask for motives, even tho it was kinda like shouting at the sky.
But hey, I streamed our whole Nations cup game vs Russia today and averaged 70 viewers and not a single time we had lag problems, maybe the person behind some of this does have a conscience and rethinked his actions, maybe not. But I'm still happy I made this post.
[quote=Mighty]Stop pointing your goddamn fingers everywhere.
Normally no ddosser, 13 or 30, is stupid enough to leak all their information to turn a complex equation into 2 + 2. Trying to start some sort of witch hunt isn't going to go anywhere, and it may not always be the same person/group of people.
[/quote]
I wasn't starting a witch hunt or anything, I was genuinely upset that this has been happening to such a nice and hardworking community and felt compelled to ask for motives, even tho it was kinda like shouting at the sky.
But hey, I streamed our whole Nations cup game vs Russia today and averaged 70 viewers and not a single time we had lag problems, maybe the person behind some of this does have a conscience and rethinked his actions, maybe not. But I'm still happy I made this post.
KanecoMightyStop pointing your goddamn fingers everywhere.
Normally no ddosser, 13 or 30, is stupid enough to leak all their information to turn a complex equation into 2 + 2. Trying to start some sort of witch hunt isn't going to go anywhere, and it may not always be the same person/group of people.
I wasn't starting a witch hunt or anything, I was genuinely upset that this has been happening to such a nice and hardworking community and felt compelled to ask for motives, even tho it was kinda like shouting at the sky.
But hey, I streamed our whole Nations cup game vs Russia today and averaged 70 viewers and not a single time we had lag problems, maybe the person behind some of this does have a conscience and rethinked his actions, maybe not. But I'm still happy I made this post.
This discussion needed to happen. It's not like we can all just shove the ddosing issue under the rug, because its a fairly big issue. I'm not trying to blame any single person here, but as we've seen in the cheater/hacker witch hunt thread from before, some people around here tend to throw out some 'not so hard' evidence and accusations. Even if a witch hunt does happen and we figure out who did what, it's not very hard to get your hands on a ddosing program, and it's very possible that another person/group can start ddosing in TF2.
That's why I propose that we simply get better preventative measures/protection, so we can make ddosing in general harder to pull off in bigger and more important TF2 events.
[quote=Kaneco][quote=Mighty]Stop pointing your goddamn fingers everywhere.
Normally no ddosser, 13 or 30, is stupid enough to leak all their information to turn a complex equation into 2 + 2. Trying to start some sort of witch hunt isn't going to go anywhere, and it may not always be the same person/group of people.
[/quote]
I wasn't starting a witch hunt or anything, I was genuinely upset that this has been happening to such a nice and hardworking community and felt compelled to ask for motives, even tho it was kinda like shouting at the sky.
But hey, I streamed our whole Nations cup game vs Russia today and averaged 70 viewers and not a single time we had lag problems, maybe the person behind some of this does have a conscience and rethinked his actions, maybe not. But I'm still happy I made this post.[/quote]
This discussion needed to happen. It's not like we can all just shove the ddosing issue under the rug, because its a fairly big issue. I'm not trying to blame any single person here, but as we've seen in the cheater/hacker witch hunt thread from before, some people around here tend to throw out some 'not so hard' evidence and accusations. Even if a witch hunt does happen and we figure out who did what, it's not very hard to get your hands on a ddosing program, and it's very possible that another person/group can start ddosing in TF2.
That's why I propose that we simply get better preventative measures/protection, so we can make ddosing in general harder to pull off in bigger and more important TF2 events.
Educating people is hard. And that's what really is required. DDoS is nothing you can mitigate that fast, if that would be the case sites like PSN (they got bigger issues than that tho...), Reddit or Github would suffer from those too.
All players would have to ensure to hide game info + their IP before joining a game, that would already sort out most attacks. Including streamers obviously, but those issues are rather ignored from the community it seems. You cannot punish DDoS'ers that easily, since they just fire controls from a IRC channel to their bots and never attack directly. There are even services where you can rent a own botnet, its not even that expensive. So you can call for DDoS protected servers, but also those have a limit. I think Arie(?) mentioned that the attacks execeeded multiple GBit per minuite, most server providers will null-route your IP when something like that happens.
Educating people is hard. And that's what really is required. DDoS is nothing you can mitigate that fast, if that would be the case sites like PSN (they got bigger issues than that tho...), Reddit or Github would suffer from those too.
All players would have to ensure to hide game info + their IP before joining a game, that would already sort out most attacks. Including streamers obviously, but those issues are rather ignored from the community it seems. You cannot punish DDoS'ers that easily, since they just fire controls from a IRC channel to their bots and never attack directly. There are even services where you can rent a own botnet, its not even that expensive. So you can call for DDoS protected servers, but also those have a limit. I think Arie(?) mentioned that the attacks execeeded multiple GBit per minuite, most server providers will null-route your IP when something like that happens.
One possible, long term mitigation strategy is to convince Valve to support IPv6 in Source, then convince server providers to upgrade, then cycle IPs aggressively for important matches. Downside of course is that "long term" here is _really_ long term :(
One possible, long term mitigation strategy is to convince Valve to support IPv6 in Source, then convince server providers to upgrade, then cycle IPs aggressively for important matches. Downside of course is that "long term" here is _really_ long term :(
We used a new "system" today for the England/Finland game which resulted in us not receiving a DDoS although we could have just been lucky.
We used a new [i]"system"[/i] today for the England/Finland game which resulted in us not receiving a DDoS although we could have just been lucky.
popcorpI swear if something like that happens during ToTH, It will be one of the worst things ever...
dont give him ideas
[quote=popcorp]I swear if something like that happens during ToTH, It will be one of the worst things ever...[/quote]
dont give him ideas
Host servers on VPS or dedicated with command-line access
Install OpenVPN on servers
Connect servers to a VPN
Block Source ports on the servers from access except from the VPN's IP range
Connect players/casters to the VPN
Give out the VPN server IP
Now even if someone looks up their game info in Steam, they should only see a server IP from the VPN range
Not 100% sure this works because I've never tried it.
Host servers on VPS or dedicated with command-line access
Install OpenVPN on servers
Connect servers to a VPN
Block Source ports on the servers from access except from the VPN's IP range
Connect players/casters to the VPN
Give out the VPN server IP
Now even if someone looks up their game info in Steam, they should only see a server IP from the VPN range
Not 100% sure this works because I've never tried it.
MessyRecipeHost servers on VPS or dedicated with command-line access
Install OpenVPN on servers
Connect servers to a VPN
Block Source ports on the servers from access except from the VPN's IP range
Connect players/casters to the VPN
Give out the VPN server IP
Now even if someone looks up their game info in Steam, they should only see a server IP from the VPN range
Not 100% sure this works because I've never tried it.
I have a VPS with TF2 on it. I'll experiment with this.
Edit: We forgot a couple of key points... VPN costs and ping overhead. Especially that last one.
[quote=MessyRecipe]Host servers on VPS or dedicated with command-line access
Install OpenVPN on servers
Connect servers to a VPN
Block Source ports on the servers from access except from the VPN's IP range
Connect players/casters to the VPN
Give out the VPN server IP
Now even if someone looks up their game info in Steam, they should only see a server IP from the VPN range
Not 100% sure this works because I've never tried it.[/quote]
I have a VPS with TF2 on it. I'll experiment with this.
Edit: We forgot a couple of key points... VPN costs and ping overhead. Especially that last one.
We are working on some solutions, but we can't prevent players from leaking their own IP's. They are required to take care of that themselves.
We are working on some solutions, but we can't prevent players from leaking their own IP's. They are required to take care of that themselves.
Max_Does anyone know how CS:GO goes about preventing DDosing at the majors?
Qualifiers for Cologne happened a couple weeks ago and there was no DDosing despite much more being on the line there not just in skins and betting but in qualifying for a Valve funded major
It's a huge problem in online matches if the players don't acquire DDOS protection. They have to basically use VPNs and organization provided protection, or the player WILL get ddos'd. Salty little skin betting kids, which is the reason why it happens there. No idea why you'd ddos TF2 players playing a PUG though, like what the fuck
[quote=Max_]Does anyone know how CS:GO goes about preventing DDosing at the majors?
Qualifiers for Cologne happened a couple weeks ago and there was no DDosing despite much more being on the line there not just in skins and betting but in qualifying for a Valve funded major[/quote]
It's a huge problem in online matches if the players don't acquire DDOS protection. They have to basically use VPNs and organization provided protection, or the player WILL get ddos'd. Salty little skin betting kids, which is the reason why it happens there. No idea why you'd ddos TF2 players playing a PUG though, like what the fuck
yttriumMessyRecipeHost servers on VPS or dedicated with command-line access
Install OpenVPN on servers
Connect servers to a VPN
Block Source ports on the servers from access except from the VPN's IP range
Connect players/casters to the VPN
Give out the VPN server IP
Now even if someone looks up their game info in Steam, they should only see a server IP from the VPN range
Not 100% sure this works because I've never tried it.
I have a VPS with TF2 on it. I'll experiment with this.
Edit: We forgot a couple of key points... VPN costs and ping overhead. Especially that last one.
Those key points are pretty much the killer in this. Unless an org is willing to front the cost for these servers, it goes to the players, which is unlikely to be a cost people are willing to pay for a fairly rare instance. The ping issue also puts a severe damper on the situation. It also doesn't remedy a player getting ddos'd, which can kill a match just as easily.
[quote=yttrium][quote=MessyRecipe]Host servers on VPS or dedicated with command-line access
Install OpenVPN on servers
Connect servers to a VPN
Block Source ports on the servers from access except from the VPN's IP range
Connect players/casters to the VPN
Give out the VPN server IP
Now even if someone looks up their game info in Steam, they should only see a server IP from the VPN range
Not 100% sure this works because I've never tried it.[/quote]
I have a VPS with TF2 on it. I'll experiment with this.
Edit: We forgot a couple of key points... VPN costs and ping overhead. Especially that last one.[/quote]
Those key points are pretty much the killer in this. Unless an org is willing to front the cost for these servers, it goes to the players, which is unlikely to be a cost people are willing to pay for a fairly rare instance. The ping issue also puts a severe damper on the situation. It also doesn't remedy a player getting ddos'd, which can kill a match just as easily.
Ok first ddos protected servers, from nfo at least, are not very expensive. The one I have had never failed to stop d(d)os attacks as well so I would recomend that for server protection.
Ok first ddos protected servers, from nfo at least, are not very expensive. The one I have had never failed to stop d(d)os attacks as well so I would recomend that for server protection.
Hellbentthen why is there a thread about it when there is literally nothing anyone can do about it
Probably as a way to vent viewer frustration in a thread just to get it out of their system...
[quote=Hellbent]then why is there a thread about it when there is literally nothing anyone can do about it[/quote]
Probably as a way to vent viewer frustration in a thread just to get it out of their system...
All those DDoS protections will only stop small ddos attacks till a certain degree, I wouldn't have too much hope that they will help entirely, but sure, its a start.
MessyRecipe: I had the same idea, and someone else had another idea with another system to allow persons, however, you would have to teach 1k players how to use a VPN first of all. That's quite some work. Also, you can just DDoS the VPN endpoint, because that will hit the server aswell. The only thing which would help if players wouldn't leak the IP, which seem to be the biggest issues?
If the VPN is running directly on the VPS which also is hosting the TF2 Server, the ping difference would be minimal btw. Since you just have one more local hop, its basically:
Player <---INTERNET--> VPN SERVER <-- LOOPBACK--> TF2 Server
Loopback = Internal Network Interface, so as example when you create your own TF2 Server locally its used to connect with the TF2 Client to it. It would be somewhat the same with the VPN. So don't worry about the ping, but the other reasons I mentioned above are rather the killer.
Fire: Its not even the service dying, its often rather the TCP/IP Stack or one layer lower who just cannot handle all incoming requests. Yes, there also exist DDoS on application layer, but those are more rare and more specialized.
All those DDoS protections will only stop small ddos attacks till a certain degree, I wouldn't have too much hope that they will help entirely, but sure, its a start.
MessyRecipe: I had the same idea, and someone else had another idea with another system to allow persons, however, you would have to teach 1k players how to use a VPN first of all. That's quite some work. Also, you can just DDoS the VPN endpoint, because that will hit the server aswell. The only thing which would help if players wouldn't leak the IP, which seem to be the biggest issues?
If the VPN is running directly on the VPS which also is hosting the TF2 Server, the ping difference would be minimal btw. Since you just have one more local hop, its basically:
Player <---INTERNET--> VPN SERVER <-- LOOPBACK--> TF2 Server
Loopback = Internal Network Interface, so as example when you create your own TF2 Server locally its used to connect with the TF2 Client to it. It would be somewhat the same with the VPN. So don't worry about the ping, but the other reasons I mentioned above are rather the killer.
Fire: Its not even the service dying, its often rather the TCP/IP Stack or one layer lower who just cannot handle all incoming requests. Yes, there also exist DDoS on application layer, but those are more rare and more specialized.
We (EU HL) are currently experimenting with a VPN-only tf2 gameserver. We've used it successfully for one cast so far on BOTV and all went well. The pings despite what some may say are pretty solid, I've personally found I've had a lower ping to the VPN server than to a public server in the same geographic location. I normally get 30-40 ping to France on average but through the VPN i'm hovering on 20 ping :D
We (EU HL) are currently experimenting with a VPN-only tf2 gameserver. We've used it successfully for one cast so far on BOTV and all went well. The pings despite what some may say are pretty solid, I've personally found I've had a lower ping to the VPN server than to a public server in the same geographic location. I normally get 30-40 ping to France on average but through the VPN i'm hovering on 20 ping :D
every time i see this thread title i think about all the times my parents confront me about all he drugs I did
every time i see this thread title i think about all the times my parents confront me about all he drugs I did
brock been a retard for half a decade
brock been a retard for half a decade