How to stop this CHEAT - HACKED DEDI SERVER

Emmer · February 4, 2012

Now i am getting constantly Connection Timed Out after flying in servers for a minute or 5.I just wanna fly, nothing more.

Not only one server, but all with no ICF.

Anyone has the same problem?

Hellboy · February 5, 2012

Protection tested for GUNS'N'ROSES Arena server (SPC) and not hold out if we toppled over the weekend, it will make sense to declare the result.

Case · February 5, 2012

Protection tested for GUNS'N'ROSES Arena server (SPC) and not hold out if we toppled over the weekend, it will make sense to declare the result.

Do you care to share how you protect your server?

Hellboy · February 5, 2012

May be later, after testing of program on our server.

Ramstein · February 5, 2012

are you sure some one didn't plug the wrong number, in the wrong place in a script, which multiplied the ai aircraft?? that's the way it looks to me... looks like someone went down a list of flights, wings, squads, and they, and plugged in numbers like 3,4,5, which in turn exponentially multiplied.

RIPTIDE · February 5, 2012

are you sure some one didn't plug the wrong number, in the wrong place in a script, which multiplied the ai aircraft?? that's the way it looks to me... looks like someone went down a list of flights, wings, squads, and they, and plugged in numbers like 3,4,5, which in turn exponentially multiplied.

Ya I bet that's exactly what happened...

Falcon_S · February 6, 2012

Ok gents, LETS FLY AGAIN!!!!!!!!!!! :pilotfly:

I`m start up server today (false =4c=SVFS server) and i had few series of attack in a 7 hours. In that time all servers are hacked few times but my server stay as a proud soldier who will not flinch. He (poor guy) is attack us but no successfuly. I can say to all: Our poor hacker can retire without honors!

My secret weapons is NetPeeker Firewall and Monitor

Server admins do this rules in your firewall:

1. Block ICMP protocol (all types) INBOUND CONNECTIONS: DENY all to ping you. He just ping servers with Ping of Death.

2. Block outgoing connections for windows process msfeedssync.exe - all the time when attack start this program ask to go out. If you permit it LOFC/BS will crash then. This is for case if we have trojan in system.

3. Block all (make a custom RULES) strange and crazy IP`s if you are not sure WHOIS. And step by step ALLOW people to join after filtering...

...watch attachment for more info

I know filtering is hard work and admins should spend to much time but on this way problem is solved and this is the only way for now. We will enjoy in our flights again. :thumbup:

Let`s fly! :)

Bearitall · February 6, 2012

Ok gents, LETS FLY AGAIN!!!!!!!!!!! :pilotfly:

I`m start up server today (false =4c=SVFS server) and i had few series of attack in a 7 hours. In that time all servers are hacked few times but my server stay as a proud soldier who will not flinch. He (poor guy) is attack us but no successfuly. I can say to all: Our poor hacker can retire without honors!

My secret weapons is NetPeeker Firewall and Monitor

Server admins do this rules in your firewall:
1. Block ICMP protocol (all types) INBOUND CONNECTIONS: DENY all to ping you. He just ping servers with Ping of Death.
2. Block outgoing connections for windows process msfeedssync.exe - all the time when attack start this program ask to go out. If you permit it LOFC/BS will crash then. This is for case if we have trojan in system.
3. Block all (make a custom RULES) strange and crazy IP`s if you are not sure WHOIS. And step by step ALLOW people to join after filtering...
...watch attachment for more info

I know filtering is hard work and admins should spend to much time but on this way problem is solved and this is the only way for now. We will enjoy in our flights again. :thumbup:

Let`s fly! :)

My hats off to you bud...nice stuff...:clap_2:

L0op8ack · February 6, 2012

emmmm, client IPs in white list

good idea

Hellboy · February 6, 2012

Ok gents, LETS FLY AGAIN!!!!!!!!!!! :pilotfly:

I`m start up server today (false =4c=SVFS server) and i had few series of attack in a 7 hours. In that time all servers are hacked few times but my server stay as a proud soldier who will not flinch. He (poor guy) is attack us but no successfuly. I can say to all: Our poor hacker can retire without honors!

My secret weapons is NetPeeker Firewall and Monitor

Server admins do this rules in your firewall:
1. Block ICMP protocol (all types) INBOUND CONNECTIONS: DENY all to ping you. He just ping servers with Ping of Death.
2. Block outgoing connections for windows process msfeedssync.exe - all the time when attack start this program ask to go out. If you permit it LOFC/BS will crash then. This is for case if we have trojan in system.
3. Block all (make a custom RULES) strange and crazy IP`s if you are not sure WHOIS. And step by step ALLOW people to join after filtering...
...watch attachment for more info

I know filtering is hard work and admins should spend to much time but on this way problem is solved and this is the only way for now. We will enjoy in our flights again. :thumbup:

Let`s fly! :)

You are mistaken. it does not help.

To get started, simply block all the ip addresses of Tor, which will not allow an attacker to use them.But the difficulty lies in the fact that the list is dynamic, and it is necessary to continually update and contribute to the firewall. That's it really helps, at least for a while.

And if you make only the trusted list, the server will be closed on the way for new players.

Edited February 6, 2012 by Hellboy

Rhinox · February 6, 2012

3. Block all (make a custom RULES) strange and crazy IP`s if you are not sure WHOIS. And step by step ALLOW people to join after filtering...

Unfortunatelly, public servers are no more public, if you apply whitelisting. And we are again at the beginning...

FLANKERATOR · February 6, 2012

Good job Falcon, that's what I suggested few days ago and it looks like it's working. Congrats bud.

There is nothing fancy in registering on the server's forums and asking for IP clearance. Best way is to get a static IP from your ISP.

Now if the bad guys still want to play, they'll have to register and use a regular IP, no more hiding behind proxies.

Cali · February 6, 2012

Hope this works, but I'm sure he'll try to find a way around it.

Rhinox · February 6, 2012

...Best way is to get a static IP from your ISP...

Some ISPs charge you for single static-IP more, than for 100/100mbit flat connection. Others do not give you static-IP even if you'd pay it with pure gold (especially those who use private-IP & NAT for all customers)...

FLANKERATOR · February 6, 2012

Some ISPs charge you for single static-IP more, than for 100/100mbit flat connection. Others do not give you static-IP even if you'd pay it with pure gold (especially those who use private-IP & NAT for all customers)...

Well, I guess people who are really interested in saving MP servers will be willing to do it. After all, those servers' admins have been paying from their own pockets for ages, and for the pleasure of the community.

A little cash sacrifice or ISP change from the other side would be fair enough IMO.

Hellboy · February 6, 2012

Hope this works, but I'm sure he'll try to find a way around it.

Not work!:doh:

159th_Viper · February 6, 2012

Not work!:doh:

And your solution? Week-end's over.......Has it worked? :)

Falcon_S · February 6, 2012

You are mistaken. it does not help.
To get started, simply block all the ip addresses of Tor, which will not allow an attacker to use them.But the difficulty lies in the fact that the list is dynamic, and it is necessary to continually update and contribute to the firewall. That's it really helps, at least for a while.
And if you make only the trusted list, the server will be closed on the way for new players.

It helps very much. In this way he can not do anything because there is no connection to the server. Can only see how powerless he is. So much for his hacking skill.

Unfortunatelly, public servers are no more public, if you apply whitelisting. And we are again at the beginning...

Yes for now, but... Better than make server hiden or in LAN. Every player will see server, how many players there and if wanna join should ask and provide his IP. Server will be ''public'' very fast for many players. People who often hide behind another nickname, which connect through a proxy, which create problems on the server - does not deserve to enter the server in any case. Thus we do not care who they are, whether they connect from Mauritus or Zanzibar - they just can not connect. Filtered players will be able to play and finally to complete the mission. When the =4c= server decides that the players must be registered if they want to join - people are come and register. Also will come and say their IP address (static or dynamic, it does not matter). I know this is not an ideal solution, but what else to do.

Not work!:doh:

Please stop - IT WORK. Yesterday your server is hacked - MY NOT (server stay online more than 7 hours). I watched the attacks live while my friends enjoyed on my server. I watched and laughed.

Hellboy · February 6, 2012

Please stop - IT WORK. Yesterday your server is hacked - MY NOT (server stay online more than 7 hours). I watched the attacks live while my friends enjoyed on my server. I watched and laughed.

My server just worked too, but it was open to all users.See the difference?

Your option is suitable for flying friends and nothing more, and this task can be implemented completely by any firewall.You can leave the server in the list of available servers and cut off the only hacker to connect? I am sure it is not.

Edited February 6, 2012 by Hellboy

Rhinox · February 6, 2012

My server just worked too, but it was open to all users.See the difference?

I think it makes hell of difference, if it works of course. You say it did for you, so maybe you could enlighten us...

Falcon_S · February 6, 2012

My server just worked too, but it was open to all users.See the difference?

So, lets talk about your solution - multiplayer are in cahos 2 monts.

Your option is suitable for flying friends and nothing more...

Friends are all good people in this comunity.

...and this task can be implemented completely by any firewall.

This firewall do complete job and keep this hacker in his dark room.

Edited February 6, 2012 by Falcon_S

Rhinox · February 6, 2012

Well, I guess people who are really interested in saving MP servers will be willing to do it.

Yes, if it works. But I'm telling you right now: whitelisting based on IP will not work for long. Actually, it is very easy to circumvent such a protection. But I'm not going into details...

Boberro · February 6, 2012

The goal is to make public server no-touch to this poor child. Hiding it or making whitelist of IP is not the solution, it makes good only for private servers for friends. Not for server, where 20-30 people could enter.

I hope this Hellboy's solution will make such thing working flawlessly.

Hellboy · February 6, 2012

Yes, if it works. But I'm telling you right now: whitelisting based on IP will not work for long. Actually, it is very easy to circumvent such a protection. But I'm not going into details...

Totally agree with you.

I think it should run a special forum with restricted access only for admins, where they could put the program itself and the documentation for it. I do not want to hacker broke on the second day of defense, after reading this forum for all mechanisms.

I will try to implement it.

Edited February 6, 2012 by Hellboy

leafer · February 6, 2012

I watched the attacks live while my friends enjoyed on my server. I watched and laughed.

LOL That made my day.

Sign In

How to stop this CHEAT - HACKED DEDI SERVER

Recommended Posts

Emmer

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Hellboy

Case

Hellboy

Ramstein

RIPTIDE

Falcon_S

Bearitall

L0op8ack

Hellboy

Rhinox

FLANKERATOR

Cali

Rhinox

FLANKERATOR

Hellboy

159th_Viper

Falcon_S

Hellboy

Rhinox

Falcon_S

Rhinox

Boberro

Hellboy

leafer

Recently Browsing 0 members