[OFFICIAL] OCG DDOS/Attackers Issues/Updates
Hello,
It has been a rough over the course of the last 2 weeks. OCG has been working every day to create some kind of event for Crossfire, though we have been getting attacked in various ways that we have been trying to fix. We have been working on our ventrilo server in conquering that we can hold a proper PUG/Draft without some DDOSER trying to ruin it. Unfortunately I want the community to know this guy has not stopped with us, he poses a real threat as he is hitting our ventrilo server over 10GBS, and sending layer 7 attacks and botnets.
But today, after our PUG, he was not able to throw our ventrilo server down after his first attack, he was only able to flood and disconnect players. Saying this again, we have been working with NationVoice to overcome how to control and fix this issue. OCG believes we have come to some kind of fix. Though, we would need the community to keep supporting us! Realize once everything is fixed, we will be able to have successful drafts and pugs on a daily/weekly basis! So OCG Fans please stay in there and keep supporting us, and know were here to give you guys the best gaming experience possible!
We moved our Ventrilo server again, to something that is more dedicated and protected.
OCG.NationVoice.com
3786
Should we host another PUG tomorrow 5/14/13 8PM EST?
Thanks,
Evan
OCG CEO
It has been a rough over the course of the last 2 weeks. OCG has been working every day to create some kind of event for Crossfire, though we have been getting attacked in various ways that we have been trying to fix. We have been working on our ventrilo server in conquering that we can hold a proper PUG/Draft without some DDOSER trying to ruin it. Unfortunately I want the community to know this guy has not stopped with us, he poses a real threat as he is hitting our ventrilo server over 10GBS, and sending layer 7 attacks and botnets.
But today, after our PUG, he was not able to throw our ventrilo server down after his first attack, he was only able to flood and disconnect players. Saying this again, we have been working with NationVoice to overcome how to control and fix this issue. OCG believes we have come to some kind of fix. Though, we would need the community to keep supporting us! Realize once everything is fixed, we will be able to have successful drafts and pugs on a daily/weekly basis! So OCG Fans please stay in there and keep supporting us, and know were here to give you guys the best gaming experience possible!
We moved our Ventrilo server again, to something that is more dedicated and protected.
OCG.NationVoice.com
3786
Should we host another PUG tomorrow 5/14/13 8PM EST?
Thanks,
Evan
OCG CEO
Comments
-
lionheartban wrote: »How do you know it's a male? For all you know playtex is to blame for these heinous acts.
Also how do you know a botnet is being used? Just curious.
Because it's a flood of various ip's against the server. Ergo, someone is paying for a botnet. -
Because it's a flood of various ip's against the server. Ergo, someone is paying for a botnet.
I doubt it is a botnet otherwise it would be much easier to track down with the help of the authorities. (monitor traffic inbound/outbound from client/botnet operator would point directly to the perpetrator.)
Single servers can generate up to ~10k dynamic IP connections per second by using (S)SYN flood to modify the header of the packets being sent. (by modifying the header you can change it to any IP you want as long as it is not an internal address. i.e 127.0.0.1)
So to summarize, multiple IP's (even over 10k) does not mean it is a botnet.
Spoofed attacks are commonly generated from dedicated servers.
My server in Amsterdam has been attacked multiple times with these type of attacks generating over ~5,000 IP's connecting/disconnecting per second and a total PPS of 7.4Mil @ 5GBps peak. Even with a hardened TCP/IP stack it didn't help all too much.
Some advice to OCG, keep in touch with your host as they will be the most helpful in this situation and keep attempting to locate whoever is doing it by any means. I suppose if you can't find a solution to this issue I can recommend some good hosts with proper protection. Just email me. (Jon@frostgaming.com)boratCARL0SS wrote: »switch to mumble.. solves everything.
If you think a mumble will help, refer to this post;
http://forum.z8games.com/showthread.php?p=3571555#post3571555
tl;dr : It will not help whatsoever. It isn't a client specific exploit, it's an attack on the server consuming its bandwidth and rendering it unavailable for other users. -
I doubt it is a botnet otherwise it would be much easier to track down with the help of the authorities. (monitor traffic inbound/outbound from client/botnet operator would point directly to the perpetrator.)
Single servers can generate up to ~10k dynamic IP connections per second by using (S)SYN flood to modify the header of the packets being sent. (by modifying the header you can change it to any IP you want as long as it is not an internal address. i.e 127.0.0.1)
So to summarize, multiple IP's (even over 10k) does not mean it is a botnet.
Spoofed attacks are commonly generated from dedicated servers.
My server in Amsterdam has been attacked multiple times with these type of attacks generating over ~5,000 IP's connecting/disconnecting per second and a total PPS of 7.4Mil @ 5GBps peak. Even with a hardened TCP/IP stack it didn't help all too much.
Some advice to OCG, keep in touch with your host as they will be the most helpful in this situation and keep attempting to locate whoever is doing it by any means. I suppose if you can't find a solution to this issue I can recommend some good hosts with proper protection. Just email me. (Jon@frostgaming.com)
If you think a mumble will help, refer to this post;
http://forum.z8games.com/showthread.php?p=3571555#post3571555
tl;dr : It will not help whatsoever. It isn't a client specific exploit, it's an attack on the server consuming its bandwidth and rendering it unavailable for other users.
why u so smart. -
-
I doubt it is a botnet otherwise it would be much easier to track down with the help of the authorities. (monitor traffic inbound/outbound from client/botnet operator would point directly to the perpetrator.)
Single servers can generate up to ~10k dynamic IP connections per second by using (S)SYN flood to modify the header of the packets being sent. (by modifying the header you can change it to any IP you want as long as it is not an internal address. i.e 127.0.0.1)
So to summarize, multiple IP's (even over 10k) does not mean it is a botnet.
Spoofed attacks are commonly generated from dedicated servers.
My server in Amsterdam has been attacked multiple times with these type of attacks generating over ~5,000 IP's connecting/disconnecting per second and a total PPS of 7.4Mil @ 5GBps peak. Even with a hardened TCP/IP stack it didn't help all too much.
Some advice to OCG, keep in touch with your host as they will be the most helpful in this situation and keep attempting to locate whoever is doing it by any means. I suppose if you can't find a solution to this issue I can recommend some good hosts with proper protection. Just email me. (Jon@frostgaming.com)
If you think a mumble will help, refer to this post;
http://forum.z8games.com/showthread.php?p=3571555#post3571555
tl;dr : It will not help whatsoever. It isn't a client specific exploit, it's an attack on the server consuming its bandwidth and rendering it unavailable for other users.
It was Aliens! -
We never got a reason why are they happening.. is there any idea why someone who ddos your vent?
There being attacked because someone wants either cfl or cgl to succeed is trying to dos ocg so they will leave the game. Basically its some lame kid who thinks that each game can only have 1 league for whatever reason.boratCARL0SS wrote: »switch to mumble.. solves everything.
How would that help in anyway? It attacks the server and connections, nothing to do with the client.
Categories
- All Categories
- Z8Games
- 1 Z8 Forum Discussion & Suggestions
- 15 Z8Games Announcements
- Rules & Conduct
- 2.5K CrossFire
- 715 CrossFire Announcements
- 714 Previous Announcements
- 2 Previous Patch Notes
- 323 Community
- 12 Modes
- 393 Suggestions
- 16 Clan Discussion and Recruitment
- 73 CF Competitive Forum
- 1 CFCL
- 16 Looking for a Team?
- 524 CrossFire Support
- 7 Suggestion
- 15 CrossFire Guides
- 37 CrossFire Off Topic