IZ TIME TO BLAME A RANDOM PERSON FROM OUR W2 WRONGDOERS LIST. WHOS IT GONNA BE?
I'm glad you still think of me. Too bad you was so quick to frame lambchops. Yeah i'm not stupid buddy. Remember how i use to explain to you how to reverse a simple exe to find offsets? Or when i supplied you with all the hacks and how to create them on warcraft2hacks(.)com? Yeah! Once again Spoonfed and then you attacked the hand that fed you. Worse part is i know about the map hacks you have. You know lets just say 2 monitors best for the setup eh? Anti-hack can't detect this as war2 wasn't modified it was only read then displayed in another program.
That's just one of many! We all know you can hear the sounds even with fog not hacked off.
I can't even believe myself for helping this place right now. But maybe this will help unbrainwash you people who accuse me.
But i don't want to get off topic too much as i'm going to give you a solution. Is this even an attack? Why would someone choose to attack this way LOL? Way more powerful if all those bots made accounts, logged in, sent messages, ran commands, then the server would be truly overwhelmed with less work involved and you can easily google search ddos tools & bnet bots.... free...
The Problem: Every time i seen the status page all messed up was around 960ish players. This is a pvpgn server so my experience helped some. I told mousey/il along time ago before i made war2usa and left ru. There is actually no problem with the server. It just stops accepting connections after 1000. It would take less then 30 seconds for him to bring the server online and stop from going down again. Not sure the type of bot or attack style unless i have certain data. By the looks of it, it seems you have default configurations still in place @iL
hasn't configured or attempted too. Don't worry we all are guilty of it even me. In the professional world this would of broke policy.
Login to the server, find the pvpgn folder, then conf folder, open bntd.conf with notepad.
1. Change the connection limit = 1000 to something high like 10,000 or w/e you're server can handle.
2. The option below make sure it is set to TRUE as well. It says Remove Stale connection or w/e. This will help you drop junk traffic traffic.
3. Another TIP i doubt this attack is coming from different IP's because long ago when i had fun with bots. I could type load 100 bots all from the VPN or IP. So do like it likes this change the connections per IP to like 8. That's also why your admins at the time felt like god when they ipbanned one bot they all got banned lol. If they only known what i could of done if i wanted. 1 proxy x 100 or w/e limit was set. (this will help filter down how many from each IP)
4. Save your done now. Now in like 5 minutes and 3 changes Your server is online, filters stale connections, and limits how many connections per IP. WOW The guy attacking you is giving you a permanent solution to your problem? "sarcasm btw!"
5.(Most important STEP if 1-4 failed or minimized) If not solved and they can attack with more traffic then you have or bandwidth issues/$ appear. We have a another level of security that should of been implemented because its a server. But anyways you can get better firewall rules, or just code a script to grab proxies and ban them all. That would completely block all the bots and make it very hard to create mass attacks in the future. Oh wow a double win, blocks people who bypass ipbans too.... *COUGH* What ever you do, do not search on github there isn't any samples for linux or windows
ready to be setup.... *COUGH*
6. You owe me money for teaching you how to filter out most skids that program/hack. If this wasn't enough to prevent the attacker or bots. We can then get you a decent price range where i can develop you a process or sell you an idea easy to design with your current setup. Here ill even give you another idea for free no charge. The status page already builds tables with the pvpgn connection info easily done with the source or LUA. Find a php function to kill connections or execute shell to the os and execute kill commands to that ip that didnt login after 10 seconds with account or have null fields 10 - 30 lines of code? NOW STFU UNLESS YOU CAN SPEAK FACTS ABOUT MY NAME.
If they are still getting through with even higher loads you are dealing with someone decent. But that also don't make sense because there are so many bots that work now and compiled 10 or 15 years ago. I have some and coded some myself. They are very powerful and can do evil things like make them join clans, spam the channel with not stoppable text, create game and flood your game list by abusing a pvpgn glitch, flood the db with millions of new accounts, the bots can even join ur hosted game and you wont see them unless type /ping or games command this would force all game private as it fail to start the game... so much i could do with a simple bot. I'm not even begin to mention the real 0 days or w/e inside pvpgn that are critical. I won't go into much detail but i can easily type special alt codes i found and the server crashes completely. Takes me less time to do that then a ddos or bot attack lol and its more powerful then all mention. So sure keep blaming me for the attack on this server, you guys created more enemies then anyone i know. So good luck finding the jerk as hes a needle in the haystack. I would honestly load your server right now just to prove my paragraph true and show how badly you underestimated me. But i have grown to help against such activities long ago and way too many innocent people playing.
Less then five minutes to solve? How long has this been going on? Is this even a bot or ddos script or program? Have you inspected the traffic and seen patterns in the packets? These packets huge or small? Are they failing or causing error messages on the server console? Did you configure debug mode to be verbose so these errors bots can be seen on the pvpgn server console?