Jump to content
3DXChat Community
RayyRayy

Dear Tech Savey Players of 3dx

Recommended Posts

Sooo after the first DDOS attack, the devs transferred us over to a test server with plans to use the test server as a bunker/shelter until the DDOS attack was done and the main server had been repaired and recovered. The test server launched, and within hours got DDOSed. In your professional or educated "guestimation"; whats the next move? Do the devs higher a better server host and spend days on transferring the game and player info over? Or do you think they will wait for the DDOS to be completed and relaunch the main server putting us back to square one?

 

Thanks Team. 

Share this post


Link to post
Share on other sites

So I work in tech, and am a systems administrator. Granted, for websites, not games, but, puts me in a better understanding than most for this particular problem. Anyway, DDoS attacks are incredibly hard to fight. So here's the thing with DDoS attacks, what happens is hackers infect random peoples PCs with a virus. Maybe the virus doesn't even seem to have any ill effects on the user. Just sits there (often times they throw plenty of other nasty things in there, but, lets keep it simple for now). So now, you have control of thousands of computers under your control, all that are real, have network histories with the ISPs, are on multiple ISPs, all over the world. Now you point them at a server or domain. You hit it with a request that looks somewhat legit. Maybe a login request, or a general ping to see if the server is up (something the game would normally do). Now, you just do that again, and again, and again. You stagger it though. You have 10,000 PCs in your botnet, but not all 10,000 are making requests every second. Say you have 1,000, and they hit a few times in a second. Then they take a break, and swap to the next 1000 and so on. This keeps individual IP addresses from being flagged as trying to access too much, while still flooding the server. So, they're making legit requests to the server the game would make. The question is, how do you filter out the bad traffic? The short answer is, you can't. The long answer involves a LOT of analysis, trying to figure out the IP addresses, what requests they're making, looking for patterns to filter them out (there are programs to assist with this). Now, the other thing to consider is, if you're the hacker, and you're starting to get IPs that are getting blocked, you retire them and get other computers on your botnet. So, ideally, you have something that gives a fake reply to the IPs so the hackers are none the wiser (or at least slow them down). This can be very difficult and much easier said than done. There is no way to 100% filter out DDoS traffic without false positives. It's going to be glitchy for people. 

 

What do they need? New data center will help, but it's not a matter of anything physically different, it's a matter of support. They need to either move to a datacenter that offers high level support for DDoS and experience with it, or, hire a company that specializes in it, and give access to firewalls.

 

Not knowing their architecture, my advice would be, move to the cloud with load balancers and a distributed solution. Be able to spawn up more servers when needed, and take advantage of Amazon AWS or Microsoft Azure tools as well as hire a company experienced with DDoS attacks

Share this post


Link to post
Share on other sites
Posted (edited)

I know someone at a company that uses radware. Radware has branch offices all over the world. He said, "Trying to mitigate attacks like this manually today is almost impossible." Also as neilquinn said above if hosted in the cloud a datacenter that has mitigation options like Cloudflare. 

Edited by Cassey

Share this post


Link to post
Share on other sites

Authenticating logins before allowing sign-ins is one way. If you put a CAPTCHA type test on the login screen, you might shut down this attack altogether. That might be the easiest hot fix. It will inconvenience players, but it will also stop the server crashing (provided you've done it correctly). Since the problem is that the server can't process every request being received, the obvious answer is to stop processing them without authenticating them.

For long term, it's best to use some type of middleware solution for protection, like AWS.

The only other options are:

  • Have a full-time network programmer who can code proprietary solutions himself
  • Hire a temporary network consultant to either code the solution for you or advise the best approach.

 

If you're doing none of the above things, 3DXChat could be dead within the month.

Share this post


Link to post
Share on other sites

Thanks NeilQuinn, Cassey and Xaufin for clarifying that for me. Hopefully they chose to go and find a proper data center for the game if not we will all have to find a new home :(

Share this post


Link to post
Share on other sites
8 minutes ago, RayyRayy said:

Thanks NeilQuinn, Cassey and Xaufin for clarifying that for me. Hopefully they chose to go and find a proper data center for the game if not we will all have to find a new home :(

Well I am sure they try to solve this problem, from what I understand its a real hard job, hopefully they will get it fixed soon, otherwise I think many peeps will leave (even very soon) !

Share this post


Link to post
Share on other sites
6 hours ago, RayyRayy said:

Sooo after the first DDOS attack, the devs transferred us over to a test server with plans to use the test server as a bunker/shelter until the DDOS attack was done and the main server had been repaired and recovered. The test server launched, and within hours got DDOSed. In your professional or educated "guestimation"; whats the next move? Do the devs higher a better server host and spend days on transferring the game and player info over? Or do you think they will wait for the DDOS to be completed and relaunch the main server putting us back to square one?

 

Thanks Team. 

 

Find out where TALONQUEER lives, have him arrested and locked up in a mental institution. That should end the DDoS attacks.

Share this post


Link to post
Share on other sites
11 minutes ago, Coldheart said:

 

Find out where TALONQUEER lives, have him arrested and locked up in a mental institution. That should end the DDoS attacks.

Let it go dude. 
You’re only validating the misguided points that person made about the Transphobia argument by calling them that. 
And you have zero proof of your statement anyhow. 
 

I loathe Talon as much as the next person, but c’mon. Don’t go overboard like this. 

Share this post


Link to post
Share on other sites
Just now, Derai said:

Let it go dude. 
You’re only validating the misguided points that person made about the Transphobia argument by calling them that. 
And you have zero proof of your statement anyhow. 
 

I loathe Talon as much as the next person, but c’mon. Don’t go overboard like this. 

 

I don't need proof, you don't need to be an FBI profiler to sort this one out. It's obvious. Though the FBI might want to look into profiling him.

Share this post


Link to post
Share on other sites
1 minute ago, Coldheart said:

 

I don't need proof, you don't need to be an FBI profiler to sort this one out. It's obvious. Though the FBI might want to look into profiling him.

And congratulations, you’ve become what you rage against. 
I recommend you just take a step back and rethink what you are claiming. 

Share this post


Link to post
Share on other sites
16 minutes ago, Derai said:

And congratulations, you’ve become what you rage against. 
I recommend you just take a step back and rethink what you are claiming. 

 

Become? I was that long before Talon was ever here, trust me on that one. You really have no idea who you are talking to, not that it is important to the matter at hand, or anything else for that matter. Pieced his deleted comments together, and now I am only more sure of what he is doing, and that he is responsible for this. He seemed to also repeat wanting to have someone step up to him, and that everybody is too weak to do it.

 

Well sir, I know what you really are Talon, I know what you are doing you feeble fucktard and I'm here. Any time man, but you are not going to like what you find bruh.

 

Hope 3dx takes care of this guy soon, if not well ... 

Share this post


Link to post
Share on other sites

Whatever solution we can think about is irrelevant as long as we don't know what really happen and have more details.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...