ddos/dos protection

Discussion in 'Bukkit Discussion' started by trusebruse, Sep 24, 2012.

Thread Status:
Not open for further replies.
  1. Offline

    robotnikthingy

    best way to prevent it is to keep your server secret and not piss off the wrong people. thats what i do with my server, id say its rather secure, and if we somehow get ddos'd i have a enough money for a months worth of protection before i change the ip of the server and notify only the trusted members
     
  2. Offline

    LEOcab

    Wow broski, I ran my server from home for over a year until my ISP got their greedy panties on and put up a 300GB bandwidth cap on all of us. Please don't dis home servers. You jelly of people that can run a server for free? I sure am now, but I don't go around dissing those who still can.

    1) My server was pretty popular. In fact I hosted two, a vanilla/Bukkit server and a Tekkit server, and both were and still are fairly populated.
    2) My server has always had 24/7 uptime. Dedicated Linux machine btw; I didn't run it off my netbook.
    3) They were always fine with paying $40 more for internet. We still have that plan because Netflix is lightning fast compared to what we had before.
    4) Tell 'em to come get some of this.
     
  3. Offline

    Gravity Retired Staff

    Lol what? I'm not "jelly" and I'm speaking from experience here, I ran a server from my house since alpha was released all the way up to near the end of beta. I know the problems that arise from them, and I've seen them first hand.
     
  4. Offline

    LEOcab

    Hmm. What problems are those? :p
     
  5. Offline

    Jakky89

    Simply restrict the amount of simultanious connections and data flow. Could be done via iptables (on Linux hosts).
     
  6. Offline

    Gravity Retired Staff

    The ones that I mentioned in my post
     
  7. Offline

    blazee15

    Just get a firewall or a DDoS mitigation?
     
  8. Offline

    Gravity Retired Staff

    [​IMG]

    Seriously, though, if it were that easy everyone would do it. There's a delicate balance between being too strict and being too lenient when trying to mitigate ddos', and you certainly can't just go to target, buy a ddos mitigator, and plug it into the wall. Firewalls also won't help you if you are hosting servers.
     
    Nathan C and MikeA like this.
  9. Offline

    blazee15

    I've been running servers for years, if you got the money then you do. Using programs like wireshark or even cloudfare isn't that good. Its best to just spend money to save money if you get what I mean.
     
  10. Offline

    Adriani6

    It's not that hard to get a host designed for DDOS now, I came across one, 3Gbps internet, which allows you to send fake packets for 3 min then with one click send another 3 min attack and so on. The price of this thing starts from $8 a month now, not that hard, I wouldn't really bother getting your server hosted on your personal PC.
     
  11. Offline

    Gravity Retired Staff

    Wait what? Using programs like wireshark or even cloudflare isn't that good? What is that supposed to mean.

    Wireshark is an actual program but you use it for sniffing network traffic... cloudflare protects only a webserver's IP (and it's not a program) from being shown, Minecraft servers aren't websites, and to connect to MC you need an actual address to connect to.

    I mean sure if you want to hire some security firm to protect your Minecraft server... good luck have fun.. but otherwise you don't just dump money and expect results, that's not logical... And also, you're not going to get that kind of money from your server..
     
  12. Offline

    MikeA

    *points at three biggest servers where the owners make a living off of their game server*
    *doesn't point nor say any names*
     
  13. Offline

    Gravity Retired Staff

    Yeah, you're right. Let's put an emphasis on your server then. Not on your server. No.
     
  14. Offline

    MikeA

    I don't get it, please explain in common person terms, I no smart.
     
    JohnTheRipper likes this.
  15. Offline

    Nickbbeezy

    Lol, this thread is hilarious..

    The only way to prevent your server from being constantly DDOS'ed is to host with a company that has some type of DDOS mitigation, even still, if the attack is large enough, chances are your server will suffer from lag while they're attacking it. That would cause for a terrible gaming experience..

    So, I'd say the real way is to stop it is to not set yourself up to even get DDOS'ed. Stay away from those voting sites, there's a lot of botnets that crawl through those sites for top servers to knock offline. Don't advertise your server in places where people are known to participate in things like booting/DDOSing. Lastly, try to come off as a nice person for the most part when you're letting people know about your server or while they're playing on it. That'd drastically reduce the chances of getting knocked offline.
     
  16. Offline

    trusebruse

    1. There is no reason to say that the servers you host at home suck, because that's far away from true.
    2.Of what i saw earlier there was just expensive ones and i found out that it was cheaper with hosting at home with an internet connection that only my server computer is using.
    3. Really, my parents wouldn't get mat at me when they don't use the same internet connection.
    4. if i have ddos there is no problem with ddoser.
    5. As i said at point two "of what i say earlier", I will host a server at daddychese and not home.

    6. So what i have said in here is that i wont host at home
     
  17. Offline

    kaZep

    Hosts at home sucks. WHY? Cause every fuckin' PC sucks. WHY? Cause YOU GUYS OPEN A SERVER FOR 1 MONTH ONLY FOR MONEY!!! And then, close b-) ! PAY IF YOU WANT TO BE PAYED!
     
  18. Offline

    Clinton

    Hosting at home... ; )
     
  19. How to Protect your Self Against DDOS Attacks
    Open the bukkit.yml
    Look for "ping-packet-limit:"
    Change it to 100-200
    Packets are things sent by players
    when a ddos happens to DDOS a Minecraft server you need to ddos the port as well and if the "Hacker" Does so DDOS your IP on the right port the mincraft serevr will read it as a Player sending a request to join but then will realize it's not a player and reject it and the Ping-packet-limit: is the amount of packets you get per ping!
     
  20. Offline

    Infamous Jeezy

    How well would this work at defending against a ddos?
     
  21. Offline

    Nathan C

    Your line will be saturated by this point, if it is a DDoS.

    Highly doubt your home connection can sustain 2 Gigabit+.
     
    JohnTheRipper likes this.
  22. You make a good point
     
  23. Offline

    LaxWasHere

    Uhm, " This post has been edited 2,934,203,404 times. It was last edited by Nathan C 3 decades ago."

    How?
     
  24. Offline

    Nathan C

    I got nothing better to do, but edit my posts.

    Also, time machine.
     
  25. Offline

    Puremin0rez

    hahahahah I said the same thing in my head but saw the line between the post and the signature postbit :)
     
  26. Offline

    LaxWasHere

    LMAO that got me. They need a better signature separator ..
     
  27. Offline

    Infamous Jeezy

    Got my hopes up for nothing. :'(
     
  28. Offline

    TheBeast808

    It wouldn't.
     
    zipfe likes this.
  29. It will work Me and Friend tested it last night and the packets are only coming it at 150 (what I had it set to)

    I run a Good Sever from my house then again I don't use the same computer to run and play I have desktop and it has already paid for it self my server is 24/7 and in the next room XD

    it limts the ping size like a funnel there can be a lot of pings but only so much packets get to you

    EDIT by Moderator: merged posts, please use the edit button instead of double posting.
     
    Last edited by a moderator: May 28, 2016
  30. Offline

    Clinton

    Try pouring a quart of oil into the funnel. Goes through right just like you planned? Ok, now try 250 gallons all at once, keep pouring consistently and tell me the results.
     
    afistofirony likes this.
Thread Status:
Not open for further replies.

Share This Page