Jump to content

DDoS attack


ruth91091
 Share

Recommended Posts

my frienders minecraft server was hit by a ddos attack a few weeks ago (aparently he banned someone who was disrupting other peoples play ), so the guy ddos the server the game is hosted on. all that happened is everyone was disconnected from the server and my buddy had to call his isp since they automatically turned off his internet to prevent issues to others in his area (his words on what the isp said no clue how a ddos would affect his neighbors).

on a side note the isp did turn the internet back on and all he had to do was reconnect to the net and everything was golden.

I think that MalwareBytes stops most DoS attacks. I was running quake III servers before mbam and it got a few players... along with random ping-flooders(because my network ping was unusually high w/no one on server, usually 40-60 as client, 200-500 ping spike when getting "bombed"). After mbam these never happened anymore and legit players can still get through(got rid of the ip block notification but the blocker is active)

Link to post
Share on other sites

I think that MalwareBytes stops most DoS attacks. I was running quake III servers before mbam and it got a few players... along with random ping-flooders(because my network ping was unusually high w/no one on server, usually 40-60 as client, 200-500 ping spike when getting "bombed"). After mbam these never happened anymore and legit players can still get through(got rid of the ip block notification but the blocker is active)

 

That's not true.  MBAM protects from the POV of egress not ingress. 

 

If the PC tries to go to a malicious IP and its in the MBAM signatures, the PC is blocked from going there.

 

Distributed Denial of Service (DDoS) is a multi-point directed attack at the WAN IP from the POV of the Internet.  MBAM does not protect against such activity.

 

Your case is one of coincidence as the DDoS attack subsided relative to the time frame of installing MBAM Professional.

 

On another note, this topic is just over a year old.  It is generally frowned upon to rehash old topics.

Link to post
Share on other sites

I understand what you are saying about this, but I actually meant when MalwareBytes was on the computer the ping jumps stopped, but when I uninstall they come back, so that's why I said that comment about it blocking ping floods/DoS attacks

Link to post
Share on other sites

I used a 2Wire Gateway from at&t when this was occurring... When I did not have MalwareBytes on my PCs(Had MSE working by itself) and I was hosting servers on another Computer(I have three), someone would connect from time to time, but then a random ping flooder would 'join' but I won't see him on the server, even when I go into the server although my ping is showing activity. Also, when I join another server I notice that my ping has gone from the usual 40-60 ping to 300-400+ ping when this happens, but when I reset the Router and kill the dedicated servers it stopped... for a while. Then I installed mbam and it stopped happening, showing a blocked incoming IP notification every time it tries to happen(maybe some random "player" on quake 3 using the servers to initiate a network DoS), and this only happened when I was hosting servers.

Link to post
Share on other sites

I used a 2Wire Gateway from at&t when this was occurring... When I did not have MalwareBytes on my PCs(Had MSE working by itself) and I was hosting servers on another Computer(I have three), someone would connect from time to time, but then a random ping flooder would 'join' but I won't see him on the server, even when I go into the server although my ping is showing activity. Also, when I join another server I notice that my ping has gone from the usual 40-60 ping to 300-400+ ping when this happens, but when I reset the Router and kill the dedicated servers it stopped... for a while. Then I installed mbam and it stopped happening, showing a blocked incoming IP notification every time it tries to happen(maybe some random "player" on quake 3 using the servers to initiate a network DoS), and this only happened when I was hosting servers.

Also to add to it the servers had sv_allowDownload set to 1, and the files to be downloaded weren't too big. As for the router I now have a Motorola NVG510 model using U-Verse High Speed Max pumping 12 MB/s inward and outward(even though I had AT&T come check and fix the wiring to the house as the conn was dropping like a mofo, but this is unrelated to the ping attacks) and the server I still connect to had some issues as well from time to time

Link to post
Share on other sites

I think most firewalls on routers block ping attacks these days if not all. I don't think people even use the ping of death as it was known anymore as it hasn't enough power to do anything much.

I don't know much so I may be wrong I'm happy to be educated more if I am

Link to post
Share on other sites

They say that, but its firewall alone Doesn't stop the types of attacks I was having as the router itself had one built in. I think some ppl still use this method to troll server admins because, as I said before, when I uninstall mbam it starts happening again, when it is reinstalled it stops happening, and I can still get players in the servers(I don't know how the q3 message looks like on the flooder's side when they try to 'connect' to the servers again only to be rejected)

Link to post
Share on other sites

Can you copy and paste 1 line of the attack from the firewall log? specifically the ping attack?

I would but it is on the PC that was experiencing it, which is a desktop PC, and I am on the laptop(because I am in college at the moment) and I might have accidentally erased the logs while freeing up space on that PC, although I know where to find the logs

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.