Help please.

For beginners, flames not allowed...(just by the staff :P)
Post Reply
User avatar
jake3340
Newbie
Newbie
Posts: 4
Joined: 28 Aug 2006, 16:00
14

Help please.

Post by jake3340 »

Ok im new here sorry if im beeing a noob, i need some help i currently run a server for this game san andreas multiplayer and these ppl keep crashing it for me i think using a nuker or dos attacker something like tht,anyway i found out their server and wish to get some revenge, is their anyway i can crash it (its a home server) maybe with a good nuker or something ?

User avatar
Gogeta70
^_^
^_^
Posts: 3257
Joined: 25 Jun 2005, 16:00
15

Post by Gogeta70 »

Well jake, it's against the suck-o rules to give information about such a subject, but i do understand that people like that ARE frustrating. Just remember, you're just as bad as them when you lower yourself to their level.

So i suggest you change your IP, change your server name, and maybe get a new user name on there, then they won't know your server any more.
¯\_(ツ)_/¯ It works on my machine...

User avatar
jake3340
Newbie
Newbie
Posts: 4
Joined: 28 Aug 2006, 16:00
14

Post by jake3340 »

kk sorry for the spam then thanks for ur help :D

User avatar
Gogeta70
^_^
^_^
Posts: 3257
Joined: 25 Jun 2005, 16:00
15

Post by Gogeta70 »

Yep, welcome to suck-o!
¯\_(ツ)_/¯ It works on my machine...

pseudo_opcode
cyber messiah
cyber messiah
Posts: 1201
Joined: 30 Apr 2006, 16:00
15
Location: 127.0.0.1

Re: Help please.

Post by pseudo_opcode »

jake3340 wrote:Ok im new here sorry if im beeing a noob, i need some help i currently run a server for this game san andreas multiplayer and these ppl keep crashing it for me i think using a nuker or dos attacker something like tht,anyway i found out their server and wish to get some revenge, is their anyway i can crash it (its a home server) maybe with a good nuker or something ?
pm me.. :wink: maybe i can help you.. would be fun.. hehe... i hope i am not breaking any rule

User avatar
bad_brain
Site Owner
Site Owner
Posts: 11574
Joined: 06 Apr 2005, 16:00
16
Location: The zone.
Contact:

Post by bad_brain »

ummm....not really, pseudo_opcode....what people do in private is not my business... :wink: on a different topic I might react in another way, but as a server owner I know how annoying such attacks are. but of course I would recommend to use the legal way...a firewall rule using the MIRROR target for example... :twisted:

User avatar
DNR
Digital Mercenary
Digital Mercenary
Posts: 6114
Joined: 24 Feb 2006, 17:00
15
Location: Michigan USA
Contact:

revenge sucks

Post by DNR »

Revenge is a waste of time, look at Israeli/Palistine conflict.

The attacker can easily spoof his IP because he does not need a 'reply' from your server he is DoSing. Thats the idea behind most DoS tools. He will likely ping you to see if you are still online and how long it took for your server to reply. But your affected gameplay will also let him know how effective his DoS attack is too. If you have the wrong IP, the target you attack could be a innocent victim 144.51.88.xxx (try to DoS me pseudo_opcode I dare ya!)

The best defense is a strong one, a firewall that just blackholes bad packets and scans. You can't attack what is not there. and any lamer will get bored and move on.

DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.

User avatar
DNR
Digital Mercenary
Digital Mercenary
Posts: 6114
Joined: 24 Feb 2006, 17:00
15
Location: Michigan USA
Contact:

disclaimer

Post by DNR »

Just in case there is a rule I was breaking regarding posting IPs, here is the disclaimer.

This was a test and teaching exercise. If this was the real thing, you would be dead now.

If you were dumb enough to load the above mentioned IP into a DoS tool without checking whois, you deserve all the serious trouble it brings. For the n00bs, 144.51.88.xxx = zombie.ncsc.mil a DNS server for the National Computer Security Center, a DoD network.

The IP is public searchable and was used as an example why people should not attack IPs. You can also affect computers and servers inline with your target's network and clog up the bandwidth. Alerts and logs will be active because DoS tools have a signature, and it doesn't matter if they are the target or not, they don't want their server involved.

DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.

pseudo_opcode
cyber messiah
cyber messiah
Posts: 1201
Joined: 30 Apr 2006, 16:00
15
Location: 127.0.0.1

Re: revenge sucks

Post by pseudo_opcode »

DNR wrote:Revenge is a waste of time, look at Israeli/Palistine conflict.

The attacker can easily spoof his IP because he does not need a 'reply' from your server he is DoSing. Thats the idea behind most DoS tools. He will likely ping you to see if you are still online and how long it took for your server to reply. But your affected gameplay will also let him know how effective his DoS attack is too. If you have the wrong IP, the target you attack could be a innocent victim 144.51.88.131 (try to DoS me pseudo_opcode I dare ya!)

The best defense is a strong one, a firewall that just blackholes bad packets and scans. You can't attack what is not there. and any lamer will get bored and move on.

DNR
Did i say i m gonna DoS the victim??? and yes even a moron would do some reconnaissance about the ip he is getting packets from, no one would just blindly put the ip in the tool and hit the go button, i was going to help him tracing the attacker.

The one important thing we ignore is the motive of the hacker, in this particular case it doesnt seem like that he is spoofing the ip, well there is a good chance he is, if he is then he probably has a good working knowledge of TCP/IP protocols so that he can manipulate TCP headers, if this is the case then he wont be wasting his time DoSing his game server, probably he is doing it from some pre-made tool, we can infer a lot of conclusions by the nuking patterns or maybe the ip used, it is not unimaginable that we get to the attacker by studying the log files..... that is where we need to think, as you said earlier 'out of the box'.

User avatar
bad_brain
Site Owner
Site Owner
Posts: 11574
Joined: 06 Apr 2005, 16:00
16
Location: The zone.
Contact:

Post by bad_brain »

relax guys..... :wink:
I can understand both sides, I really feel the urge to strike back often when I check my server logs...

Code: Select all

%	No	IP Source	IP Destination	Attack
15.41	275 	24.11.86.xx 	62.xx.xx.xx 	WEB-MISC apache directory disclosure attempt {tcp}
9.30	166 	172.161.248.xxx	62.xx.xx.xx 	WEB-MISC apache directory disclosure attempt {tcp}
...just as a little example to let you know with what kind of morons I have to deal every day.... :lol:
so I really understand when people want to strike back.

BUT on the other side there are enough legal possibilities to get your revenge, the best revenge imo is when the other don't even understand what happens, I really enjoy to imagine a lamer wants to connect again after an attack and he can't reach the site anymore or his attacks cause his firewall to alaram (MIRROR rule, my favorite one :twisted: ).
and hey, it is not lame at all to contact the ISP of the attacker....if they not cooperate I label this as "supporting attacks", which means I feel free to scan their servers how I want to and I even don't mask my IP when doing it (I'm just waiting for one of them to sue me, will be real funny because I keep all my server logs and emails as evidence).

as you see I'm not free from acting in a not-so-legal manner, but I only would do such actions for myself and maybe for my close friends because you never know what's the real story behind a post (no offense against you, jake3340).

:wink:

Post Reply