Dos Attack

viper1 · October 18, 2005, 06:12:48 PM

Thought I'd Let you guys bann this guy im puting this on all mohaa sites... if you want to pass this to any mohaa sites you know plz do so thx



   *********************************************************************

   17/10/2005 / 16:18:16

   DOS Attacks are against the Law. See info at bottom of this log!

   *********************************************************************

   The following IP has launched a DOS Attack against the server - 82.129.130.118

   CI has taken control of the server to disable the DOS Attack

   Server IP - 205.234.178.4



   Ã¿Ã¿Ã¿Ã¿print

   map: obj/obj_team1

   num score ping name lastmsg address qport rate

   --- ----- ---- --------------- ------- --------------------- ----- -----

   0 0 999 ImportEater..AKA**PAIN** **********************

   1 0 93 Dirk_Siezen ******************************

   2 0 242 spaidar 0 82.129.130.118:1026 54325 30000

   3 3 124 MarushaD ******************************

   4 0 244 medo2 ******************************

   5 3 207 Ex|sT ******************************

   7 3 51 Mike Peters ******************************

   8 3 337 kill all 50 82.129.130.118:12203 61867 3000

   10 0 320 Gegi (Hun) ******************************

   11 3 129 #GÂ£Ã...|>>premiÃ¨re classe Orochima *****************

   12 3 243 -*-*-*-*-(((ellord)))-*-*-*-*- *********************

   13 0 156 mr__DERVIS_DUFY ***************************

   14 3 56 =BRP=Chaquita Banana (Lt.) ********************

   15 0 48 Arthur*pq* *********************

   17 0 198 BLACKMAMBA ***********************

   18 0 246 medo 0 82.129.130.118:1029 9466 30000







   Time since Last DOS Attack = 5.1 minutes

   16:28:52 CI has released control of the server after the DOS Attack

   LockDown Lasted 9.2 minutes











   To process this log, first go to http://www.arin.net/tools/whois_help.html">http://www.arin.net/tools/whois_help.html and find

   out want company the IPContact them or it they have an email address, send this log

   and any addition info to abuse@ then the remainder of their email address.

   Also send a copy of this log to

Floyd · October 18, 2005, 07:12:03 PM

I've seen that before on our server,I don't think it was a dos attack.There is only 3 people with diferant names. We've had a group of players on our server from Mexico,all playing from the same internet cafe,CI picked it up as a dos attack but it wasn't.

zeb199 · March 14, 2006, 07:46:31 PM

i've figured out what program causes a dos attack....a very small dos prompt executable file. i emailed the author and he said if somebody makes a program that will limit the amount of identical ip addresses on a server...that should help the problem.



   our server gets hit a couple times a week.



   so any volunteers?

Z

Elgan {sfx} · March 14, 2006, 08:19:50 PM

zeb199 :
   i've figured out what program causes a dos attack....a very small dos prompt executable file. i emailed the author and he said if somebody makes a program that will limit the amount of identical ip addresses on a server...that should help the problem.



   our server gets hit a couple times a week.



   so any volunteers?



   Z

thats not a dos attack, thats a moh fill attck and there is a fix.

zeb199 · March 14, 2006, 09:25:19 PM

A "denial-of-service" attack is characterized by an explicit attempt by attackers to prevent legitimate users of a service from using that service. Examples include



   attempts to "flood" a network, thereby preventing legitimate network traffic

   attempts to disrupt connections between two machines, thereby preventing access to a service

   attempts to prevent a particular individual from accessing a service

   attempts to disrupt service to a specific system or person



   source: http://www.cert.org/tech_tips/denial_of_service.html">http://www.cert.org/tech_tips/denial_of_service.html



   the program which we shouldn't mention....does in fact flood a server...thereby preventing legitimate traffic. sounds the same??



   what fix are you aware of? because as far as i know...there is no fix.



   Z

Card {sfx} · March 14, 2006, 11:32:22 PM

I thought Elgan and Wombat made the dll file so it limits the same ip's from coming into server???

Elgan {sfx} · March 14, 2006, 11:36:34 PM

zeb199 :
   A "denial-of-service" attack is characterized by an explicit attempt by attackers to prevent legitimate users of a service from using that service. Examples include



   attempts to "flood" a network, thereby preventing legitimate network traffic

   attempts to disrupt connections between two machines, thereby preventing access to a service

   attempts to prevent a particular individual from accessing a service

   attempts to disrupt service to a specific system or person



   source: http://www.cert.org/tech_tips/denial_of_service.html">http://www.cert.org/tech_tips/denial_of_service.html



   the program which we shouldn't mention....does in fact flood a server...thereby preventing legitimate traffic. sounds the same??



   what fix are you aware of? because as far as i know...there is no fix.



   Z

   oki, u win, i thought DOS attack was BOF attack.



   BOF = buffer over flow. But that is a dos attack, not the dos atack.



   BOF = HAs a fix.





   MOHFILL = filkls moh with fake players from remote pc. THis also has a fix , THis is in donwloads section. ALso another versions is being created.

zeb199 · March 15, 2006, 12:15:08 AM

edit my last post:



   as far as i know...there is no fix for my server on a linux box



   Z