It's time to Profile our DDOS'er

[Nanji]

Can somebody confirm that most ddos causing IPs have their origin in Asia/Africa/middle East?

[madwasp]

Asian DDOSER has a great chance. China is probably the culprit as some days ago they fully spammed the forum too with their ugly BOT topics.

[Nanji]

Asian DDOSER has a great chance. China is probaly the culprit as some days ago they fully spammed the forum too with their ugly BOT topics.

It was korean iirc.

[RyanMakara]

Asian DDOSER has a great chance. China is probaly the culprit as some days ago they fully spammed the forum too with their ugly BOT topics.

It was korean iirc.

This has been happening since of the start of the server. They were usually generic adware spam junk links, not specifically Korean. Adware spammers attack any forum they think is unregulated and not well protected enough against bot account creation + posting.

[Mez]

If everyone signs up at friendsofwar.com the ddos attacks will stop I'm sure.

[grease]

Well said! But I don't think it's Asians doing anything, we all know its some butthurt Caucasian seeking revenge from getting rolled in rvr or banned from the game. I live in Asia and to ban Asian IPs is a stupid idea!!! Russia is also a part of Asia which is a large part of our population so good luck with that!!

[Nishka]

If everyone signs up at friendsofwar.com the ddos attacks will stop I'm sure.

The ddos attacks started before AzgalSoldier's arrival.

[slamers]

a lot of players from Destro side come from Russia. I am not sure if excluding it would actually be benefitial

Were does it say anything about Russia? were did that come from?

[Genisaurus]

This has been suggested internally, and while it would improve the website, I'm not sure we could effectively block IPs from the login server in such a way that would significantly reduce the load. Basically, the process works like this:

1. Client computer sends request to server
2. Server acknowledges/validates request
3. Server sends response

A typical DDoS destroys a server by abusing the processor time and resources it takes to complete steps 2 and 3. Effective DDoS protection (the expensive kind) blocks bad requests in between steps 1 and 2, typically by adding an additional validation step on another external machine. This reduces the load on the server you are using by making sure no processor time or resources are spent servicing bad requests. An en masse IP ban would instead be adding protection between steps 2 and 3.

A bad request would not require the server to send a response, but all requests would need to be checked before they could either be allowed to proceed or get denied. In short, this would reduce some of the load, but it would still be possible to kill our servers by the sheer volume of requests. Our weakness is that the game and login servers must be open to receive requests from all clients at all times. Performing any kind of IP validation still requires processing time that might slow down the game to an unplayable state.

Moreover, global IP bans assume that the requests are coming from certain nations, which is often mostly the case, but is not always. While script kiddies in these nations might easily DDoS a target from a single machine, there are thousands of malware programs spread across the web which infect computers and turn them into unknowing "zombies," constantly sending requests to a target as a background process. If our DDoSer were somehow shut down by a global IP ban, it's possible that we could still be DDoSed from zombie networks in the First-World countries we permit.

tl;dr: It might help the website, some, but would definitely hurt the login/world servers. There's a reason why DDoSing has been around for ~35 years.

[Jaycub]

Why don't you guys just host the game on pirate bay servers? They are impervious to DDOS and government shutdown.