[Chesterfield]

The thing is, the way he attack people leaves no trace, in fact a person that doesn't know that he's being attacked will think that "my internet is just working bad" but no, internet is crashed because this guy is using "UDP flood attack" to crash someones Internet, i have the telephone of his ISP, but i actually have no evidence to prove what i'm saying, and it sucks because he even said "no matter your firewalls or what ever you have, you can't block this attack" and it seems real, maybe someone that have knoweldge about attacks can tell me about this.

And about his "dynamic steam ID" my server is original, you can't enter with a cracked version of steam

What i've done was block his country, since someone here told me that proxies are not supported by CS:GO it was the best choise, and since i blocked his country my internet has been fine, same about my people internet, so it looks like yes, it was the best choise, he can't join anymore and "everyone is safe now" but ugr, i believe he really wants to annoy us he'll find another way.

Anyway, thanks in advance for all your help and reply guys, i appreciate it

[delirium_trigger]

Cracked steam games can bypass secure servers and VAC protected servers. I have done this (sadly to say I used to pirate games). It is an exploit that has yet to be fixed officially by Valve or keeps changing everytime it does managed to be patched.

Again, UDP flood attack is just spamming packets of data until the user is flooded and crashes. Normally the UDP flood originates from a single IP address (UDP floods from multiple IP addresses takes too long and not really the type for a hacker to use on a video game).

Now that you have blocked his region and he is gone that is good. However, you really should look into preparing yourself for another kid who wants to try this on your server. This kind of thing happens more often than you think.

Install this into your server to keep a log of every single players Name, Steam ID, and IP address. This will help if another shows up so you can deal with them quicker.

Let me clear this up, the hacker does need to join the server ONCE to get the IP addresses, but does not need to stay in the server to attack the IP addresses. He can join, leave, and attack any since he saved those IPs for later use. So just because he is gone from your server, technically, if your friends still have the same IP address, he can still flood them.

My suggestion for you and your friends is get a free firewall program (Outpost Firewall Free Edition does a decent job at preventing floods) Find a good firewall, your flooding won't be a problem because once the spam has occurred the IP is blocked and any packets that are spammed are rejected.

As for not having proof. Emailing his ISP about him is good enough or have your friends email him too. Be sure to specifically say the date, time, and the exact IP address of the attacker. From there they can just look up his history from the date and time you mentioned and find out what he has been doing and send him a letter warning him (if he does it more than once he can have his service disconnected from his house)

[Chesterfield]

Quote:

Originally Posted by delirium_trigger Cracked steam games can bypass secure servers and VAC protected servers. I have done this (sadly to say I used to pirate games). It is an exploit that has yet to be fixed officially by Valve or keeps changing everytime it does managed to be patched. Again, UDP flood attack is just spamming packets of data until the user is flooded and crashes. Normally the UDP flood originates from a single IP address (UDP floods from multiple IP addresses takes too long and not really the type for a hacker to use on a video game). Now that you have blocked his region and he is gone that is good. However, you really should look into preparing yourself for another kid who wants to try this on your server. This kind of thing happens more often than you think. Install this into your server to keep a log of every single players Name, Steam ID, and IP address. This will help if another shows up so you can deal with them quicker. Let me clear this up, the hacker does need to join the server ONCE to get the IP addresses, but does not need to stay in the server to attack the IP addresses. He can join, leave, and attack any since he saved those IPs for later use. So just because he is gone from your server, technically, if your friends still have the same IP address, he can still flood them. My suggestion for you and your friends is get a free firewall program (Outpost Firewall Free Edition does a decent job at preventing floods) Find a good firewall, your flooding won't be a problem because once the spam has occurred the IP is blocked and any packets that are spammed are rejected. As for not having proof. Emailing his ISP about him is good enough or have your friends email him too. Be sure to specifically say the date, time, and the exact IP address of the attacker. From there they can just look up his history from the date and time you mentioned and find out what he has been doing and send him a letter warning him (if he does it more than once he can have his service disconnected from his house)

I'm actually using "ZoneAlarm Firewall" which i think does a pretty job, BUT, as this guy mention, the UDP attacks can't be blocked and it simply "burns" all the firewalls (He has got a 50mb optical fiber connection) and he attacks with multiple IP's all at same time, crashing your internet instantly, i've noticed too that if i disconnect my router and connect the modem to my PC directly my internet is back, so i guess that this guy attacks the router? and my router already have all the security ON, anti ping, anti flood, anti DDOS but still internet goes down, i'm not a PC expert but it just seems like we cannot block this attack.

And if he somehow attacks us again, i'll do what you told me about sending an email to his ISP, i believe that it won't take serious but well maybe we can do something.

Thanks for the reply and the help!

[delirium_trigger]

Fiber optical or not UDP attacks generally are from one IP address but send packets to multiple ports to the victim. For example, if I started one on you I would send thousands of packets but divided into groups each group attacks different ports like port 80 and 100 and 101 and 102 and so on. Typically if your router has all ports open this will cause your network to be more vulnerable. There are a couple ports that if left open bounce around to other ports, if this happens you will be worse off as well and more likely to lose connection.

ZoneAlarm has a MAJOR flaw in protecting against UDP floods and there were numerous articles that even said ZoneAlarm has had particular trouble protecting against such attacks. It is not advised you use that.

UDP floods CAN be stopped. You need a firewall that just blocks UDP packets or closes ports if they are stressed like if it is sent more than once within a time limit for example mine starts blocking if it hits more than a few packets within the same 1-2 seconds or milliseconds.

You are making these assumptions of what he is doing I am assuming it is what he told you (as a type of taunt). If you do not know about such network knowledge you would believe him as you are seeing partial of his skills. But in actuality he is just bullshitting you and trying to scare you. He is trying to make it seem worse than it actually is.

1. UDP floods cannot burn through firewalls they can bypass them if the firewall is shitty or flawed against UDP attacks.
2. Routers are hard firewalls and do not provide the same protection as a soft firewall.
3. Routers can actually get confused from UDP attacks because routers cannot handle that many connections from ports being triggered simultaneously they can actually get worse and drop the connection because multiple ports are being triggered from the attack and they cannot reply to all of them at once.
4. If your router does have protection, it has to be configured a special way to block it. UDP attacks, SYN attacks, Fraggle Attacks all can bypass router defaults, you must do research on your model router on which configuration is best for such attacks.
5. If your router is too complicated to mess with without sacrificing speed / connection then the soft firewall will help you as a backup. Do research, find the best way for your situation.