Quote:
Originally Posted by JustCallMeLuke
Give us way more information.
Way more.
VSE flood comes up with literally nothing in google so I really have no idea.
|
Me and the datacenter have no idea, only that it flood the system.
My Servers have NOT lag at all. Just the connection with steam.
You can connect with connect ServerIP:ServerPort on console so only steam server connection get hit.
Some stressers have it and i got some information on it from a skype chat with a support from one of the site that have VSE.
Here is the skype chat
Code:
[12:05:08] Demin / Mathias / UartigZone: Great.
I found out a user keep stressing/DDoSing my server and my host want to go to police with it. Is it possible that you can blacklist a IP ? Because he stress a server he don't own at all. Server IP: 185.121.173.83. I did some stress test a few days/weeks ago but this guy keep stressing it...
[14:48:32] Demin / Mathias / UartigZone: He keep doing it on same ips and is that even allowed?
[14:53:01] Website Support: We don't have logs and therefore we can't even say for sure that's coming from us.
[14:53:26] Demin / Mathias / UartigZone: But it say "There is already a flood running on this target." on our website
[14:53:38] Website Support: I did some stress test a few days/weeks agoWe assume that every user just like you using our service for legitimate reason.
[14:53:55] Demin / Mathias / UartigZone: When i try to boot it for 30 seconds so it coming from (The Stress website) website
[14:54:54] Demin / Mathias / UartigZone: That is true but
[14:53] Demin / Mathias / UartigZone: <<< But it say "There is already a flood running on this target." on our website
[14:54:57] Demin / Mathias / UartigZone: For the IP
[14:55:30] Website Support: Mhh oh well we don't have a blacklist system
[14:55:38] Website Support: so the only way is block the user
[14:55:44] Website Support: which I can not find out because we've no logs
[14:56:04] Demin / Mathias / UartigZone: Any idea what to do ? You should could find running attacks right now
[14:56:28] Demin / Mathias / UartigZone: And what user/ip that attack the server or starting the attack
[14:56:55] Website Support: mhh no
[14:57:01] Website Support: we've removed any IP logs
[14:57:05] Website Support: access/error log on webserver
[14:57:26] Website Support: and boot log only contain user id, method and boot time, the target itself is encrypted like the password we use with a SALT key
[14:57:43] Website Support: this is to protect our customers and ourself from hackers or other people that want to know what's going on ;)
[14:57:50] Website Support: So in our case, we don't know, they don't know :)
[14:57:52] Website Support: no one knows :P
[15:00:02] Demin / Mathias / UartigZone: Really bad
[15:00:24] Demin / Mathias / UartigZone: Last thing is go to police ...
[15:01:15 | Redigerede 15:01:25] Demin / Mathias / UartigZone: NC3 Police will take our case. Thanks for letting me know :)
[15:01:18 | Fjernede 15:01:28] Demin / Mathias / UartigZone: Denne meddelelse er blevet fjernet
[15:01:47] Demin / Mathias / UartigZone: Have a nice day.
[15:04:26] Website Support: Yea alright well as from our side I would like to help you
[15:06:20] Demin / Mathias / UartigZone: But aslong you don't have any logs or know anything about who start the attacks for like two weeks 24/7 we can not do anything else. All i know is that its a danish person
[15:06:35] Demin / Mathias / UartigZone: And the ips
[15:08:24] Website Support: yea that sucks a lot
[15:08:31] Website Support: mhh well how you're being attacked?
[15:08:39] Website Support: what's under attack?
[15:08:46] Demin / Mathias / UartigZone: Our dedicated server
[15:10:26] Website Support: you've no firewall?
[15:10:33] Demin / Mathias / UartigZone: 750 Gbps DDoS Protection
[15:10:40] Website Support: Voxility?
[15:10:45] Demin / Mathias / UartigZone: But your system do something that make the connection with Steam servers down
[15:10:53] Website Support: Yea we have VSE
[15:10:58] Demin / Mathias / UartigZone: No, we use danish datacenter
[15:11:04] Website Support: well our VSE method probably is used
[15:11:09] Website Support: we've updated it a couple days ago
[15:11:14] Website Support: and now it's almost impossible to stop
[15:11:19] Website Support: it bypass even voxility, ovh, nfoserver etc.
[15:11:21] Website Support: it's very epic now
[15:11:38] Demin / Mathias / UartigZone: It attack steam servers and not the server or?
[15:11:59] Website Support: yea
[15:12:08 | Redigerede 15:12:12] Website Support: it's 'valve source engine'
[15:12:21] Demin / Mathias / UartigZone: So it only attack the connection with the server and steam? How the fuck
[15:13:09] Website Support: yea
[15:13:17] Website Support: it look like real user traffic
[15:13:35] Website Support: you can't even differentiate what's the attack and what's the normal user since it's spoofed
[15:14:02] Website Support: hypothetically spoken of course. I do not say it coming from us.
[15:14:16] Website Support: There's no way you can track back attacks to us
[15:14:24] Website Support: and tbh
[15:14:26] Website Support: if they not use us
[15:14:29] Website Support: they will use someone else lol
[15:14:33] Demin / Mathias / UartigZone: But it say "There is already a flood running on this target." on our website
[15:14:42] Website Support: this text should not be there anymore
[15:14:43] Demin / Mathias / UartigZone: We do not wish to close you. Just the attack
[15:14:50] Website Support: You can't close us.
[15:14:57] Website Support: We're in Ukraine, outside of European Union
[15:15:01] Website Support: + there's no evidence
[15:15:09] Website Support: + even if someone coming to check, there's still no evidence
[15:15:16] Website Support: so yea best you go to OVH, Voxility, NFOserver etc.
[15:15:25] Website Support: buy yourself a server with good firewall (OVH probably you can afford)
[15:15:30] Website Support: free firewall to alls ervers
[15:15:35] Website Support: they have "game Firewall"
[15:15:37] Demin / Mathias / UartigZone: We have more DDoS Protection than OVH have
Pastebin:
http://pastebin.com/RF6mKNvA
I changed the website name and support name to Website and Website Support because i don't wanna hang the website out or give people ideas that can make more attacks.
Linear Mode
