Jump to content

Recommended Posts

Posted

Hello!

 

I am planning to programmatically IP ban (Windows Firewall inbound rule via netsh) all players who get banned from the game server running on my root because so far quite a few people got angry and attacked it (mainly simple DoS attacks). Can this lead to performance problems in the long run? Have you ever blocked out a thousand remote IP addresses (not a range)?

 

Thanks in advance!

Posted

Hi there,

 

You can ban IPs with any trouble regarding performance... Just remember that usually user's IPs change dynamically every hours or days or simply by reconnecting to ISP.

--------------------------------------------------------

Tu peux aussi crire en franais.

Du kannst auch auf Deutsch schreiben.

Puoi scrivere anche in italiano.

--------------------------------------------------------

Posted

Thank you!

 

I realize that this countermeasure is pretty useless when it comes to serious DoS/DDoS attacks but for kids who are angry because they just got banned from the game server it should be enough in most cases.

 

Do you know if an IP banned user can still take down my server by flooding it with more than 100Mbit/s (its bandwidth)?

Posted
once the IP is banned, you can't do anything. But actually you can reach the router, if you can activate a dos protection (if applicable) or blacklist IP on router!

--------------------------------------------------------

Tu peux aussi crire en franais.

Du kannst auch auf Deutsch schreiben.

Puoi scrivere anche in italiano.

--------------------------------------------------------

Posted
once the IP is banned, you can't do anything.

That sounds great but the firewall still has to stop the packet flood by filtering out all packets that come from banned IPs, right? Doesn't that cause the server to slow down or crash when the attacker's bandwidth is higher than mine?

 

But actually you can reach the router, if you can activate a dos protection (if applicable) or blacklist IP on router!

That would probably be the best solution but as far as I know only my ISP can do that.

 

There is a DoS protection installed on the game server which works fine but I would like to improve the security further.

 

Thank you for your help!

Posted

DoS is the most effective attack. Of course blocking and checking an IP is an hard work for your server, but you have no choice. You can substitute your SW fw with an hw appliance but they are quite expensive.

 

Create a defense for a DoS attack it's an expensive process.

--------------------------------------------------------

Tu peux aussi crire en franais.

Du kannst auch auf Deutsch schreiben.

Puoi scrivere anche in italiano.

--------------------------------------------------------

Posted
So basically IP banned attackers can still heavily slow down my server even without changing/faking their IPs unless I have much more bandwidth than them or a fancy hardware firewall? :o
Posted

So basically IP banned attackers can still heavily slow down my server even without changing/faking their IPs unless I have much more bandwidth than them or a fancy hardware firewall? :o

 

Well you can be a bit more safe by blocking IP. What I want say is that you don't have to be so sure that DoS is blocked... It's just a bit more hard than before :)

--------------------------------------------------------

Tu peux aussi crire en franais.

Du kannst auch auf Deutsch schreiben.

Puoi scrivere anche in italiano.

--------------------------------------------------------

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...