Register
Events
Popular
More
Post #1Hey guys,
I manage a server for a huge french community, our problem is due to our success we got a lot of massive ddos attacks (sometimes more than 30GB).
Our server is frequently full on peaks hours (100/100), more than 3K french players have already tried our server.
We rented a first server in Multiplay, first attack and our server was down during 3 days.
So, we changed our IP, switch to another Mutiplay machine. New attack, same problem, we decided to change GSP.
We switched from Multiplay to Daemon Servers which include a DDOS protection in their offer.
Deamon rent their servers dirrectly from a french server supplier named OVH which is nice for us.
We believed that the problem was solved but not, new attack and the server was down for a whole week-end.
It turns out that Daemon Server used a standard protection from OVH so we decided with them to change our machine again for an advanced OVH protection.
Same problem, new attack and the server was down during days, we switched our port, same problem, new attack and new down ...
Now find the last message I got from the Daemon Server support :
Well, we are now excluded from their service.
We tried 2 different GSP (only 5 GSP for France), changed machine for 4 times, changed our IP for 5 times.
Fortunately, our community is faithful, they follow us in every changes.
Mr Garry, France love your game but please add more reliable GSP or release the server files.
We are tired of having to write to the support every 5 minutes due to server problem (this is not about the game, we know this is an ALPHA game).
Now my question is there are any GSP here for our community ?
Regards,
QNK
-
-
it's a shame , DaemonServer don't offer goods services which counteract internet insecurity , we are in 2014 and if they can't do this , they don't merit to exist.
they have paid a ddos protection, and is marked with small characters in the CGU that the DDOS protection is only 1GB but the most of time DDOS attack is superior.
they do not indicate the clause when client purchase.
they merely provide a minimum to make the most money, they are just thieves.
-
It's not the first time, and maybe not the last :
https://facepunch.com/showthread.php?t=1298985
If Garry only wants GSP, he should make the sort and restrict servers to services only serious or release server file.
-
obvious alts are obvious
Edited:
Figure out who's attacking you and take action. Sitting on your ass, blaming server proviers and whining at garry isn't gonna help.
-
we are just some guys of the 100 players who were on the server ...
-
Your answer does not help more.
-
Attack those who attack us ? I am no longer a child.
Garry can help us by adding new GSP or releasing the files.
-
Try fpsplayer
I've bought a 7days2die and arma II server with them and never had problems.
-
And then those other GSPs can get DDOSed. And if those other GSPs get DDOS protection up to, say, 5Gbps, the DDOS attacks will ramp up to 10Gbps. It is not easy to defend against DDOS attacks because they exploit the very nature of the Internet itself, except to take the server that's being attacked offline.
And garry is not releasing the files yet because they're concentrating on actually making the game. Plus, they want to be able to push out lots of updates fast. If they had hundreds or thousands of GSPs and they were making every one of them update their server files all the time for the new patches, the GSPs would be very unhappy.
The devs are not ready to release the server files yet, and your game server being DDOSed during alpha is not an appropriate reason to change that policy and release the files months before they're ready for public download.
-
I never said anything about attacking them. There are a ton of ways of finding out who did it and you can take action against that in a lot of ways.
-
Well, I will add you on steam to talk about that :)
-
The problem is that with a service such as GSP, people only have access to a control interface it can not really defend their server if they wanted. These are the GSP who have the means to secure and analyze IP.
And given the mentality of some, I have the impression that they are here to provide a minimum service to earn money and not to provide a real service.
So here is the question, where host a European server, without being banned by GSP because he is not able to provide services for which we would pay?
-
I dont think either is a single person who does this. And this isn't the client to make a procedure on this type of attack, but the provider (i think). And technical capabilities of the police on this type of case can't do great things (no enough money at stake). But give access to the person to create their own server on own machine or even have more choice about providers should solved the problem.
A ddos 300k pps for a single server you find that normal?
-
You're sadly, very uninformed on this topic. Distributed attacks can usually be linked back to a group or groups that rent or own space on a larger zombienet. Tracking down DDoS attacks is one of the most difficult cybercrimes to try and a.) Defend against and b.) persecute for. Not to mention the fact they could be in a non-extradition country and many are often paid through bitcoin. The means required to do this would far exceed the return, and that's assuming you're even successful to begin with.
In addition, Rust prices are already high-ish for game servers. If you wanted quality, effective DDoS protection we would be paying at a minimum ~$150/mo for servers.
Example: 1 good server from Black Lotus (midrange ddos protection. For comparison, Prolexic costs 7500/mo.) costs $1400/mo for a dedicated server with 16gb of ram, e1270v3, and 20gbs ddos protection . So, let's say we're a responsible GSP and put 8 customers on there because we only use 1 thread per customer. That means simply to offset the cost of the server we are charging 175.00/mo. That's ONLY to recoup our server costs. Now, we need to take into account staff. 1 24x7 person is 24hr/day + 12.50/hr USD = $9,000 /mo. Now, that 9,000 is part of doing business, so let's say we attribute 1/20th of the cost to our server. That's $450/mo to staff it 24x7. That's a cost we're fine with eating, but we have to make sure we recoup money on our total outgoing so we can stay profitable. Now we're talking $1850/mo on 8 customers, because we're responsible. We also want to make a profit, so we have to charge $2250 to make us profitable to where it's worth it. That's $280/per person. So, let's say we're nice and charge $250/mo per person. That's $150 profit per month. Eh. Not that great.
So, everyone wants DDoS Protection, but in reality this is what you're paying per month for a shared server with only 20Gbps of protection. Not to mention if you want their heuristic defense to try and sniff out attacks sooner... you're paying an extra $350/month on the total cost or an extra $45 per person. Now you're saying basically $300/mo for a shared server with only 2gb RAM dedicated, 1 thread on a 3.9 ghz processor, and 20Gbps hardware protection with heuristic protection on the traffic.
You guys want better GSP's, better protection, better servers. You can have it, but you're going to pay through the nose for it. So until you're ready to throw down $300 on a server, any provider you get is going to be the same for DDoS attacks. Not to mention the fact it's easy to get a 24 hour DDOS attack for ~$40 bucks that's ~40Gbps. And if that doesn't work, about ~$120 for and 24 hour 60Gbps. With those levels, the majority of GSP's globally are going to crumple. And if they're paying in bitcoin, there's a good chance it's a pittance for them if they were mining when you could get 1 a day or got in early when the silk road started accepting them at $10/per coin.
TL;DR: Unless you and several other people are willing to fork over major cash per month to host a game server, it doesn't matter if Rust has 1 host or 100. If someone is determined to shit on you, they're going to do it.
-
While I agree with what you're saying I don't agree that a decent network wide solution would be costly. OVH implemented a passive DDoS protection which filters your traffic should it detect you're under attack.
It seems to me that if you're sold "DDoS protection" you should expect a level of service which is capable of dispersing such attacks and not some half baked product where they're trying to make an extra buck. This was handled badly on the host's part, he should of gone to OVH and demanded compensation which is usually what happens in this case, doesn't the advanced protection (Pro) cost considerably more?
-
So, what network wide solution do you have that is cheap and effective over 40Gbps? Go ahead, find one, I'll wait. OVH's DDoS protection is the passive web traffic filtering that you can get for like 200/mo. It's cheap, and effective to about 1-10 Gbps and doesn't do shit against NTP attacks.
Additionally, DDoS Protection at 1kbps or 1TBps is still DDoS Protection. If you're not educated enough to understand or research what you're buying, that's on you not the provider. If you want DDoS protection, you're going to have to pay a shit ton. There are no two ways around it. Compensation? If you ask for compensation they're going to refund you the lost days and the remaining time after they cancel him. The fact they refunded 50% is more than he would normally get unless he can prove he was running a business and has income based on this server. Stop living in some fantasy world please.
-
It is precisely the protection (pro) by OVH that we had. it is a protection that doesn't protect, it is a fairly interresant concept.
-
He already said he paid for their advanced "Pro" protection.
-
Hi everyone, I totally agree with QNK !
We are one of the largest communities rust of France, I think it would be natural to distribute resources to people like us who work directly with the persons who make your success (the players).
Remember I applied for obtain the sources, i work for their community.
With an cisco server on a personnal optic fiber, all this only for server developpement !
And an hosted dedicated server in the same ISP (Illiad)the best datacenter in France!
My dedicated have a failover ip system, firewalls, and you pay attention to who distributed this sources so important for us, Give at least competent people, we have developers also in our team.
If i have to make a game server hosting platform I would!
-
I'm interested in your "tons of ways".. Name 3.
-
Education time. This is a quote directly from OVH on their protection.
The money speaks for itself, this is also network wide protection, not individual protection. Basically, they said previously that 500Gbps of protection would cost them $10 million. This was too much for them to absorb, so they went with a different type of DDoS protection. It's not always the case, but you pay for what you get most of the time when it comes to network infrastructure. Essentially, what they did was throw fast switching routers at key points in their network so that DDoS would have less of an impact. They didn't sell you something you didn't receive, they sold you exactly what they offer, you just didn't understand it. They're filtering is also likely to be crap against NTP, since they're targeting the IOC attacks which are traditionally NOT ntp attacks. Just FYI.
Again, understand what you're buying. Pay for the good stuff or deal with the shit you're going to get.
-
Whether you have a business or not, a guarantee is a guarantee. If a company is marketing you something which it isn't then you have a serious issue. So you're telling me if you paid $10 for DDoS protection, you wouldn't be pissed off because you only paid $10 for it - as in you literally gave them $10 for nothing.
Throughout this thread you've literally acted like a total c*nt quoting random unjustified & unsupported figures to make yourself seem momentarily smart.
The fact the OP paid for the advanced protection indicates to me that this was handled badly - Daemon Servers should have contacted OVH and had them look into it while also attempting to find out about compensation for THEM, for their loss of earnings due to customers leaving.
@OP did you even check that they had activated it, since I'm assuming you paid Daemon the fee, they could of just pocketed it themselves.
-
So anyone know a ncie GSP which had European Server ?
*GSP which not close your server cause they're is DDOS
-
You want citations? Sure.
Prices: http://www.blacklotus.net/host/dedicated-servers
Prices of DDoS: http://www.webroot.com/blog/2012/06/...ng-mainstream/
OVH DDoS Explanation: http://www.ovh.com/us/blog/a1171.pro...rvice-standard
OVH DDoS Spredsheet(Not very useful, but links are good): http://www.ovh.co.uk/anti-ddos/
He paid for and received exactly as they advertise. Come back when you're educated enough to participate in this discussion kthxbaiqtpi. Also, make sure you pay close attention to the wording, it's the difference between understanding and batshit insane.
-
I don't usually agree with RustyValve but he's totally right. It's not cost-effective for these small GSPs to pay for advanced DDoS protection without charging ridiculous prices for the average Rust server owner.
It doesn't matter if someone pays for protection or not, that "guarantee" only works up to a certain amount of traffic.
That said, it may be better for them to charge 3, 4, or more times what they are now for some stronger protection. More stable servers and less servers total meaning less servers that have 2 people in them.
Granted, these small GSPs need to shell out a large lump sum to get the ball rolling on something like this, which they probably don't have the luxury of doing.
-
You agree with me more than you know. We play on the same RP Rust server.
-
The problem is that now we have to spent by providers that will close the servers when they are no longer able to manage it.
What is the solution ? trying all current providers ? *shovel the money out the door*
If GSP actually proposed a solution, it would even with a higher price (not a fake solution)
There was the impression they have found the gold nugget, and they are in the process of pumping the cows.
-
PlayRust.eu has blacklotus WAF setup on their servers in Dallas. You also pay $150/mo and the capacity is only 10 GBps. They're also most assuredly virtualizing those servers and not running 1 server instance per thread. Which translates to 1 angsty teen with $40 bucks still able to push out a 20-40 Gbps attack on your server for 24 hours.
-
BMRF Servers offer DDOS protection at about double the cost of the other GSP's. I pay $45 a month for my 128 man Rust server. Something to look into OP. I'm not sure if they offer services in france.
Stay away from FPSplayers. I've been with them...when their servers aren't laggy they are being DDOS'd.
I was pretty happy with Nitrous Networks but again no DDOS protection but their performace was good and I was happy with them until they decided to drop all US servers and focus on EU instead.
BMRF has been a pleasure to deal with. Very fast support, great performace and so far no DDOS down time. But it is more expensive.
http://bmrfservers.com/
-
I've no idea about this topic so don't rage.
BUT.
Why can't you """simply""" block IP's that DDOS the server? Will the insta reject also generate too much of bandwidth?
I would love to know how exactly anti DDOS works, since I have no idea..
You can rate me dumb, but if so you are required to explain.
Thanks.
-
DDoS stands for Distributed Denial of Service. Distributed being the optimal word here. There are typically hundreds, if not thousands of IP's the attacks are coming from. So yes, you can do that, but not quickly. You also have to filter those IP's out of the possible millions you're receiving on your network. There's a reason DDoS is so expensive... it's effective and not easily protected against.
-
Ways to find out who is Ddosing you? You must of found some secrets that nobody knows about. It is VERY hard to find who is Ddosing you.
-
Is it available for France ?
-
Hi Kevin,
As you know I am one of the admins over at Daemon Servers UK. In response to your original post, I believe the true version of events are slightly different to what you have outlined and would like to take the opportunity to respond.
Reasonable size communities such as yours which often fills a 100 slot RUST server are the target of a growing number of attacks. These attacks are normally from rival communities, disgruntled players or inviduals who just want to watch the world burn. Unfortunately there is very little you can do to protect your server for any of those cases.
We appreciate you notifying us that you ran a high profile server before ordering with us. Phil advised you on February 21st that we would gladly try hosting your server and to see how things went. He even offered you a 20% off discount code for the lifetime of your service with us. I can see your server was set up instantly but came under almost immediate DDoS attacks.
Your formal requests for more information about our DDoS protection and a change of IP were acknowleged and you received a prompt reply. As mentioned in our response, we use some OVH servers with their own DDoS protection based on pps detection - http://www.ovh.co.uk/anti-ddos/.
As most people here will know there are currently two forms of DDoS used against RUST servers:
1. RUST specific attacks such as spamming the console to cause the RUST server to run out of resources and stop accepting connections or crash. We are powerless against these attacks as they appear as legitimate traffic with a fairly low pps rate. As far as I'm aware no GSPs offer protection from this and fixes must come from the developers.
2. Bandwidth attacks which saturate the incoming connection to the physical servers. These are distributed in nature which means there is no 'source' to track down. They are amoung the hardest attacks to trace on the internet and plague almost every service on the internet. The recent advent of NTP based attacks has seen the average size of a bandwidth DDoS attack by a factor of 2-3 compared with DNS based attacks in 2013.
Our dilema is a simple one. Do we provide top-end DDoS protected RUST hosting which is still vunerable to RUST exploits or affordable RUST servers which provides a balance between bandwidth protection and cost? We have obviously opted for the balance by selecting a good quality, mid-range DDoS solution which is also affordable for most of our customers. However, we also offer a premium DDoS protection which uses OVH's professional DDoS protection. This is an optional extra for which we charge a flat fee of £6.
We have tried to work with you to the best of our ability and have replied to your requests with an average response time below 30 minutes. After numerous complaints of lag, mainly due to RUST exploits, we upgraded you from one of our standard RUST servers with basic DDoS protection to one with professional protection. During your time on this premium server you were largely protected from bandwidth attacks, however we found ourselves continually changing firewall rules to also try and protect you from RUST attacks.
RUST is still a game in Alpha development and as such will have many exploits, bugs, vunerabilities, etc. Daemon Servers UK nor any other host can provide complete protection for an affordable price.
As we have lost business on our premium server due to yours continually getting attacked and affecting others on the same machine, we have had to let you go. This is not a choice we make lightly but we are simply not able to give you the protection you require for an affordable cost at this moment in time. For high profile RUST hosting you may want to consider getting a dedicated or co-located server with Black Lotus although you'll think twice over the cost.
In summary, we have taken every opportunity to work with you to protect your server against DDoS attacks. This has included fast response times, moving server, changing IP, free upgrades to premium DDoS protection and custom firewalls being implemented. It is simply not possible to provide complete protection, including RUST exploits for a price below several tens if not hundreds of pounds. For that reason and the effect your business has had on our other customers that we've had to let your hosting go.
We wish you every success in your future hosting of RUST servers and would be happy to hear from you should you find a host that suits your requirements.
-
Try this one. This is one of the big gsps out there that are now ofering rust.
http://www.gameservers.com/game_servers/rust.php
-
Hi Luke,
I do not blame your support, It's was a really good experience (better and faster than Multiplay as I told you).
But the question is if all GSPs abandon us because we got attacks, how we can provide a server for our community ? We simply cannot.
And, it's was not a cost issue, I said many times that we can pay extra money for a better service/protection.
Also, it's was not a game issue we didn't have install any plugins/mods. It's was only DDOS attacks.
-
He didn't say anything about mods, the Rust specific attacks are from spammed console commands.
This is just an exploit in the game until it gets patched by the devs.
Did you even read his post? It sounds to me like they did everything they could to help as much as they could and had the good business sense to provide a better experience to the majority of their customers rather than just one that they can't do anything for.
-
i dont think you know how an DDoS attack works and you also dont understand that OP is not blaming the GSPS but simply stating the fact that they are not prepared for this kind of situation and is looking for help/advises. Cant blame the gsps for not magically "fix" his situation but you cant blame him either.
-
I know enough about DDoS to know that it's not always just a flood of network traffic.
-
Exactly.
x 19
x 4
x 2
x 1
x 1
x 3
x 2
x 1
Informative x 4
