
...And their effects on the community
There has, in recent times, been a marked increase in DDoS attacks on JKA servers. No, not the GameTracker ones, but other ones: DDoS attacks launched by members of the JKA community on other members of the JKA community. I'd like to talk about that a bit.
A reminder: what a DDoS is
A DDoS attack is an attack where you flood a server beyond its processing power (bandwidth and maximum simultaneous connections, typically) to take it down. You spam connections to a server, particularly from multiple sources (a DDoS from a single source is called a DoS), in an attempt to take it down. This is common across the internet, and DDoS attacks are often launched against anything from webservers to game servers.
I feel like I cannot emphasize enough that a DDoS attack is not a hack, and does not compromise your security in any way at all. It's simply a matter of throwing more traffic at your server than it can process. It can happen to anyone.
Here's that useful diagram from Mr. and Mrs. Wikipedia again:
Recent events
A few days ago, a number of popular servers were taken down by someone through DDoS attacks of up to around 5 Gbps (most servers run on either 0.1 Gbps or 1 Gbps connections). These include JAWA, EK, and others. I've been working with some of them, and their server providers, to mitigate these attacks and find a solution.
A while ago, several MB2 servers were hit by DDoS attacks as well. You can find a thread about it here, for instance.
These are not the only instances of DDoSes that have happened lately, nor do I think they will be the last. Perhaps unremarkably, in every case of DDoS attacks, the intention seems to force other players to do something. Clans are told they should remove certain members the attackers dislike, or be hit by a DDoS. Servers running MB2 are DDoSed in an attempt to make players play JKGalaxies instead (which, for the record, the JKG team had absolutely nothing to do with, and condemned). Servers who ban certain players are told to unban those players, and let them break any rules those servers enforce, or be hit by a DDoS. The list goes on.
A chilling effect
I feel like these DDoS attacks are a considerable threat to the JKA community - more so than the attackers realize. With every DDoS attack, it becomes more difficult, and less appealing, to run a JKA server. As a result, the number of JKA servers will shrink.
Additionally, every time a server is taken offline by a DDoS attack, it affects the number of people playing JKA, simply because people can't play on their favorite servers, and as a result, often won't play at all until it's back online.
There are those who will argue that, simply by paying attention to this problem and writing this article, I'll be exacerbating the problem. That's possible, but I feel like it's a subject worth talking about nonetheless.
Why it's ineffective
The aim of these DDoS attacks, as I mentioned earlier, is to make players do something they don't want to - be it playing a different mod, or cutting their ties to other players. The reason people play games in the first place is to have fun. If one is constantly discouraged from having fun, one will eventually just quit playing JKA, negatively affecting the community, but not meeting any real demands. Besides, the moment one starts accepting these demands, one opens one's self up to further demands in the future, and essentially loses all control over their own server or clan.
There will always be people on JKA you don't like, and indeed, whose style of playing you find repulsive. By all means, avoid those people, and even argue with them, irritate them, get banned by them, or ban them yourself, but I'd urge anyone who will listen not to resort to DDoS attacks, as it has an extremely chilling effect on the community, and you will never be able to eliminate all players you don't like.
If any servers have issues with DDoS attacks, they are welcome to contact me at any time, and I will do everything in my power to help them mitigate the attacks. In the meantime, if you have root access to your own server, or if you are a game server provider, I'd highly recommend using the following Linux firewall rules, or variants of them:
#Basic UDP flood prevention in IPTables. Courtesy of Soh Raun. These go at the beginning of the INPUT chain. iptables -A INPUT -p udp --dport 29070:29080 -m length --length 41:42 -m string --algo bm --from 32 --to 41 --string 'getstatus' -m recent --set --name jka_getstatus iptables -A INPUT -p udp --dport 29070:29080 -m recent --update --seconds 1 --hitcount 5 --name jka_getstatus -j DROP iptables -A INPUT -p udp --dport 29070:29080 -m length --length 39:40 -m string --algo bm --from 32 --to 39 --string 'getinfo' -m recent --set --name jka_getinfo iptables -A INPUT -p udp --dport 29070:29080 -m recent --update --seconds 1 --hitcount 5 --name jka_getinfo -j DROP
...as well as software like DDoS Deflate and/or ServerArk.
By Caelum, in Community News,
Recommended Comments
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now