search

SirPlease / Server4Dead-Project

Public Instructions to setup your own L4D2 Servers.
29 stars 16 forks source link

Anti ddos l4d1 #8

Open Arnim0 opened 1 year ago

Arnim0 commented 1 year ago

Hello is there is any anti ddos plugin or script can be installed in Linux that real has effect.

SirPlease commented 1 year ago

Severe DDoS attacks should be handled on the network level, not on the machine itself as you are limited by multiple factors. A DDoS attack that saturates your machine's down link will not be able to be mitigated by any script of any kind.

Arnim0 commented 1 year ago

So there is no plugins can protect that problem it's been there for years so many server host say ddos protected but it's just for hardware not server :(

SirPlease commented 1 year ago

It all depends on the type of attack, if the attack is volumetric and isn't filtered out by the host before it reaches your server, there's nothing you personally can do about it other than attempt and contact customer support.

With L4D/2 most of the attacks are focused on spamming CPU-intensive requests to the server which are basically requesting your server to process the packet, generate the server information, reply with the information. These type of packets are valid and blocking them will result into your server not showing up on the serverlist.

On Linux your first line of defense is the IPTables, setting up some decent basic rules for it can help you battle invalid packets and this is also where you can ratelimit Source Engine Queries, which isn't something I'd recommend, but it does work.

For example, here's an old IPTables setup to deal with some standard invalid packets; https://github.com/SirPlease/IPTables/blob/master/iptables.rules.sh

Arnim0 commented 1 year ago

Man I will try that and see recently. L4d1 servers got ddos almost every single day it's very upsetting made ping spikes up to 1k until crashed I nfo servers do have some filters but can't block all kind of attacks , and got tired of that from haters doing anything possible to stop it with help of course I will put that and see

SirPlease commented 1 year ago

If you're using NFOServers you can try contacting support, they're very helpful when it comes to that type of stuff. I think there's a straight up Firewall page that you can setup in their control panel

Arnim0 commented 1 year ago

They do but not everything I tired but they told me to capture traffic when ddos attack it will help to filter that out, it's not enough I guess like udp flood I believe it's been used on my server and others very potful

Arnim0 commented 1 year ago

Do you mind if I ask ask you how to install this for linux ubuntu some readme got me lost with some of commands