DDoS Protected

Osetec

@amsaal said:
if i was ahzam i would close community and enjoy in beach . lots of money wasted oh dear.

Good Idea.

Habeeb

@Osetec said:

@amsaal said:
if i was ahzam i would close community and enjoy in beach . lots of money wasted oh dear.

Good Idea.

LOL no one has null routed the server, unfortunately, you were unsuccessful, Ahzam has already closed the community and you guys remember your father name very clearly, Don't you remember how he has overthrown you so many times so don't recall him otherwise you will regret it.

Habeeb

@Osetec said:

@amsaal said:
if i was ahzam i would close community and enjoy in beach . lots of money wasted oh dear.

Good Idea.

And the attack you sent, you know you will bear the consequences sooner or later, Mr Shaheer Faisal Rizwan, wanted for the murder of his wife.

https://www.thenews.com.pk/print/202278-Tight-lipped-about-possible-dealmother-wants-killer-behind-bars

In 2015 you used lizardstresser : https://zaufanatrzeciastrona.pl/post/polskie-ofiary-i-uzytkownicy-serwisu-ddos-od-lizard-squad/

Now you are using Jeff spender, you are nothing on your own, plus you have no life, get a life, there's nothing you can do except DDoS, in real life you are shit, keep running from the sins you did, but you would bear the consequences sooner or later.

Habeeb

@amsaal said:
if i was ahzam i would close community and enjoy in beach . lots of money wasted oh dear.

To be honest, no money is wasted, when you have a will there's a way, so many providers are with me providing me the servers without any cost, and you can't be Ahzam even in your dreams buddy, you can just lick and live that's in your veins

ehhthing

Oh this thread just got infinitely more :popcorn:

Habeeb

@amsaal said:
if i was ahzam i would close community and enjoy in beach . lots of money wasted oh dear.

I am sure from your history $5 - $10 is so much money for you & you would chill out in a beach with that money rofl.

amsaal

@Habeeb said:

@amsaal said:
if i was ahzam i would close community and enjoy in beach . lots of money wasted oh dear.

To be honest, no money is wasted, when you have a will there's a way, so many providers are with me providing me the servers without any cost, and you can't be Ahzam even in your dreams buddy, you can just lick and live that's in your veins

I think that comment was just to make you calm down a bit because of problems you are facing .. you can say it was joke but you took it seriosuly.

stefeman

When the Pakistani drama is just about right..

amsaal

@stefeman said:
When the Pakistani drama is just about right..

haha nice 1

stefeman

@Habeeb post a tcpdump of the "application layer attack" here. I'm sure its just some public stresser in the end. 800 Gbps of TS3 reflection traffic, I call bullshit right now. Whatever passes the filter, you can likely block with local firewall.

amsaal

@stefeman said:
@Habeeb post a tcpdump of the "application layer attack" here. I'm sure its just some public stresser in the end. 800 Gbps of TS3 reflection traffic, I call bullshit right now. Whatever passes the filter, you can likely block with local firewall.

this wont helped . you remember mine? your rules i put exactly same OVH could not block it but i found 1 provider that fix this flood for me .

stefeman

@amsaal said:

@stefeman said:
@Habeeb post a tcpdump of the "application layer attack" here. I'm sure its just some public stresser in the end. 800 Gbps of TS3 reflection traffic, I call bullshit right now. Whatever passes the filter, you can likely block with local firewall.

this wont helped . you remember mine? your rules i put exactly same OVH could not block it but i found 1 provider that fix this flood for me .

Are you xoxx by any chance?

it depends on the attack. you suffered from this one, remember?

https://gitlab.com/cryptio/ddos-research/-/blob/master/attacks/kill-all.md

There was no solution like the above link for that one, at the time.

You also suffered from TCP/UDP based 585858585858 A2S attacks.

Which the cure for it was:

iptables -A PREROUTING -t raw -p tcp -m multiport --dports 22,27015,10011,9987,5901,30033 -m string --algo kmp --hex-string '|5858585858|' -j DROP
iptables -A PREROUTING -t raw -p udp -m multiport --dports 22,27015,10011,9987,5901,30033 -m string --algo kmp --hex-string '|5858585858|' -j DROP

Your problem was also the lagspikes before the anti-ddos came active, and not that the server would be completely dead.

amsaal

@stefeman said:

@amsaal said:

@stefeman said:
@Habeeb post a tcpdump of the "application layer attack" here. I'm sure its just some public stresser in the end. 800 Gbps of TS3 reflection traffic, I call bullshit right now. Whatever passes the filter, you can likely block with local firewall.

this wont helped . you remember mine? your rules i put exactly same OVH could not block it but i found 1 provider that fix this flood for me .

Are you xoxx by any chance?

it depends on the attack. you suffered from this one, remember?

https://gitlab.com/cryptio/ddos-research/-/blob/master/attacks/kill-all.md

There was no solution like the above link for that one, at the time.

You also suffered from TCP/UDP based 585858585858 A2S attacks.

Which the cure for it was:

iptables -A PREROUTING -t raw -p tcp -m multiport --dports 22,27015,10011,9987,5901,30033 -m string --algo kmp --hex-string '|5858585858|' -j DROP
iptables -A PREROUTING -t raw -p udp -m multiport --dports 22,27015,10011,9987,5901,30033 -m string --algo kmp --hex-string '|5858585858|' -j DROP

Your problem was also the lagspikes before the anti-ddos came active, and not that the server would be completely dead.

tried all but it was query flood 12,000 packets per second.

i have email from OVH provider that told me even they cant stop.

stefeman

@amsaal said:

@stefeman said:

@amsaal said:

@stefeman said:
@Habeeb post a tcpdump of the "application layer attack" here. I'm sure its just some public stresser in the end. 800 Gbps of TS3 reflection traffic, I call bullshit right now. Whatever passes the filter, you can likely block with local firewall.

this wont helped . you remember mine? your rules i put exactly same OVH could not block it but i found 1 provider that fix this flood for me .

Are you xoxx by any chance?

it depends on the attack. you suffered from this one, remember?

https://gitlab.com/cryptio/ddos-research/-/blob/master/attacks/kill-all.md

There was no solution like the above link for that one, at the time.

You also suffered from TCP/UDP based 585858585858 A2S attacks.

Which the cure for it was:

iptables -A PREROUTING -t raw -p tcp -m multiport --dports 22,27015,10011,9987,5901,30033 -m string --algo kmp --hex-string '|5858585858|' -j DROP
iptables -A PREROUTING -t raw -p udp -m multiport --dports 22,27015,10011,9987,5901,30033 -m string --algo kmp --hex-string '|5858585858|' -j DROP

Your problem was also the lagspikes before the anti-ddos came active, and not that the server would be completely dead.

tried all but it was query flood 12,000 packets per second.

i have email from OVH provider that told me even they cant stop.

12k PPS is very low amount, something is wrong with ur configuration, or its not updated to counter further attacks. I never had access to your server so I can't keep up what kind of attacks you received after, or investigate them in real time. It's constant cat and mouse.

This is my server when suffering from attack, and theres nothing wrong with it.

Overall, limit the allowed ports, and drop rest in prerouting, and then apply A2S rules for any traffic that targets the ports you must allow. Its also good idea to distribute the services.. as in, don't host TS3 server at the same machine/IP as your gameserver.

amsaal

@stefeman said:

@amsaal said:

@stefeman said:

@amsaal said:

@stefeman said:
@Habeeb post a tcpdump of the "application layer attack" here. I'm sure its just some public stresser in the end. 800 Gbps of TS3 reflection traffic, I call bullshit right now. Whatever passes the filter, you can likely block with local firewall.

this wont helped . you remember mine? your rules i put exactly same OVH could not block it but i found 1 provider that fix this flood for me .

Are you xoxx by any chance?

it depends on the attack. you suffered from this one, remember?

https://gitlab.com/cryptio/ddos-research/-/blob/master/attacks/kill-all.md

There was no solution like the above link for that one, at the time.

You also suffered from TCP/UDP based 585858585858 A2S attacks.

Which the cure for it was:

iptables -A PREROUTING -t raw -p tcp -m multiport --dports 22,27015,10011,9987,5901,30033 -m string --algo kmp --hex-string '|5858585858|' -j DROP
iptables -A PREROUTING -t raw -p udp -m multiport --dports 22,27015,10011,9987,5901,30033 -m string --algo kmp --hex-string '|5858585858|' -j DROP

Your problem was also the lagspikes before the anti-ddos came active, and not that the server would be completely dead.

tried all but it was query flood 12,000 packets per second.

i have email from OVH provider that told me even they cant stop.

12k PPS is very low amount, something is wrong with ur configuration, or its not updated to counter further attacks. I never had access to your server so I can't keep up what kind of attacks you received after, or investigate them in real time. It's constant cat and mouse.

This is my server when suffering from attack, and theres nothing wrong with it.

Overall, limit the allowed ports, and drop rest in prerouting, and then apply A2S rules for any traffic that targets the ports you must allow. Its good idea to distribute services.. as in, don't host TS3 server at the same machine/IP as your gameserver.

Ok i will once again look into it. Thanks

Hoptrics

@Habeeb you mentioned that OVH "drops your country"-- well I've seen this first hand, and I was able to fix this by white-listing my IPs that I don't want dropped on the OVH IP Firewall. Just add a rule to allow all IPv4 to your address and problem solved.

MikeA

@Hoptrics said:
@Habeeb you mentioned that OVH "drops your country"-- well I've seen this first hand, and I was able to fix this by white-listing my IPs that I don't want dropped on the OVH IP Firewall. Just add a rule to allow all IPv4 to your address and problem solved.

OVH firewall has a limit of 20 rules, so this is kinda useless unless he only has a few people, not a whole ISP/country blocked.

Hoptrics

This is true. I am still a bit skeptical about the size of these attacks; it seems highly unlikely that he is seeing 200+gigabit regularly. MAYBE once a month for a very short time. We host several game servers and our transit drops every standard SYN/flood/ICMP non-spoofed DDoS. Only issue is the games that are UDP heavy tend to be more problematic so we use GRE tunnels to a Magic Transit host.

I would say your best option is CF Magic Transit, assuming your math on the attack volume is even remotely in the ballpark.

Francisco

@Hoptrics said: I would say your best option is CF Magic Transit, assuming your math on the attack volume is even remotely in the ballpark.

We had a customer eat a 700 - 800 gbit flood the other day. Crazy stuff.

Francisco

SCAM_DONT_BUY

This started to turn into a drama thread. Finally!

ourvds

@Habeeb said:

@ourvds said:

@Habeeb said:
Greetings
I am looking for a ddos protected hosts, my team has tried several hosts such as stormwall, voxility, OVH , but was not protected from the type of attack received, the botnet attack ranges from 200gbps to 800gbps(Amplified), we have a large scaling community of gamers consisting of teamspeak 3 and multiple game-servers.

https://www.team-host.ru/ ask this is place

I have tried them they said there protection does not work with the size of attack I am receiving

long ago asked?

Blazingfast_IO

@Habeeb said:

@amsaal said:
if i was ahzam i would close community and enjoy in beach . lots of money wasted oh dear.

I am sure from your history $5 - $10 is so much money for you & you would chill out in a beach with that money rofl.

Hello Habeeb could you give us a try please?

CertaHosting

All our products are DDoS protected. Take a look