Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

Protect (hide) game server IP address - Battlefield Bad Company 2
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Protect (hide) game server IP address - Battlefield Bad Company 2

Anna_ParkerAnna_Parker Member
edited February 26 in Help

Hello world!

I am running Battlefield Bad Company 2 server. Since we are getting DDoS attacks it is easy to deal with using hostings with strong antiddos protection (path.net FTW!). The problem is the game server is old (like Windows 7) and full of bugs and the attackers injects some data to crash server and/or drop all player's connections. Game server requires few ports UDP and TCP.

The question is:
How to run game server and hide real IP of server? It should look like this:

                 Attackers
                     ^
                     v
My VPS Server <  > Magic <  > Master Server
                     ^    /
                     v   v  
                  Players

What can be a magic here? Cloudflare enterprise solution is damn expensive. Any lowend? TIA.

Comments

  • tentortentor Member, Patron Provider

    @Anna_Parker said: The problem is the game server is old (like Windows 7) and full of bugs and the attackers injects some data to crash server and/or drop all player's connections.

    You need to patch that. Otherwise no DDoS protection will cover you.

    Thanked by 2yoursunny AXYZE
  • stefemanstefeman Member
    edited February 26

    @Anna_Parker said:
    Hello world!

    I am running Battlefield Bad Company 2 server. Since we are getting DDoS attacks it is easy to deal with using hostings with strong antiddos protection (path.net FTW!). The problem is the game server is old (like Windows 7) and full of bugs and the attackers injects some data to crash server and/or drop all player's connections. Game server requires few ports UDP and TCP.

    The question is:
    How to run game server and hide real IP of server? It should look like this:

                     Attackers
                     ^
                     v
My VPS Server <  > Magic <  > Master Server
                     ^    /
                     v   v  
                  Players

    What can be a magic here? Cloudflare enterprise solution is damn expensive. Any lowend? TIA.

    Identify the bugs and block them on with available server tools or at worst case, in the network level with string search for example, or hex search from each package.

    You cannot "hide" an IP which you expect players to connect.

  • bootboot Member

    ipv6 will save you.

  • SwiftnodeSwiftnode Member, Host Rep

    @tentor said:

    @Anna_Parker said: The problem is the game server is old (like Windows 7) and full of bugs and the attackers injects some data to crash server and/or drop all player's connections.

    You need to patch that. Otherwise no DDoS protection will cover you.

    I think what they're saying is that the game server software is no longer maintained by it's developer, and since it's battlefield, not open source for OP or anyone else to fix.

    DDoS mitigation can absolutely still help even if the software itself is vulnerable to exploits that occur over the network. It just needs to be a tailored solution, figure out what packets are being used to disrupt the legitimate traffic/crash the server, and discard them prior to them reaching the application.

    Thanked by 1Anna_Parker
  • AXYZEAXYZE Member
    edited February 26

    I am not familiar with BFBC2, but usually server crashers send invalid or too many commands to server which causes it to use all available resources.

    Here is example from CSGO
    https://forums.alliedmods.net/showthread.php?t=284184

    So to fight with that you can capture the packets, find common patterns and then block it on firewall. It will be a simple solution that may completely block it or not, depends on quality of the rule and if there's multiple methods.
    If its server command spamming then you can play with rate limiting.

    This will require you to spend a lot of time.

    You can speedup process by finding exact hack that they use to crash server, as this is probably automated by some paid cheat.

    If playerbase doesn't change that much you can have bulletproof firewall quite easily - default-deny on your firewall and allow only IPs/accounts that belong to X player. Some servers do it automatically via script/bot (for example ohnePixel's server in CS2 requires you to connect your Steam account to their Discord and you won't connect to server otherwise. If you join Discord and connect your Steam ID then you are able to connect. Trolls/crashers are basically non-existing, too much hassle for them.).

    Thanked by 1Swiftnode
Sign In or Register to comment.