|
|||||||
This is a discussion on "morons" in the Top Mud Sites Tavern of the Blue Hand forum : Currently we have a pretty big problem with our mud, and I wanted to seek the advice of this board, to see if anyone has any ideas about how to deal with it. Apparently someone with access to a large amount of computers is constantly sending partial packets to our server, which the router has to process. This overloads the router and it crashes. Since a lot of different computers are used, normal ‘spam filters’ do not work. We have a pretty strong suspicion about who is doing it, a player with a hacker/cracker background, who once told me ... |
|
You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our MUD community today! If you have any problems with the registration process or your account login, please contact us. If you are a registered member of the old TMS forums, please click here
|
 |
|
|
LinkBack | Thread Tools |
07-29-2002, 02:56 AM
|
#1 |
|
Senior Member
Join Date: Apr 2002
Location: Sweden
Home MUD: 4 Dimensions
Posts: 481
 |
Currently we have a pretty big problem with our mud, and I wanted to seek the advice of this board, to see if anyone has any ideas about how to deal with it.
Apparently someone with access to a large amount of computers is constantly sending partial packets to our server, which the router has to process. This overloads the router and it crashes. Since a lot of different computers are used, normal ‘spam filters’ do not work. We have a pretty strong suspicion about who is doing it, a player with a hacker/cracker background, who once told me that he had about 20 computers. He has done a similar thing before. And also uttered some recent threats on the mud. But as far as the coders tell me, there is no real proof to the identity. We also haven’t any valid e-mail address to this person, just one of the ‘free-from-the net’ ones, where you don’t have to reveal your real identity, and he logs on from a number address that changes each time. But surely there must be some way to track the culprit down, to make him stop his nuisance, and possibly bring charges? I’ve been told that you always leave traces on the net. And what he does must surely be illegal and should be punishable by law? |
|
    
|
|
07-29-2002, 03:33 AM
|
#2 |
|
Member
Join Date: Jun 2002
Location: the Netherlands
Posts: 65
|
Heya,
Physical attacks are always rather inconvenient. Though if it's one person with more computers he won't have a different ip range from every package unless he spoofs his host constantly. To your question: There are ways to backtrace an ip adress, and can be done to trace the route as far back as it goes. All other ips he passes will be recorded and he won't be able to spoof those. Anyway that's as much as I know about it, there are people far more experienced in this stuff, and best changes are another hacker...  Greetings Dre |
|
|
|
|
07-29-2002, 04:45 AM
|
#3 | |
|
Member
Join Date: Apr 2002
Posts: 122
|
Actually, it's impossible to pin a DRDoS (which seems to be what you're describing) to a real person if that person has even half of a functioning brain (i.e. a pre-pubescent 5|<riP7 |<idD13 will do nicely). Anyone who claims otherwise doesn't know what he/she is talking about. Sure, you can trace the packets back to the source, but the source is usually a zombied windows box, and the trail ends there. Period.
Quote:
 ) by the person.GRC has some good reading for people unfamiliar with the subject. |
|
|
|
|
