Server leaking ips (fB's Weekly)

[FrostBeule]

TMarc: welp, that sounds pretty bad. And nothing from Nadeo either which I guess is to be expected since they have their hands full and their focus elsewhere.

It seems like there isn't really a way to protect the ips from being leaked which is a pity. I do wonder though if it would be good enough of a protection if a player would use a VPN..? But even if that's possible I kinda doubt people would make that effort just to play in a silly race.

[w1lla]

maybe this is something that might arouse suspiscion:

http://lifehacker.com/how-to-see-if-you ... 1685180082

WebRTC can affect maniaplanet as it uses for example Internet Explorer.

[FrostBeule]

Well it seems like there are ways to prevent the VPN to leak the ip according to that article, so it's not really a huge concern I guess.

Anyway, it would be good to know if using a VPN would protect the players or not, so if anyone know anything about it, please let me know.
If it works, then there might be a chance I could still host my race, though it would obviously require people to get (buy?) a VPN-service which I'm not so sure people would be willing to do. But at this point I'd be fine trying it out since I REALLY want to start hosting my race again...

[Meson]

Hello,

is there any solution for this problem? I was disconnected today from a server by another player and that was not even a competition or similar. It seems that this kicking technique is starting to spread on normal servers as well.
After the attack, my router simply crashed. It never did something like that before(since 2 years!). The internet connection or provider was not the cause because I have separate cable modem where I can see if the connection is ok or not.

So how can I protect myself from this type of attacks?
Thanks.

[FrostBeule]

You could try playing with a VPN-service, though you absolutely need to change your current IP first. Some of them are free and should be enough to just play the game. I've tested one called "CyberGhost" which worked okay for me. However I can't say for sure if it's a full-proof protection or not since I'm not an expert.

Either way, I also think this might start to happen more often, especially if Maniaplanet and/or Turbo becomes more popular and the methods of how to do this becomes more publicly known. You already see this being a huge issue in bigger games, so it would be nice to see Nadeo prioritize it and maybe find a way to encrypt the communication between the players and the servers so it can't happen anymore by default. That would force the ones doing this to go by alternative methods to get peoples' IP-addresses instead (eg. Skype, Teamspeak or other vulnerable p2p software).

Personally I think it should be prioritized a lot, not only to ensure the community competitions can be held without problems as they in many ways are the backbone of this community, but also to protect the people who only want to play the game in a casual way without having to deal with this kind of issue.

[Meson]

Thank you Frostbeule for the info.
I spent some time to find out how this kicking works. I am not an expert either but have some background knowledge. I think most of the people that are trying to kick others from a game are just following some tutorials from the net. That's why I focused on the similarities of these tutos and they are all based on getting IP's through some sort of software that sniffs special data packets. After obtaining the IP of the victim, they start to ddos it either with a special software (regrettably very easy to get or even from cmd) from their own internet connection(if they are stupid enough) or with some ddos online services (unfortunately free and very effective).
I tested an attack on my own connection with a free service and got my router crashed the same way it did yesterday when I was in the game. I was frightened how easy and fast it was to take the box down.
After updating the firmware (my old firmware was from 2012 ) I got some new security filters that were not available in the older version: ICMP-FLOOD Attack Filtering, UDP-FLOOD Filtering, TCP-SYN-FLOOD Attack Filtering.
Especially the UDP FLOOD and TCP SYN FLOOD should be active and their thresholds adjusted.
Initial test attacks with local ddos software and online ddos server were not successful this time. I hope that this is a first step to a solution for this mess. But I think if the ddos is massive enough, then even the filtering won't help here.
Ofc it would be much better if the client-server communication were differently designed so that Ip's could not be sniffed by other players.

Btw It is awkward to write in this topic because solutions could be at the same time a tutorial for an attack.

[Rots]

Personally, in SM elite matchmaking during a match, I suspiciously lost connection during an attack round, in 1v1 situation with 3hp just before pole was open to be captured. Right after when I logged back in the next round, the attacker from my team lost connection too. Match was over then, no need to say the team I was playing against was allied and casually I know they play TM too (I won't say names cuz I have no proofs and some of them played on fb weekly)... Later on the lobby I got told that they laughed on chat when I left due to my disconnection like cheering.

[TheBigG.]

So if we speak about amplification attacks, DNS has a factor of 8x, NTP is 19x, so if you rent a 30€ server with 100 MBit/s connection in a network where IP spoofing is possible. You can achieve with 30€ 800/1900 MBit/s malicious traffic, i don't see how a home connection would be able to receive that and even less how a home router would be able to filter that traffic.

[FrostBeule]

Since Nadeo are a bit more active on the forums these days, would it be possible to get a statement on this issue?

Thanks in advance.

[Miss]

I doubt that DOS-ing someone's connection has anything to do with this, especially since ISPs nowadays are pretty resistant against things like that. I'm curious why you're suspecting that this is a person doing this, and not just a generic bug in the server? It'd be interesting to see a debug log from someone who got disconnected during such match.