I'm running a dedicated server 24/7 (RetliG), and have a couple of scripts monitoring the activity such as when players are connecting and disconnecting, from what IP and so forth.
Recently I've noticed a couple of recurring IP:s (37.235.1.174, 37.235.1.177 and 5.135.91.67, primarily in France and Austria if "whois" is to be trusted, which isn't necessarily the case) that several times a day establish connections lasting no more than 5 - 10 seconds.
Does anyone have a clue as to what this might be about? The behaviour seems very odd, and I find it hard to believe that there are actual human players behind those IP:s. Then again, I fail to see the point in having bots connecting to TM2-servers.
TM2 Stadium; curious connections from players or bots
Moderator: NADEO
Re: TM2 Stadium; curious connections from players or bots
It could be a port scan and a try to breach into your server, misunsing known vulnerabilities.
Re: TM2 Stadium; curious connections from players or bots
As it turns out, the first two of those IP:s are OpenDNS IP:s called upon from my own system(!) on a regular basis. You may laugh. 
For some reason though, they briefly register as an established connection to the ports used by my TM2-server without, obviously, actually connecting to the TM2-server. This is enough to wreak havoc with my script which registers a connect and disconnect in rapid succession. The third IP, I don't know. Probably a port scanner causing the same reaction from my script for similar reasons but with malicious intent.
Now here's the interesting part; I can't seem stop any of these IP:s from at least sniffing the TM2-ports closely enough as not to upset my script. Not using firewall settings anyway. Which is annoying, and thus far lacking for an obvious explanation.
For some reason though, they briefly register as an established connection to the ports used by my TM2-server without, obviously, actually connecting to the TM2-server. This is enough to wreak havoc with my script which registers a connect and disconnect in rapid succession. The third IP, I don't know. Probably a port scanner causing the same reaction from my script for similar reasons but with malicious intent.
Now here's the interesting part; I can't seem stop any of these IP:s from at least sniffing the TM2-ports closely enough as not to upset my script. Not using firewall settings anyway. Which is annoying, and thus far lacking for an obvious explanation.
Re: TM2 Stadium; curious connections from players or bots
That's interesting, not funny 
Perhaps ths sniffing is just general, an alive check from your hoster, or simply due to the fact that you are running a server online.
But until now, I did not see any report of such phenomenon with any other server... very strange.
Perhaps ths sniffing is just general, an alive check from your hoster, or simply due to the fact that you are running a server online.
But until now, I did not see any report of such phenomenon with any other server... very strange.
Who is online
Users browsing this forum: No registered users and 0 guests