|*KoG*| King of Gores - general_chatroom

|*KoG*| King of Gores

━━━━━ Chat ━━━━━ / general_chatroom

General discussions or talks about KoG servers and KoG community can be made here. English only.

Between 2021-06-07 00:00:00Z and 2021-06-08 00:00:00Z

If someone want to ddos it for testing purposes, go ahead, you have permission to do so (if you do not find the server in the list, use the IP address 45.141.57.5:27000 ) (There are all the KoG maps inside) (edited)

Image attachment

issou

4

3

https://lowhosting.org/attacks/attackdetails.php?att_id=50270256 https://lowhosting.org/attacks/attackdetails.php?att_id=50272241 https://lowhosting.org/attacks/attackdetails.php?att_id=50272253 https://lowhosting.org/attacks/attackdetails.php?att_id=50272792 https://lowhosting.org/attacks/attackdetails.php?att_id=50272797 https://lowhosting.org/attacks/attackdetails.php?att_id=50273035 https://lowhosting.org/attacks/attackdetails.php?att_id=50273368 https://lowhosting.org/attacks/attackdetails.php?att_id=50273528 https://lowhosting.org/attacks/attackdetails.php?att_id=50276270 I also modify this message to the log of all attacks received in these 48 hours (edited)

GG @Davide, you just advanced to level 3 !

@Moderator Hi guys! I need a moderator to register my account

@cAт in #info you can See where u can register your acc

Sorry, should I contact them directly?

Image attachment

Nope, you just have to wait a bit

Ok, thank you!

@Davide why do u want people to attack ur srv lol

Deleted User

@Davide why do u want people to attack ur srv lol

Testing new filters

gl, teeworlds is so shitty

06:46

at least 0.6

Deleted User

gl, teeworlds is so shitty

GL?

good luck

Deleted User

good luck

I think that I already patched all the possible attacks

oof

06:48

gl

06:48

:p

Deleted User

oof

I didn't do it alone, I also had the Voxility team helping me

voxility sux

06:49

their filter is too hard

06:49

ask them to stop filtering shit

Lol?

06:49

It is aggressive, but that's what Teeworlds need to don't be downed. (edited)

06:50

@Davide well it would surely drop legitimate traffic due to that lol

06:53

that's also why none is hosting at voxility, after tryin

06:53

but good host if they stop that shit

It's under attack right now for example

lel who's attacking

About 5-6 peoples joined to ddos

dafq xD

In these hours

06:54

Up you can see the logs

yeh but your logs won't show anything special

06:54

for teeworlds the content is more importnat

I know

06:55

But I'm in

06:55

And no lags

06:57

Check the Talk1 room

06:57

Look at the screensharing if you want

@Davide do u even block attacks without disabling specific functionalities, like joining the game or being able to see the server

06:58

overwise that's cheating, and everyone already knows how to do that

You can still join

eg, can't see your srv

06:59

that's an issue (edited)

It's normal

06:59

But not an issue for KoG

it's bad

Nope

06:59

KoG have a static list

06:59

As I can remember

well imagine someone not having their srv in favorites

Mmm

06:59

I have to think about that

well :p, our server already has everything against vali, only ovh sux

Btw that's only during the attack

Deleted User

well :p, our server already has everything against vali, only ovh sux

All the servers fall, I tried all the servers, and if you play for some days you will see that sometimes it fall due ddos

07:00

Just play and you see it lol

Our server falls cuz OVH is blocking legitimate traffic

07:01

ask them to stop their shit and our srv will never fall

Idk why but it is a shit

yea, it sux, but afterall everything owuld work perfectly even under attack

Actully on mine you just don't see it in the list if it is under attack

what about TKEN requests

Try

can't attack lol

I made this test server do test the vulnerabilities

just askin xd

And fix it

07:02

Btw

07:02

Mitigation stopped

I mean, if u block people entering the srv, that's bad too

I don't block

07:02

lol

Then how do u do for TKEN :p

I didn't tried yet

ha

If you can, try

Well if I could I would have tried, but can't

If there is a issue, I can fix it or if I can't, I can ask to voxility to check lol

Deleted User

Well if I could I would have tried, but can't

Okay

07:05

Btw, do you play Gores, or?

Deleted User

Well if I could I would have tried, but can't

(Ask to someone that can try, so)

go ask vali

07:07

this idiot

Who's vali? lol

GG @Davide, you just advanced to level 4 !

Davide

KoG have a static list

No, we dont have a "static list"

the one who does all the attacks against most of servers recently

Avolicious

No, we dont have a "static list"

Why I still see some "dead" servers?

07:08

Look at the screen sharing @Avolicious

if you use latest ddnet version there's a cache I think

Because they're not online

they seem to test https masters

DDNet 15.5 adds HTTP(s) master, yes

Avolicious

Because they're not online

But still in list, right?

You can download the list on your own

That's not a static list? lol

07:09

If the server is offline, but you still see it

They're added to ddnet's tab

Deleted User

the one who does all the attacks against most of servers recently

And it is in this discord? lol

https://info2.ddnet.tw/info

no I think he would have been banned just after joining it lmao

GG @Deleted User, you just advanced to level 7 !

Deleted User

no I think he would have been banned just after joining it lmao

Oh ok

this retard

Deleted User

no I think he would have been banned just after joining it lmao

As I said, if some dead servers still in the list, it is not full dynamic

only some caching shit

Deleted User

this retard

xD

but if you take the fact that https masters are only in testing state rn

Deleted User

only some caching shit

I see that there is 4-5 dead servers in the list since about weeks

old https masters doesn't rly have static list

That's not cache o.o

Checkout the link I've posted

the list is being sent to you by masters

"servers-kog": [

Avolicious

Checkout the link I've posted

Already done

Deleted User

the list is being sent to you by masters

Yes i know

This is just the verification

07:11

To get the checkmark on ddnet clients

ok

07:12

Btw, if you want ask him in private @Deleted User

07:12

And we can see him fails xD

07:13

(or if he can fall it, then I can patch it, lol )

I won't talk to him lol, go ask him by yourself

07:13

won't talk to a noob

I don't know him LOL

07:13

xDD

07:13

Btw I already tried all the types of attacks

07:13

And nothing happens

07:14

Ok I listen you now @Avolicious

07:14

Another attack

Davide

https://lowhosting.org/attacks/attackdetails.php?att_id=50270256 https://lowhosting.org/attacks/attackdetails.php?att_id=50272241 https://lowhosting.org/attacks/attackdetails.php?att_id=50272253 https://lowhosting.org/attacks/attackdetails.php?att_id=50272792 https://lowhosting.org/attacks/attackdetails.php?att_id=50272797 https://lowhosting.org/attacks/attackdetails.php?att_id=50273035 https://lowhosting.org/attacks/attackdetails.php?att_id=50273368 https://lowhosting.org/attacks/attackdetails.php?att_id=50273528 https://lowhosting.org/attacks/attackdetails.php?att_id=50276270 I also modify this message to the log of all attacks received in these 48 hours (edited)

2mbps

07:15

about

07:15

There is a TS inside and a webserver, not only TW

07:15

?

07:16

I reiceved more than 1.2 Tbps about a week ago

07:16

I have a company, it's not a " vps that I purchased from someone "

07:16

Repeat

07:16

Yes Voxility mainly

07:18

lol

07:18

probably ddnet-server don't have so good the packets (edited)

07:18

07:18

the abnormal packets

07:18

what?xD

07:19

I don't understand you ;'(

fstd -> 64p based inforeq gie3 -> vanilla inforeq TKEN -> joining server

yes

07:19

I seen it yes

07:20

LOL

07:21

yes?

Davide

yes

iptables -A INPUT -p udp -m u32 --u32 "38=0x67696533" -j serverinfo
iptables -A INPUT -p udp -m u32 --u32 "38=0x66737464" -j serverinfo

07:21

https://github.com/ddnet/ddnet-scripts/blob/master/ddnet-setup.sh

Why there are a /24 blocked at the "ddnet-setup.sh" WTF HAHAHA

Did someone try to ask vali if he would stop ? kek

kek

upp

1

oele

2

I don't do this shit, because it can flood the conntrack

Davide

I reiceved more than 1.2 Tbps about a week ago

how lol

bony

how lol

UDP RAW

Maybe we can make him happy. Send weed and cake

1

1

cheater

1

from what source(s)

Avolicious

iptables -A INPUT -p udp -m u32 --u32 "38=0x67696533" -j serverinfo
iptables -A INPUT -p udp -m u32 --u32 "38=0x66737464" -j serverinfo

Don't do this thing on the servers, this enable conntrack and with a small TCP with high pps someone can fuck up your server

07:23

lol

07:23

Saturating the conntrack

conntrack is enabled by default lol

Yes but not used

07:24

If you use it, it is easy to saturate it and then the server goes down (edited)

it is, that's why you can flag your packets and ask conntrack to not track them

07:24

with -j NOTRACK

By default conntrack do not track it.

07:24

07:24

If you put that rules ' iptables -A INPUT -p udp -m u32 --u32 "38=0x67696533" -j serverinfo iptables -A INPUT -p udp -m u32 --u32 "38=0x66737464" -j serverinfo iptables -A serverinfo -m hashlimit --hashlimit-above 1000/s --hashlimit-burst 2500 --hashlimit-mode dstport --hashlimit-name si_dstport -j DROP iptables -A serverinfo -m hashlimit --hashlimit-above 20/s --hashlimit-burst 100 --hashlimit-mode srcip --hashlimit-name si_srcip -j DROP ' (edited)

07:25

Conntrack will be saturated very easy

07:25

And then your server go down because of conntrack

07:25

That's why isn't a nice idea

iptables -t raw -A PREROUTING -p udp -j NOTRACK
iptables -t raw -A OUTPUT -p udp -j NOTRACK
iptables -N serverinfo
iptables -A INPUT -p udp -m u32 --u32 "38=0x67696533" -j serverinfo
iptables -A INPUT -p udp -m u32 --u32 "38=0x66737464" -j serverinfo
iptables -A serverinfo -s 37.187.108.123 -j ACCEPT
iptables -A serverinfo -m hashlimit --hashlimit-above 1000/s --hashlimit-burst 2500 --hashlimit-mode dstport --hashlimit-name si_dstport -j DROP
iptables -A serverinfo -m hashlimit --hashlimit-above 20/s --hashlimit-burst 100 --hashlimit-mode srcip --hashlimit-name si_srcip -j DROP
iptables -I INPUT -s 185.82.223.0/24 -j DROP
iptables-save > /etc/iptables.up.rules

never had problems with conntrack, just increase the table

Better do it in a real firewall

07:25

Not just on iptables

Deleted User

never had problems with conntrack, just increase the table

If you do it, cpu is fucking loaded in that case

netfilter is old and lel go ask ovh to put a free firewall for us lmao

xD

Deleted User

netfilter is old and lel go ask ovh to put a free firewall for us lmao

I'm not OVH

never had problems with my case :p

So I can do it

07:26

xD

what kind of infrastructure do u have that can even handle tbps

07:26

massive link or what

We use cloudflare oele

oele

bony

what kind of infrastructure do u have that can even handle tbps

https://bgp.he.net/AS212508

But unfortunately not for gameserver

Avolicious

But unfortunately not for gameserver

You can use it too, but you need Magic Transit

07:27

(Spoiler: isn't free)

07:28

You can probably ask to Francisco#0068 if you need a Cloudflare protection (edited)

07:28

He sell servers with CF Magic Transit

07:28

But I don't think CF is really nice at UDP

07:28

lol

07:29

Dns is easy to protect

07:30

Better to put a server for testing purposes only

07:30

It's not for production, for now

07:30

production I said

07:30

he filter isn't ready

07:31

Not a problem

07:32

Yes I want

07:32

Hahahaha

07:32

Under attack, another time

07:32

Nah

07:32

It don't

I didn't listen @Deleted User , but I see your mic activating

GG @Davide, you just advanced to level 5 !

@Davide my micsux

07:41

with a mix of nvidia broadcast

07:41

always does that

07:41

dunno why

oh ok

07:45

@Avolicious btw, I'm doing that because I'm very tired that the kog servers go down while playing on it

07:45

lol

07:45

That's why I'm doing this for free

07:45

lol

07:46

I already asked to qshar

07:46

He said that "We use only official hosters" but I didn't know what it means

07:46

And he didn't replied (edited)

07:46

lol?

07:47

https://check-host.net/ip-info?host=45.141.57.5

IP and website location: Check host - online website monitoring

Get IP address location information: country, region/state, city: website monitoring with useful tools, Check IP, Check website

07:47

Please check

07:47

We are open since more that 4 years

@Avolicious RU still unavailable?

QzBoY

@Avolicious RU still unavailable?

y

(We're talking in the Talk1 room, I'm not mad, I'm just replying in chat because I can't talk right now) That message is for all the guys that read the chat but is not in the talk room (edited)

07:49

xD

cool

Plot twist : Davide = Vali He is spying us out for more effective ddos attacks troll

troll

I restarted the server

Tee-Shirt

Plot twist : Davide = Vali He is spying us out for more effective ddos attacks troll

troll

What lol

07:57

LOL

08:02

Btw this test is making sense now

Tee-Shirt

Plot twist : Davide = Vali He is spying us out for more effective ddos attacks troll

troll

That would made him the biggest troll over noby and konsti feelsscary

feelsscary

08:12

Most likely no meme before tonight boys it’s surfing day nou

nou

ahl

That would made him the biggest troll over noby and konsti feelsscary

feelsscary

I'm Davide55 ingame

Yea I’m kidding I know you play with a whis skin no color

ahl

Yea I’m kidding I know you play with a whis skin no color

Mmm I have a custom skin, but yeah you see the whis skin

08:17

Join in the Talk1, I'm streaming the game, so you can see it if you want

I’m currently at a COVID center and then I’ll go surf so not today

LOL, okay

08:18

xD

ahl

I’m currently at a COVID center and then I’ll go surf so not today

I've been tested today too xd

Avolicious

I've been tested today too xd

Didn’t do it for a while I hope my noise will survive feelsscary

feelsscary

ahl

Didn’t do it for a while I hope my noise will survive feelsscary

feelsscary

https://allesgurgelt.at/en/

08:23

Thats in austria ^^

I’m not in Austria anymore, I’m currently in portugal and I’ll go back to France then

08:27

Good memory tho

Bruh my noise died for real

ahl

Bruh my noise died for real

D; (edited)

Avolicious

iptables -t raw -A PREROUTING -p udp -j NOTRACK
iptables -t raw -A OUTPUT -p udp -j NOTRACK
iptables -N serverinfo
iptables -A INPUT -p udp -m u32 --u32 "38=0x67696533" -j serverinfo
iptables -A INPUT -p udp -m u32 --u32 "38=0x66737464" -j serverinfo
iptables -A serverinfo -s 37.187.108.123 -j ACCEPT
iptables -A serverinfo -m hashlimit --hashlimit-above 1000/s --hashlimit-burst 2500 --hashlimit-mode dstport --hashlimit-name si_dstport -j DROP
iptables -A serverinfo -m hashlimit --hashlimit-above 20/s --hashlimit-burst 100 --hashlimit-mode srcip --hashlimit-name si_srcip -j DROP
iptables -I INPUT -s 185.82.223.0/24 -j DROP
iptables-save > /etc/iptables.up.rules

I checked better and now I understand this rule, it is to limit a possible amplified attack that uses the tw server list masters

08:54

lol

No, its to limit request info from each server

08:59

Teeworlds Client -> Teeworlds Master & (https://info2.ddnet.tw/info, only if client is ddnet client) -> Client pings each server from recv. masterlist with SERVERBROWSE_GETINFO/SERVERBROWSE_GETINFO_64_LEGACY -> Server respond to client

08:59

& yes, SERVERBROWSE_GETINFO_64_LEGACY & SERVERBROWSE_GETINFO are amplifiers

Okok

09:08

Btw I don't care it, as I can see it is already blocked from my fw this type of attack

09:09

And also from Vox

But how do players get info from server if its blocked?

I'm working on it

09:10

Btw, it is not a problem, if there is no attack incoming the server can answer to the get info rq (edited)

Yeah

09:11

Bascially you can limit the reqs with an external firewall

Yes I know

Btw, just to ask, why the ddnet community/kog community have you ever thought of a sort of web "captcha"?

???

Like a whitelist that you can participate in by solving a captcha on the official site, without it you can't join on the servers

09:52

A whitelist can solve all the issues caused by the ddos

You need fallback support for official teeworlds itself

09:52

No it cant

Yes it can

Because packages are UDP

So?

09:52

What you means.

09:52

Lol

You can simply fake the src address

09:52

UDP is connless

Yes but it's fixable with ratelimit

09:52

lol

External firewall

Obv

09:52

By external fw

-> more money

I already have that such rules

09:53

On my fw

DDNet 15.5 will fix ip leakage, so it might be a bit better

Avolicious

You need fallback support for official teeworlds itself

Btw, no we can do it without the support of the official tw

You have to support official teeworlds

09:55

If there is a solution without fallback, its not worth it

Oh yes

09:59

It support official tw

09:59

But only if you solve a captcha

09:59

For example on the qshar official site

09:59

(That's an example)

10:04

Btw there is very more way to do a nice whitelist, like whitelist the IP after the get info

All IP addresses are currently being exposed to all tw servers

10:19

DDNet 15.5 fixes that issue in a nice & handy way imho

Avolicious

All IP addresses are currently being exposed to all tw servers

What you mean?

11:11

I don't understand xD

11:11

You mean that the server owner can see the players ips? It is normal (edited)

qshar knows where we all live feelspepoman

feelspepoman

Davide

You mean that the server owner can see the players ips? It is normal (edited)

No, player ips are currently being exposed because of server pings

11:23

DDNet 15.5 is facing that issue by using an HTTP(s) master

11:23

So you dont have to ping each server individually

OHHHHHHHH

11:23

Shit that's true.

Avolicious

DDNet 15.5 is facing that issue by using an HTTP(s) master

And the ping function?

11:24

Just .. gone?xD

No

11:24

I dont know if you checked the PR already, but there is a new function called sv_leak_ip

I didn't

Avolicious

I dont know if you checked the PR already, but there is a new function called sv_leak_ip

yes but

GG @Davide, you just advanced to level 6 !

if you don't use the 15.5 ddnet server

11:25

you can still steal the ips

11:25

no?

You cant

11:25

Because its disabled by default

11:25

AFAIK is that direct pings are only to trusted servers ( checkmarked )

ok

https://github.com/ddnet/ddnet/pull/3772/files#diff-b3a45ccb488177dbd8a7327f6f67322eaf69a6f178a57680d9c6172f0a436b08R1065-R1068

11:30

                bool IpLeak = ServerBrowser()->IsFavoritePingAllowed(pSelectedServer->m_NetAddr);
                if(DoButton_CheckBox(&s_LeakIpButton, Localize("Leak IP"), IpLeak, &ButtonLeakIp))
                {
                    ServerBrowser()->FavoriteAllowPing(pSelectedServer->m_NetAddr, !IpLeak);
                }

11:31

This will avoid ip leakage before accessing the server

11:31

atleast if you dont explicit say that you want a direct ping

.

Maze

.

Good point

8

9

nobytroll

2

2

Exported 329 message(s)