Guild icon
Teeworlds
IRC / bridge
One-way IRC channel bridge. If you want to be able to send messages to IRC, contact @Dune or @heinrich5991. https://www.teeworlds.com/?page=docs&wiki=rules/irc_rules
Between 2023-06-23 00:00:00Z and 2023-06-24 00:00:00Z
Avatar
ChillerDragon BOT 2023-06-23 07:05:36Z
wot jxsl xd
Avatar
jxsl13 BOT 2023-06-23 07:07:25Z
remove the DreamBerd star D:
Avatar
ChillerDragon BOT 2023-06-23 07:22:42Z
hrhrhr
Avatar
jxsl13 BOT 2023-06-23 09:33:36Z
remove it!
Avatar
Assa 2023-06-23 09:45:49Z
Has anyone stats how bad the ddos situation is in teeworlds currently?
Avatar
heinrich5991 2023-06-23 09:46:09Z
ddnet servers are regularly DoSed
Avatar
jxsl13 2023-06-23 09:46:24Z
stats: bad
Avatar
Assa 2023-06-23 09:46:32Z
thx, means no server from me πŸ™‚
Avatar
Dune 2023-06-23 09:46:42Z
is this an attempt to fill concurrent non-ddnet servers?
Avatar
Assa 2023-06-23 09:47:44Z
I have a server at home, but if I expose it to teeworlds, a ddos attack would be a disaster
Avatar
Dune 2023-06-23 09:47:53Z
I don't mean for you
Avatar
Assa 2023-06-23 09:50:29Z
I can't follow you
Avatar
Dune 2023-06-23 09:50:38Z
I meant, the motivation behind the ddos
Avatar
Assa 2023-06-23 09:51:06Z
ahh!
Avatar
heinrich5991 2023-06-23 09:51:54Z
sometimes promoting non-ddnet servers, sometimes expressing anger about decisions e.g. bans, sometimes purely malicious
Avatar
Dune 2023-06-23 09:52:17Z
ok ty
Avatar
Assa 2023-06-23 09:52:42Z
how do you know the motiviation? Aren't the individual dos-ip sending DNS tables or something?
Avatar
heinrich5991 2023-06-23 09:53:02Z
because sometimes you can talk to the person behind the attack
Avatar
Assa 2023-06-23 09:54:16Z
Hope one day they forget to turn on their VPN
09:56
The only motivation I know of, was a server with a password, and since they can't enter, ddos Server Name was something like "Map testing server" where I was just mapping and you don't want to be as a regular player
09:58
DDNet doesn't do geoip filtering or does it? A player with a possible ping > 600 connecting from china shouldn't have much business on DDNet brazil
10:02
But thx for the feedback
Avatar
heinrich5991 2023-06-23 10:02:41Z
ddnet doesn't do geoip filtering
10:03
and it would be not nice if it did, why should a player from china not be able to chat with peopel from brazil
Avatar
Assa 2023-06-23 10:16:15Z
Because you are hosting gameservers and not chat-servers. But I fully understand your point. Technically they can still connect to a server in the middle, EU or US (idk). I am just tired of banning IPs from the same 3 countries, why should I let connections from countries through, which keeps attacking me and have no business on the server in the first place? I am not nice, i am angry about the world
Avatar
heinrich5991 2023-06-23 10:20:23Z
does banning these countries even help protect your server though?
10:20
if not, you're just making a nuisance for these people without any gain in return
Avatar
Assa 2023-06-23 10:23:32Z
If the banning would happen on a network level, it would certainly help against dos attacks. In my case I am banning people who try to ssh into it, which nobody except me should have business with
Avatar
heinrich5991 2023-06-23 10:24:18Z
the ssh thing is not useful btw
10:24
unless you like clean-looking logs
10:24
you want to disable password authentication and then you're good
10:24
banning IP addresses that try to authenticate does nothing
10:25
the banning IP addresses on the network level against DoS attacks only helps if the problem is that the game servers themselves are overwhelmed
10:25
unfortunately, sometimes it's the linux kernel or the network interface that gets overwhelmed
Avatar
Assa 2023-06-23 10:25:43Z
it protects you from bruteforce attempts, and password authentication isn't disabled, that's the point. Otherwise I'd need to have my private key on multiple machines
Avatar
heinrich5991 2023-06-23 10:26:03Z
you can add multiple private keys
10:26
you should never do password authentication
10:26
if you do want to have password authentication, choose a secure password
10:26
then you also don't have to worry about brute force attempts
10:26
if you choose a bad password, then banning might help somewhat. but why do you do that?
10:26
if you want to have clean logs, change the SSH port
Avatar
Assa 2023-06-23 10:32:40Z
I am happy with my setup now, ofc my password is secure, I don't care (too much) about the logs, I like (and need) the ability to login into my server from anywhere, because I travel a lot. I already logged into it from my parents home, switzerland, finnland, all on different machines. I already thought about changing the port tho. I use the same tool an other services as well, the ssh banning is just the main cause of banned IP adresses
Avatar
heinrich5991 2023-06-23 10:33:24Z
the ssh banning is just a false sense of security
10:33
(in fact, it was a security vulnerability on its own in the past, with some tool. ssh had no such vulnerability AFAIK) (edited)
Avatar
Assa 2023-06-23 10:34:51Z
huh, can you elaborate on this?
Avatar
heinrich5991 2023-06-23 10:36:12Z
https://research.securitum.com/fail2ban-remote-code-execution/
Avatar
Assa 2023-06-23 10:36:17Z
thx
Avatar
heinrich5991 2023-06-23 10:36:27Z
each piece of code that runs is a piece of code that's vulnerable
10:36
ssh has a good security story
10:36
some random other tool probably does not
10:37
hmm. that one needs a MITM for the server though
10:37
I thought it was worse, let me retry searching
Avatar
Assa 2023-06-23 10:38:16Z
I found much more, but they usually lead to arbitrary IP bans
Avatar
heinrich5991 2023-06-23 10:38:27Z
which is also bad because you could get locked out
Avatar
Assa 2023-06-23 10:42:18Z
Thanks, this is a valuable info ^^ In my view the tool only modified ip tables in order to block connections, but I guess there is more to it
Avatar
Assa 2023-06-23 10:50:12Z
You are right, the benefit is small, and it would be bad if it would be the only security measurement (which it isn't). But it keeps the simple stupid bots out, which is a plus side for me
Avatar
Avatar
heinrich5991
if you want to have clean logs, change the SSH port
ReiTW 2023-06-23 10:53:51Z
You can use a ssh tarpit on the default port then lol, it's funny to annoy chinese bots
10:55
https://github.com/skeeto/endlessh
Avatar
heinrich5991 2023-06-23 10:55:59Z
simple stupid bots are also kept out by changing the default port btw
Avatar
Avatar
ReiTW
https://github.com/skeeto/endlessh
heinrich5991 2023-06-23 10:56:32Z
that's also extra software you run πŸ˜‰
Avatar
ReiTW 2023-06-23 10:56:50Z
true, well I don't use it at all but it's cool that it exists
Avatar
heinrich5991 2023-06-23 10:56:55Z
ye
Avatar
ReiTW 2023-06-23 10:57:10Z
instead I deploy a ssh key per computer
Avatar
Assa 2023-06-23 10:58:06Z
you can run the tarpit in a docker container, if you have docker already running, then it's not even extra code
Avatar
heinrich5991 2023-06-23 10:59:25Z
docker isn't a security boundary
11:02
e.g. https://cloud.google.com/blog/products/gcp/exploring-container-security-an-overview
Exploring container security: An overview | Google Cloud Blog
Thumbnail
11:03
A container isn’t a strong security boundary
11:03
I suppose it says "strong"
11:03
so maybe it is a weak one πŸ™‚
Avatar
jxsl13 BOT 2023-06-23 11:04:16Z
sombody tell ChillerDragon to un-star the DreamBerd programming language.
Avatar
Assa 2023-06-23 11:04:23Z
I found this exact link already, at least it prevents direct access to shared resources, I guess it's still better than nothing
11:06
Use the const const const keyword to make a constant constant constant
Ah yes, the constant constant constant
11:09
Nice shitpost, but why?
Exported 73 message(s)