Server Provider (DDoS Protection, Source exploits)

Hello Facepunch, this is going to be yet another cringy thread. I was very interested in knowing what you guys have experienced when it comes to hosting larger scaled servers? I was initially told that NFO is the big brother of server hosting and there’s no other host that can outmatch it - however, it seems that whenever a kid gets angry at my community for one reason or another, I’m doomed to weeks of constant source exploits coming in, putting my server down for hours at a time. I know these sort of attacks take little to no resources, so NFO not being willing to look for a better solution is pushing me to host with somebody else, after spending well over $5000 at their location. I’ve come by hosts such as GMChosting saying they can provide a greater coverage in terms of protection than NFO is able to. Does anybody have input on the situation?

Why do you keep making these threads?
You already have a ton that are based on the same thing.

buy a dedicated server, problem solved

No wonder your post count is at 1k

I’ve got a dedicated server which I pay $200 a month for?

$200?! What hardware do you have in that server?
I rent a dedi game server from OVH for less than $100 with great specs.

I wouldn’t directly host at OVH cus they’re slow as fuck(support & ordering), we had to do many different things like passport confirmation and such shit to prove its actually us, and after that, they at the end didnt even set up the server. Currently OVH on my side got no good rep, I use other VPS & Dedi providers, and I run my servers fine. I could reffer you to contabo or myvirtualserver, both great & fast support, and great servers.

More expensive != Better DDoS protection
For example, Voxility, Internap, Colocrossing…

I’ve been a member here since 2004, so what is your point about my post count?
$200 for a dedicated server, you are clearly getting ripped off and the fact you keep making all these posts asking for help on how to host etc I think you shouldn’t even be hosting.

Why is it when someone tries to intervene you, you always say they’re trying to higher their post count? We’re just stating facts!

When I had run into issues being DDoS’d, I had to realize you can’t just rely on your host all the time to keep you safely wrapped up in a cosy ball, because they can’t just simply stop every attack all the time, but you gotta make your own provisions as well. A good start for us was investing in some software (which means any attacks which doesn’t overflow the port/rack) we can block yourself if its getting past our 2 firewalls.

Its only for windows but here it is: http://www.beethink.com/

Took us a bit of time to perfect the settings but its saved us countless times so its defiantly worth it. There are also countless software like this out there for linux, for free.

Except if all hardware firewalls fail, and even Software firewalls.

But indeed, adding a few software firewalls is good – IF YOU SET THEM UP RIGHT, if not, it may block legit connections from the players, we currently got fail2ban to stop Layer7 attacks – because there are still some stupid skids that make each IP connect 10 times within a second, wich is easily detectable, and just to be safe we set the ban time to 120 seconds. Plus another software firewall wich we paid. And we’re good to go.

I’m currently hosting with NFO seeing as all the top servers happen to be using them - they do a decent job mitigating basic attacks, but anything past that just results in null-routes and closed connections.

And sorry buddy, but It’s just the fact that I spent awhile researching this topic, couldn’t find a sufficient answer, and you decided to call me out on posting my own thread, when it’s the first of its nature.

I stated he was trying to bump his post count up because rather than efficient answering my question, he told me I’ve posted threads in the past like this one, when I infact did not.

Hey buddy ! I appreciate your response, but looking through the link I did not see anything VSE related. Source exploits appear to be my #1 issue at the moment seeing as when using NFO, they shut off the server for up to half an hour at a time. I received 37 of these attacks yesterday.

Most “booters” now include VSE attacks, yet they are just general A2S_INFO attacks that are pretty easy to mitigate with caching. They don’t have any more sophisticated attacks (like join packets) so normally you can get away with something such as querycache.
Blastehh updated an older version in mono: https://github.com/blastehh/SourceQueryCacheMono

This worked for us for quite some time, but larger attacks 150Mbps+ would cause high CPU utilization. We now have a stupidly high cost hardware firewall above us that acts as a cache for clients, I believe GMC offer something similar.

OVH GameServer Dedi’s include a basic caching system also, but it’s pretty easy to bypass if you know what you are doing (They basically whitelist IP’s once validated).

I changed from NFO to GMC ( also in that process changed from gameserver to a dedicated box ) I’m a extremely satisfied customer over at GMC, they provide first class support you won’t find anywhere else.

Also it’s a good DDOS protection, not that I’ve had that problem recently.

GMC Provides dedicated servers? They only show me Gameservers, voiceservers & webservers. If they’d provide Dedis/VPS’ I would try them.

You have never made threads like this before asking these kind of questions huh?
Right…

http://forum.facepunch.com/showthread.php?t=1500119
http://forum.facepunch.com/showthread.php?t=1509468
http://forum.facepunch.com/showthread.php?t=1486228
How about the time where you thought you knew better than everyone else here?
Oh here it is, http://forum.facepunch.com/showthread.php?t=1509632

I could post more links but this should do for now.

If anyone is trying to get their “post” numbers up (who actually cares about post numbers anyway?) it is you by making these threads all the time.

Anyway, I used to use shared hosting with Elpis Host and I would suffer constant server lags and DDOS all the time.
I then went and got my own dedicated server at Limestone Networks, best move I have ever made.

They do, I have dedicated with them you can get both managed and unmanaged.

Hello Whitestar,

We do provide dedicated machines privately on request. It’s more of a personal thing that I don’t want to market to the public just yet (potential confusion / charge-backs).

I have personally seen multiple “stressers” which goes far more in depth than just A2S_GetInfo. Our solution is sort of like a caching system however it is stack-able and written completely from scratch to be able to handle high bandwidth attacks (at line rate) with minimal usage. Of course it also protects from much more than just the usual A2S_GetInfo attacks.

As for OVH’s game servers, I believe they just applied their own Arbor filters for their game server hosting. I personally don’t trust it and prefer my system.

Thanks.

Sincerely,

Ertug Erdogan

Most providers offer dedicated servers on request. Even BuyVM will provide dedicated servers if the price is right.

So funny story about LSN. I was a huge fanboy of theirs for a long time. During the Day-Z craze I had ordered well over 30 E3 nodes during the first two months. Then a bunch of my clients complained about ping and the server listing. Opened a ticket with LSN, 120+ replies and no fix in sight.

It was confusing because Incero had none of these issues (identical nodes/configurations) so I knew it wasn’t my configuration or something I was doing. Ended up opening a dialog with the developers at Bohemia Interactive and was told this problem appeared on some routers. It was a known bug and wasn’t going to be fixed.

Limestone Networks refused to work with me and lost my business as a result.

Using QueryCache by Blastehh I could only handle up to 150Mbps~ but with our new system I’ve seen attacks in the range of 500-600Mbps and not had an issue. I’ve seen some other query attacks and exploit attacks, but they just get blocked pretty easily as I see them.