|
|
| Author | Message |
|---|
$carface
Posts: 292
Join date: 2009-09-16
 |  Subject: Blacklisted IP's  Fri Jul 23, 2010 1:18 pm | |
| Just thought I'd post this here since some of you may be affected. I'm growing tired of the floods we are facing, constantly. Kind of reminds me of the work I had to do 2 years ago when we were pretty much facing the same scenario well in fact it was worse, we were flooded offline for a week once. Only problem is, back then I had the time to manage the server and stop these attacks when they started. Now, I have a job that takes up 95% of my day time so I'm just taking a pre-emptive strike so to speak. I've CDIR banned the following countries. Unfortunately some innocents maybe caught in this ban however, I do not forsee any people from the below countries playing on our servers. We have to my knowledge only one Japanese player lol | Code: | # Chinese (CN) IP addresses follow:
27.8.0.0/13
27.16.0.0/12
27.36.0.0/14
27.40.0.0/13
58.16.0.0/15
58.20.0.0/16
58.21.0.0/16
58.22.0.0/15
58.34.0.0/16
58.37.0.0/16
58.38.0.0/16
58.44.0.0/14
58.56.0.0/15
58.58.0.0/16
58.59.0.0/17
58.60.0.0/14
58.82.0.0/15
58.208.0.0/12
58.246.0.0/15
58.248.0.0/13
59.32.0.0/13
59.40.0.0/15
59.42.0.0/16
59.44.0.0/14
59.51.0.0/16
59.52.0.0/14
59.56.0.0/13
59.108.0.0/15
60.0.0.0/13
60.11.0.0/16
60.12.0.0/16
60.28.0.0/15
60.160.0.0/11
60.194.0.0/15
60.208.0.0/13
60.216.0.0/15
60.220.0.0/14
61.4.64.0/20
61.4.80.0/22
61.48.0.0/13
61.128.0.0/10
61.135.0.0/16
61.136.0.0/18
61.145.73.208/28
61.160.0.0/16
61.162.0.0/15
61.164.0.0/16
61.177.0.0/16
61.179.0.0/16
61.183.0.0/16
61.184.0.0/16
61.185.219.232/29
61.187.0.0/16
61.188.0.0/16
61.191.0.0/16
61.232.0.0/14
61.236.0.0/15
110.6.0.0/15
110.96.0.0/11
110.240.0.0/12
111.0.0.0/10
112.0.0.0/10
112.64.0.0/14
113.0.0.0/13
113.8.0.0/15
114.28.0.0/16
114.104.0.0/14
114.216.0.0/13
114.224.0.0/11
115.24.0.0/15
115.32.0.0/14
115.48.0.0/12
115.84.0.0/18
115.100.0.0/15
115.168.0.0/14
116.1.0.0/16
116.2.0.0/15
116.4.0.0/14
116.8.0.0/14
116.16.0.0/12
116.76.0.0/15
116.208.0.0/14
117.21.0.0/16
117.22.0.0/15
117.24.0.0/13
117.32.0.0/13
117.40.0.0/14
117.44.0.0/15
117.80.0.0/12
118.72.0.0/13
118.112.0.0/13
118.132.0.0/14
118.144.0.0/14
118.180.0.0/14
118.192.0.0/16
118.248.0.0/13
119.0.0.0/13
119.8.0.0/15
119.10.0.0/17
119.18.192.0/20
119.88.0.0/14
119.120.0.0/13
119.128.0.0/12
119.144.0.0/14
119.164.0.0/14
120.0.0.0/12
120.32.0.0/13
121.0.16.0/20
121.8.0.0/13
121.16.0.0/12
121.32.0.0/14
121.60.0.0/14
121.76.0.0/15
121.204.0.0/14
122.51.128.0/17
122.64.0.0/11
122.136.0.0/13
122.156.0.0/14
122.198.0.0/16
122.200.64.0/18
122.224.0.0/12
123.4.0.0/14
123.52.0.0/14
123.64.0.0/11
123.97.128.0/17
123.100.0.0/19
123.112.0.0/12
123.128.0.0/13
123.152.0.0/13
123.164.0.0/14
123.184.0.0/14
123.232.0.0/14
124.42.64.0/18
124.64.0.0/15
124.114.0.0/15
124.128.0.0/13
124.163.0.0/16
124.200.0.0/13
124.236.0.0/14
124.248.0.0/17
125.40.0.0/13
125.64.0.0/13
125.80.0.0/13
125.88.0.0/13
125.115.0.0/16
159.226.0.0/16
182.112.0.0/12
202.43.144.0/22
202.66.0.0/16
202.96.0.0/12
202.111.160.0/19
202.112.0.0/14
202.165.176.0/20
203.69.0.0/16
203.93.0.0/16
203.169.160.0/19
210.5.0.0/19
210.14.128.0/19
210.21.0.0/16
210.32.0.0/14
210.51.0.0/16
210.52.0.0/15
210.192.96.0/19
211.76.96.0/20
211.78.208.0/20
211.90.0.0/15
211.136.0.0/13
211.144.12.0/22
211.144.160.0/20
211.147.208.0/20
211.152.14.0/24
211.154.128.0/19
211.155.24.0/22
211.157.32.0/19
211.160.0.0/13
211.233.70.0/24
218.0.0.0/11
218.56.0.0/13
218.64.0.0/11
218.88.0.0/13
218.96.0.0/14
218.102.0.0/16
218.104.0.0/14
218.194.80.0/20
218.240.0.0/13
219.128.0.0/11
219.232.0.0/16
219.154.0.0/15
220.160.0.0/11
220.181.0.0/16
220.192.0.0/12
220.228.70.0/24
220.248.0.0/14
220.250.0.0/19
220.252.0.0/16
221.0.0.0/12
221.122.0.0/15
221.176.0.0/13
221.192.0.0/14
221.200.0.0/14
221.204.0.0/15
221.207.0.0/16
221.208.0.0/14
221.212.0.0/16
221.214.0.0/15
221.216.0.0/13
221.224.0.0/13
221.228.0.0/14
221.238.0.0/15
222.32.0.0/11
222.64.0.0/12
222.80.0.0/12
222.132.0.0/14
222.136.0.0/13
222.166.0.0/16
222.168.0.0/13
222.172.222.0/24
222.176.0.0/13
222.184.0.0/13
222.241.0.0/19
# Hong Kong (HK)
58.65.232.0/21
59.148.0.0/15
112.121.160.0/19
113.252.0.0/14
121.127.224.0/19
123.242.229.0/24
202.69.64.0/19
202.85.128.0/19
202.133.8.0/21
210.176.0.0/19
210.176.48.0/20
210.176.64.0/18
210.176.128.0/17
218.103.0.0/16
218.252.0.0/14
219.76.0.0/14
222.166.0.0/16
# India (IN) and Pakistan (PK)
59.88.0.0/13 59.96.0.0/14
59.164.0.0/16
59.176.0.0/13
59.184.0.0/15
61.247.238.0/24
112.110.40.0/21
115.108.0.0/14
115.240.0.0/12
116.72.0.0/14
117.192.0.0/10
193.53.87.0/24
121.240.0.0/13
122.160.0.0/16
122.164.0.0/15
122.167.0.0/16
122.170.0.0/17
122.174.0.0/16
202.63.160.0/19
202.154.224.0/24
203.115.80.0/20
203.197.0.0/16
218.248.0.0/20
# Indonesia (ID)
110.136.176.0/20
# Japan (JP) (hacking, scraping, or spamming)
58.188.0.0/14
59.146.0.0/15
61.112.0.0/12
118.0.0.0/12
118.86.0.0/15
118.106.0.0/16
122.200.192.0/18
122.208.0.0/12
123.216.0.0/13
126.0.0.0/8
150.70.84.41
210.248.0.0/13
211.19.0.0/16
218.216.0.0/13
218.224.0.0/13
219.94.128.0/17
219.96.0.0/11
221.121.160.0/20
222.144.0.0/13
# Korea (KR) IP addresses follow:
58.72.0.0/13
58.120.0.0/13
58.140.0.0/14
58.148.0.0/14
58.180.40.0/21
58.224.0.0/12
59.0.0.0/11
59.86.192.0/18
59.186.0.0/15
61.32.0.0/13
61.72.0.0/14
61.76.0.0/15
61.96.0.0/12
61.110.16.0/20
61.248.0.0/13
110.8.0.0/13
110.45.0.0/16
112.159.224.0/20
113.30.64.0/18
114.29.0.0/17
114.108.128.0/18
114.200.0.0/13
115.0.0.0/12
115.16.0.0/13
115.40.0.0/15
115.88.0.0/13
116.40.0.0/16
116.45.176.0/20
116.93.192.0/19
116.120.0.0/13
117.110.0.0/15
118.32.0.0/11
118.128.0.0/14
118.216.0.0/13
119.64.0.0/13
119.192.0.0/11
121.88.0.0/16
121.101.224.0/19
121.127.64.0/18
121.127.128.0/18
121.128.0.0/10
121.254.0.0/16
122.44.112.0/20
122.99.128.0/17
123.111.0.0/16
123.140.0.0/14
123.248.0.0/16
124.0.0.0/15
124.50.87.161
124.136.0.0/14
125.128.0.0/11
125.176.0.0/12
125.240.0.0/13
125.248.0.0/14
143.248.0.0/16
166.104.0.0/16
168.188.0.0/16
175.112.0.0/12
202.30.0.0/15
202.133.16.0/20
202.179.176.0/21
203.226.0.0/15
203.228.0.0/14
203.244.0.0/14
203.248.0.0/14
210.93.0.0/16
210.94.0.0/15
210.108.0.0/14
210.112.0.0/14
210.117.128.0/18
210.118.216.192/26
210.124.0.0/14
210.178.0.0/15
210.180.0.0/15
210.204.0.0/15
210.219.0.0/16
210.220.0.0/14
211.32.0.0/12
211.48.0.0/15
211.50.0.0/15
211.52.0.0/16
211.62.35.0/24
211.104.0.0/13
211.112.0.0/13
211.168.0.0/13
211.176.0.0/12
211.192.0.0/12
211.208.0.0/14
211.216.0.0/13
211.224.0.0/13
211.232.0.0/13
211.240.0.0/12
218.36.0.0/14
218.48.0.0/13
218.144.0.0/12
218.209.0.0/16
218.232.0.0/15
218.234.18.0/24
219.240.0.0/15
219.248.0.0/13
219.250.88.0/21
220.72.0.0/13
220.80.0.0/13
220.95.88.0/24
220.118.0.0/16
220.119.0.0/16
221.128.0.0/12
221.144.0.0/12
221.160.0.0/13
221.168.0.0/16
221.163.46.0/24
222.96.0.0/12
222.112.0.0/13
222.120.0.0/15
222.122.0.0/16
222.231.0.0/18
222.232.0.0/13
# Yahoo-Korea (provides free email services used by some spammers)
123.0.0.0/20
# Neighboring Asian countries:
# Malaysia (MY)
60.48.0.0/14
60.52.0.0/15
60.54.0.0/16
112.137.160.0/20
113.23.128.0/17
115.132.0.0/14
116.197.0.0/17
116.206.0.0/16
120.50.48.0/20
120.140.0.0/15
124.82.0.0/16
124.217.224.0/19
202.58.80.0/20
202.71.96.0/20
202.75.32.0/19
203.106.0.0/16
203.223.128.0/19
210.187.49.0/25
218.111.0.0/16
218.208.12.64/27
# Philippines (PH)
85.92.152.0/21
120.28.64.0/18
125.60.128.0/17
202.133.192.0/24
222.127.32.0/19
222.127.64.0/19
# Singapore (SG)
59.189.0.0/16
116.14.0.0/15
121.6.0.0/15
165.21.0.0/16
192.169.40.0/23
203.92.64.0/18
203.117.0.0/24
218.186.0.0/16
218.212.0.0/16
219.74.0.0/15
219.75.0.0/17
# Taiwan (TW)
59.124.0.0/14
60.249.0.0/16
60.250.0.0/15
61.31.0.0/16
61.67.128.0/17
61.228.0.0/14
110.50.128.0/18
114.24.0.0/14
114.32.0.0/12
115.80.0.0/14
115.85.144.0/20
118.160.0.0/13
122.116.0.0/15
122.120.0.0/13
123.240.0.0/15
140.109.0.0/16
140.110.0.0/15
140.112.0.0/12
140.128.0.0/13
140.136.0.0/15
140.138.0.0/16
203.64.0.0/14
203.71.0.0/16
203.72.0.0/16
210.59.0.0/17
211.21.0.0/16
211.23.0.0/16
211.75.0.0/16
211.76.160.0/20
211.79.32.0/20
218.160.0.0/12
219.84.0.0/15
220.128.0.0/12
# Thailand (TH)
58.8.0.0/16
58.9.0.0/16
58.137.13.0/24
61.19.64.0/18
61.47.0.0/17
113.53.0.0/17
115.87.128.0/17
117.47.0.0/16
118.172.0.0/14
124.120.0.0/16
124.121.0.0/16
124.122.0.0/16
202.28.0.0/15
202.44.135.0/24
202.133.128.0/18
202.143.128.0/18
203.107.142.0/24
203.113.0.0/17
203.130.149.0/24
203.144.128.0/17
203.148.128.0/17
203.149.0.0/18
203.150.128.0/17
203.151.38.0/24
203.155.0.0/16
203.158.96.0/19
203.158.128.0/17
203.172.128.0/17
203.185.128.0/19
210.213.0.0/18
222.123.0.0/16
# Vietnam (VN)
58.186.0.0/16
58.187.96.0/20
58.187.112.0/20
112.213.80.0/20
113.22.0.0/16
113.23.0.0/17
113.160.0.0/11
115.72.0.0/13
115.84.176.0/22
116.96.0.0/12
117.0.0.0/13
118.68.0.0/14
123.16.0.0/12
125.234.0.0/15
203.113.128.0/18
203.162.0.0/16
203.210.192.0/18
210.245.80.0/21
220.231.124.0/22
222.252.0.0/14
|
|
|
| | |
MHAD
Posts: 2585
Join date: 2008-06-09
Age: 17
Location: Volcano, Japan
Job/hobbies: Longboarding and the Beach.
Humor: Being so sarcastic, people can't even tell.
UT Player Information
Current Skin:  Necrotic
| | Subject: Re: Blacklisted IP's Fri Jul 23, 2010 4:06 pm | |
| Seems like you're getting boned by the Asians.  |
|
| | |
Sakura
Posts: 25
Join date: 2010-07-13
Age: 16
Location: Ohio
| | Subject: Re: Blacklisted IP's Fri Jul 23, 2010 4:36 pm | |
| why would chinese crash your server? You got no players from that country. And the only thing you got out of this is an IP which can be easily faked by a proxy. |
|
| | |
$carface
Posts: 292
Join date: 2009-09-16
| | Subject: Re: Blacklisted IP's Fri Jul 23, 2010 6:43 pm | |
| No idea who it is or why but the reason people do it from China is simple. The Chinese government don't give a shit about people hacking or flooding from their country lol the IP maybe is spoofed or faked but I've banned the countries from accessing the server.
Right now, there is a flood from the University of Albama,.... |
|
| | |
|BLS|Lidstrom
Hidden Godfather
Posts: 5671
Join date: 2008-04-10
Age: 24
Location: Area Sexy-1 Montreal Canada
Job/hobbies: OGC
Humor: No, too serious for that!
UT Player Information
Current Skin:  Matrix
| | Subject: Re: Blacklisted IP's Fri Jul 23, 2010 9:30 pm | |
| It's probably my grandpas flooding around... They don't have good bingo and lottery there so they're bored... --------------------♜♞♝♛♚♝♞♜-------------------- BLS|D!ck[FACE] (name is disallowed in Multiplay7) |
|
| | |
Sakura
Posts: 25
Join date: 2010-07-13
Age: 16
Location: Ohio
| | Subject: Re: Blacklisted IP's Fri Jul 23, 2010 9:35 pm | |
| | $carface wrote: | No idea who it is or why but the reason people do it from China is simple. The Chinese government don't give a shit about people hacking or flooding from their country lol the IP maybe is spoofed or faked but I've banned the countries from accessing the server.
Right now, there is a flood from the University of Albama,.... |
I doubt they care what China allows and doesn't allow lol. Just goes into their favor. |
|
| | |
BLS'Vegere
BLS Leader
Posts: 1484
Join date: 2008-04-26
Age: 24
Location: Ontario, Canada
Job/hobbies: Playing poker, writing poetry/stories.
Humor: I AM humour :D
UT Player Information
Current Skin:  Xan
| | Subject: Re: Blacklisted IP's Sat Jul 24, 2010 12:48 am | |
| yea I don't see anymore uk servers...
--------------------♜♞♝♛♚♝♞♜--------------------
Still Alive. I'll be back.
|
|
| | |
{Dark}Shadow
Posts: 1510
Join date: 2008-04-11
Location: Eternal Night
Job/hobbies: Tech and Art
Humor: Virtual Reality
UT Player Information
Current Skin:  Blake
| | Subject: Re: Blacklisted IP's Sat Jul 24, 2010 12:06 pm | |
| You should try configuring iptables or using this script:
http://deflate.medialayer.com/
In case they come back with proxies. |
|
| | |
$carface
Posts: 292
Join date: 2009-09-16
| | Subject: Re: Blacklisted IP's Sat Jul 24, 2010 4:02 pm | |
| I've had a look at that but I'm confused what the script will class as "large amount of connections" |
|
| | |
MHAD
Posts: 2585
Join date: 2008-06-09
Age: 17
Location: Volcano, Japan
Job/hobbies: Longboarding and the Beach.
Humor: Being so sarcastic, people can't even tell.
UT Player Information
Current Skin: Necrotic
| | Subject: Re: Blacklisted IP's Sat Jul 24, 2010 4:12 pm | |
| | $carface wrote: | | Right now, there is a flood from the University of Albama,.... |
 |
|
| | |
|BLS|Lidstrom
Hidden Godfather
Posts: 5671
Join date: 2008-04-10
Age: 24
Location: Area Sexy-1 Montreal Canada
Job/hobbies: OGC
Humor: No, too serious for that!
UT Player Information
Current Skin: Matrix
| | Subject: Re: Blacklisted IP's Sat Jul 24, 2010 6:10 pm | |
| Hey Sam, is it true someone told you he/she would flood your server?
That's pretty sad and lame... I see no pride in such lame thing... DDoS with proxies... Such an outdated method of attacking... --------------------♜♞♝♛♚♝♞♜-------------------- BLS|D!ck[FACE] (name is disallowed in Multiplay7) |
|
| | |
{Dark}Shadow
Posts: 1510
Join date: 2008-04-11
Location: Eternal Night
Job/hobbies: Tech and Art
Humor: Virtual Reality
UT Player Information
Current Skin: Blake
| | Subject: Re: Blacklisted IP's Sat Jul 24, 2010 7:46 pm | |
| | $carface wrote: | | I've had a look at that but I'm confused what the script will class as "large amount of connections" |
They have a forum if you want to ask: http://forums.deftechgroup.com/ |
|
| | |
$carface
Posts: 292
Join date: 2009-09-16
| | Subject: Re: Blacklisted IP's Sat Jul 24, 2010 10:28 pm | |
| | |BLS|Lidstrom wrote: | Hey Sam, is it true someone told you he/she would flood your server?
That's pretty sad and lame... I see no pride in such lame thing... DDoS with proxies... Such an outdated method of attacking... |
If you're talking about talia then, she is not worth typing about on this thread.
She claims to be such a leet hacker with botnets at her disposal and yet she can't figure out the true IP address of the server lol
Anyone with basic knowledge of networks, topologies and ip masking would be able to figure it out easily. I also doubt she'd want to mess with a 3gbps flood on her 56 dial up...I could render her connection useless for months if not years lol
I'm running packet sniffers now to find out exactly what these guys are trying to do. Looks like malformed udp packets atm from outside the game which are designed to crash servers which won't work because there is a standalone anti ddos running in game on servers.
I'd like to confirm that I have been giving these guys a taste of their own medicine from a 3gbps connection lol |
|
| | |
|BLS|Lidstrom
Hidden Godfather
Posts: 5671
Join date: 2008-04-10
Age: 24
Location: Area Sexy-1 Montreal Canada
Job/hobbies: OGC
Humor: No, too serious for that!
UT Player Information
Current Skin: Matrix
| | Subject: Re: Blacklisted IP's Sun Jul 25, 2010 1:28 am | |
| I also didn't believe in that story which was told by others... I just don't feel it to be true... Something's not right...  Unless she has a contact with other people or a community (say, 4chan lamers for instance HAHA). But that attack can't be coming from her and her poor connection... Plus, after you mentioned that she doesn't even know the server's true IP? That makes her sound even more like a good liar... She also claimed to be the one responsible to always crash Rob's server... Sounds like made up bullshit... And she can't be a "leet" hacker from doing lame things like that... That's not even a real "hack" in the first place... Anyhow, good luck spending another long fight without pulling all your hair off! --------------------♜♞♝♛♚♝♞♜-------------------- BLS|D!ck[FACE] (name is disallowed in Multiplay7) |
|
| | |
$carface
Posts: 292
Join date: 2009-09-16
| | Subject: Re: Blacklisted IP's Sun Jul 25, 2010 8:29 am | |
| Lol that's just it. I'm not spending much time on this at all. Last year we were running on windows and the software firewall freaked out at these floods. However I'm pretty impressed with iptables and linux overall and how it's been no problem for it to deal with it.
No one has been successful in crashing the servers yet. I'm pretty damn experienced after the trouble we had last year lol
Last edited by $carface on Sun Jul 25, 2010 4:23 pm; edited 1 time in total |
|
| | |
|
