Announcement

Collapse
No announcement yet.

[URGENT] Game server DDoS

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    [URGENT] Game server DDoS

    We are currently in an extremely frustrating situation: we've been developing a multiplayer FPS game using Unreal Engine 4 and plan to release it within the coming months, but a serious issue has prevented us from moving foreward.

    The problem is that the game server will ALWAYS crash when attacked by DDoS/invalid packets.
    We get stuff like this:


    This is caused by too many invalid packets being sent to the game server, causing the process to crash and has nothing to do with the actual machine staying online.

    Please note that this issue also affects Unreal Tournament 4 servers, so it's a "blanket" issue. Anyone can keep a server down by sending bad packets. In spite of this, nobody seems to care. Even official Epic Games UT servers go down in a couple of seconds.

    Packets would need to be specifically filtered on 7777 and 7778 UDP in order to block garbage. The problem is that hosting companies don't seem to offer such support and only cover major titles such as Counter Strike and Minecraft.

    Do you know of any hosting service which supports UDP packet filtering on request? What can we do?
    This is truly a horrible situation for us.
    CEO - AceGamer Network
    Our multiplayer FPS game: http://store.steampowered.com/app/436260/

    #2
    I too would very much like this resolved.

    Hell, its even possible for UE4 clients to accidentally DDOS a game server if the game server crashes and restarts. Once the server comes back online, the clients send a whole lot of garbage data to the server but never time out because technically they are no longer timing out.

    If you get the ip and port of a server for ...other... UE4 driven games server you are connected to with something like netstat, you can also interfere with them a bit.
    Last edited by Allar; 02-20-2016, 01:32 PM.

    Comment


      #3
      Do they even know that one cannot publish a multiplayer game in these circumstances? There must be a solution, or we'll have to ditch our project.
      CEO - AceGamer Network
      Our multiplayer FPS game: http://store.steampowered.com/app/436260/

      Comment


        #4
        I heard of http://www.hyperfilter.com/ no clue how the customer service and the product itself is like.

        Comment


          #5
          Usually the company that runs your game server will handle DDoS and other cybersecurity threats (quite possibly at an additional charge). If you're running your own server, then it's up to you to find a method (hardware based firewall) to negate these types of attacks.
          Last edited by SaviorNT; 02-21-2016, 02:47 AM.
          WIP: Science Project - A collection of middle school through advanced college level science theory and formula-based functions for use in your own projects
          World Machine to UE4 Export Macro
          WM Folder Generator - Creates a folder that you name with HeightMap, NormalMap, SplatMap, and Tile sub-folders

          Comment


            #6
            Invalid packets in what sense? At the UE4 layer? In that case, no third party provider or firewall helps.

            I imagine this will be fixed soon if it affects Unreal Tournament or any of Epic's products.

            Comment


              #7
              Yes, we're talking UE4 layer. The game server process cannot handle invalid packets. In fact no hosting company was able to help us.

              This is a dead end for us. We're scrapping 3 years of work because of this.

              The issues does indeed affect UT and Epic in general, but only theoretically. People don't tend to DDoS free games.
              This is a whole different story if you plan to actually SELL a multiplayer game and don't have thousands of dollars to fund 100+ servers.
              CEO - AceGamer Network
              Our multiplayer FPS game: http://store.steampowered.com/app/436260/

              Comment


                #8
                Why would a hosting company be able to help you fix UE4? I understand you're frustrated, but you need to focus on what's wrong and fix it or wait for Epic to fix it.

                UE4 clearly catches the overflow so it shouldn't be a huge problem to find the culprit. You confusing this with a DDoS attack (and speculating on free games vs paid ones) doesn't help. Realize what it is and try to fix it. Or rest assured someone else will before you release your game; there are a lot of talented programmers in this community and someone will eventually fix it if Epic doesn't. I know I will if it's not fixed by the time I release anything to the public.

                Comment


                  #9
                  Originally posted by Zeb89 View Post

                  Please note that this issue also affects Unreal Tournament 4 servers, so it's a "blanket" issue. Anyone can keep a server down by sending bad packets. In spite of this, nobody seems to care. Even official Epic Games UT servers go down in a couple of seconds.
                  Zeb89, Have you got a thread / post reference on UT forums of this happening?

                  Thanks.

                  Comment


                    #10
                    Allow me to elaborate:

                    Bad packets crash/block the server process. Both UT4 and our game server seem unable to handle/discard these bad packets. Anyone sending bad packets can thus crash/block a server.

                    If we publish our game in spite of these issue our servers will go down on day one and every single person who spent good money on the product would issue a refund request on Steam. This would inevitably boild down to disaster.

                    There seems to be no way of filtering bad packets from the "good" ones, or at least nobody has come up with a solution as of yet. Various hosting services cannot do anything since the issue is software related (correct me if I'm wrong).

                    Once a kid purchases a 3€ botnet, he can then proceed to attack port 7777 UDP with garbage packets and send any server he wishes to hell in a handbasket.
                    There is squat we can do about it as of now.

                    If you'd like to try this out for yourselves, just host an UT4 server and attempt a stress test with the cheapest of IP stressers.

                    Tests have shown us that even Epic Games UT4 hubs & servers go down with so much as a fart.

                    I am not a networking expert by any stretch of the imagination, but the situation certainly looks dreadful.

                    Originally posted by richardboegli View Post
                    Zeb89, Have you got a thread / post reference on UT forums of this happening?

                    Thanks.
                    We haven't reported this on the UT4 forums because it concerns the whole networking of the engine and not just UT4.
                    Last edited by Zeb89; 02-21-2016, 03:08 PM.
                    CEO - AceGamer Network
                    Our multiplayer FPS game: http://store.steampowered.com/app/436260/

                    Comment


                      #11
                      Originally posted by Zeb89 View Post
                      Allow me to elaborate:

                      Bad packets crash/block the server process. Both UT4 and our game server seem unable to handle/discard these bad packets. Anyone sending bad packets can thus crash/block a server.

                      If we publish our game in spite of these issue our servers will go down on day one and every single person who spent good money on the product would issue a refund request on Steam. This would inevitably boild down to disaster.

                      There seems to be no way of filtering bad packets from the "good" ones, or at least nobody has come up with a solution as of yet. Various hosting services cannot do anything since the issue is software related (correct me if I'm wrong).

                      Once a kid purchases a 3€ botnet, he can then proceed to attack port 7777 UDP with garbage packets and send any server he wishes to hell in a handbasket.
                      There is squat we can do about it as of now.

                      If you'd like to try this out for yourselves, just host an UT4 server and attempt a stress test with the cheapest of IP stressers.

                      Tests have shown us that even Epic Games UT4 hubs & servers go down with so much as a fart.

                      I am not a networking expert by any stretch of the imagination, but the situation certainly looks dreadful.


                      We haven't reported this on the UT4 forums because it concerns the whole networking of the engine and not just UT4.
                      Zeb89 thanks for the clarification.

                      Something that just came to mind is that I am wondering now if Street Fighter V is also suffering for the same issues? Being an extremely high profile game it wouldn't surprise me if people were DDOSing it for fun.

                      https://twitter.com/SFVServer/status/701561093596971009

                      Comment


                        #12
                        Why don't you go into that c++ function FbitReader::SetOverflow() call - at the point where to throws the LogMessage and add the IP if the incoming packet to the firewall...

                        e.g.
                        system("netsh advfirewall firewall add rule name=\"DDOS UE4\" dir=in interface=any action=block remoteip=<IP_Address>/32");

                        Comment


                          #13
                          Originally posted by Burnz View Post
                          Why don't you go into that c++ function FbitReader::SetOverflow() call - at the point where to throws the LogMessage and add the IP if the incoming packet to the firewall...

                          e.g.
                          system("netsh advfirewall firewall add rule name=\"DDOS UE4\" dir=in interface=any action=block remoteip=<IP_Address>/32");
                          That would be as useful as an armelss drummer since botnets attack from hundreds of different IP addresses. We'd need something a little broader which is able to discard foul packets regardless of the IP.

                          Originally posted by richardboegli View Post
                          I am wondering now if Street Fighter V is also suffering for the same issues? Being an extremely high profile game it wouldn't surprise me if people were DDOSing it for fun.

                          https://twitter.com/SFVServer/status/701561093596971009
                          Wouldn't surprise me in the least. This needs to be addressed ASAP, for all developers concerned.
                          If your business plan is not to release dedicated servers to the public, people can keep your service down for as long as they please.
                          Last edited by Zeb89; 02-22-2016, 08:58 AM.
                          CEO - AceGamer Network
                          Our multiplayer FPS game: http://store.steampowered.com/app/436260/

                          Comment


                            #14
                            Hi everyone,

                            Thank you for your posts. We are aware of the current situation and are investigating solutions to resolve this. If you have any callstacks or reproduction steps that we can follow to cause these crashes to occur, please post them here.
                            Last edited by Adam Davis; 02-22-2016, 04:18 PM.
                            Adam Davis | Marketplace Support | Epic Games
                            How to report a bug? | Installation & Setup issues? | Answerhub Bug Reports | Twitter

                            Comment


                              #15
                              Originally posted by Adam Davis View Post
                              Hi everyone,

                              Thank you for your posts. We are aware of the current situation and are investigating solutions to resolve this. If you have any callstacks or reproduction steps that we can follow to cause these crashes to occur, please post them here.
                              Thank you for looking into this. In order to reproduce the issue you need to:

                              1) Host an unreal Tournament 4 dedicated server or any other UE4 game.
                              2) Perform a stress test using a botnet/ip stresser service.

                              The server will lock up/crash.

                              You probably need to check the headers of incoming packets. Just a guess.
                              Last edited by Zeb89; 02-22-2016, 05:01 PM.
                              CEO - AceGamer Network
                              Our multiplayer FPS game: http://store.steampowered.com/app/436260/

                              Comment

                              Working...
                              X