Announcement

**Allar** · 02-20-2016, 01:26 PM

I too would very much like this resolved.

Hell, its even possible for UE4 clients to accidentally DDOS a game server if the game server crashes and restarts. Once the server comes back online, the clients send a whole lot of garbage data to the server but never time out because technically they are no longer timing out.

If you get the ip and port of a server for ...other... UE4 driven games server you are connected to with something like netstat, you can also interfere with them a bit.

**Zeb89** · 02-20-2016, 02:20 PM

Do they even know that one cannot publish a multiplayer game in these circumstances? There must be a solution, or we'll have to ditch our project.

**King Scott** · 02-21-2016, 02:26 AM

I heard of http://www.hyperfilter.com/ no clue how the customer service and the product itself is like.

**SaviorNT** · 02-21-2016, 02:44 AM

Usually the company that runs your game server will handle DDoS and other cybersecurity threats (quite possibly at an additional charge). If you're running your own server, then it's up to you to find a method (hardware based firewall) to negate these types of attacks.

**Stefan Lundmark** · 02-21-2016, 08:45 AM

Invalid packets in what sense? At the UE4 layer? In that case, no third party provider or firewall helps.

I imagine this will be fixed soon if it affects Unreal Tournament or any of Epic's products.

**Zeb89** · 02-21-2016, 09:25 AM

Yes, we're talking UE4 layer. The game server process cannot handle invalid packets. In fact no hosting company was able to help us.

This is a dead end for us. We're scrapping 3 years of work because of this.

The issues does indeed affect UT and Epic in general, but only theoretically. People don't tend to DDoS free games.
This is a whole different story if you plan to actually SELL a multiplayer game and don't have thousands of dollars to fund 100+ servers.

**Stefan Lundmark** · 02-21-2016, 11:55 AM

Why would a hosting company be able to help you fix UE4? I understand you're frustrated, but you need to focus on what's wrong and fix it or wait for Epic to fix it.

UE4 clearly catches the overflow so it shouldn't be a huge problem to find the culprit. You confusing this with a DDoS attack (and speculating on free games vs paid ones) doesn't help. Realize what it is and try to fix it. Or rest assured someone else will before you release your game; there are a lot of talented programmers in this community and someone will eventually fix it if Epic doesn't. I know I will if it's not fixed by the time I release anything to the public.

**richardboegli** · 02-21-2016, 12:48 PM

Originally posted by Zeb89 View Post

Please note that this issue also affects Unreal Tournament 4 servers, so it's a "blanket" issue. Anyone can keep a server down by sending bad packets. In spite of this, nobody seems to care. Even official Epic Games UT servers go down in a couple of seconds.

Zeb89, Have you got a thread / post reference on UT forums of this happening?

Thanks.

**Zeb89** · 02-21-2016, 03:04 PM

Allow me to elaborate:

Bad packets crash/block the server process. Both UT4 and our game server seem unable to handle/discard these bad packets. Anyone sending bad packets can thus crash/block a server.

If we publish our game in spite of these issue our servers will go down on day one and every single person who spent good money on the product would issue a refund request on Steam. This would inevitably boild down to disaster.

There seems to be no way of filtering bad packets from the "good" ones, or at least nobody has come up with a solution as of yet. Various hosting services cannot do anything since the issue is software related (correct me if I'm wrong).

Once a kid purchases a 3€ botnet, he can then proceed to attack port 7777 UDP with garbage packets and send any server he wishes to hell in a handbasket.
There is squat we can do about it as of now.

If you'd like to try this out for yourselves, just host an UT4 server and attempt a stress test with the cheapest of IP stressers.

Tests have shown us that even Epic Games UT4 hubs & servers go down with so much as a fart.

I am not a networking expert by any stretch of the imagination, but the situation certainly looks dreadful.

Originally posted by richardboegli View Post

Zeb89, Have you got a thread / post reference on UT forums of this happening?

Thanks.

We haven't reported this on the UT4 forums because it concerns the whole networking of the engine and not just UT4.

**richardboegli** · 02-22-2016, 01:19 AM

Originally posted by Zeb89 View Post

Allow me to elaborate:

Bad packets crash/block the server process. Both UT4 and our game server seem unable to handle/discard these bad packets. Anyone sending bad packets can thus crash/block a server.

If we publish our game in spite of these issue our servers will go down on day one and every single person who spent good money on the product would issue a refund request on Steam. This would inevitably boild down to disaster.

There seems to be no way of filtering bad packets from the "good" ones, or at least nobody has come up with a solution as of yet. Various hosting services cannot do anything since the issue is software related (correct me if I'm wrong).

Once a kid purchases a 3€ botnet, he can then proceed to attack port 7777 UDP with garbage packets and send any server he wishes to hell in a handbasket.
There is squat we can do about it as of now.

If you'd like to try this out for yourselves, just host an UT4 server and attempt a stress test with the cheapest of IP stressers.

Tests have shown us that even Epic Games UT4 hubs & servers go down with so much as a fart.

I am not a networking expert by any stretch of the imagination, but the situation certainly looks dreadful.

We haven't reported this on the UT4 forums because it concerns the whole networking of the engine and not just UT4.

Zeb89 thanks for the clarification.

Something that just came to mind is that I am wondering now if Street Fighter V is also suffering for the same issues? Being an extremely high profile game it wouldn't surprise me if people were DDOSing it for fun.

https://twitter.com/SFVServer/status/701561093596971009

**Burnz** · 02-22-2016, 03:46 AM

Why don't you go into that c++ function FbitReader::SetOverflow() call - at the point where to throws the LogMessage and add the IP if the incoming packet to the firewall...

e.g.
system("netsh advfirewall firewall add rule name=\"DDOS UE4\" dir=in interface=any action=block remoteip=<IP_Address>/32");

**Zeb89** · 02-22-2016, 08:55 AM

Originally posted by Burnz View Post

Why don't you go into that c++ function FbitReader::SetOverflow() call - at the point where to throws the LogMessage and add the IP if the incoming packet to the firewall...

e.g.
system("netsh advfirewall firewall add rule name=\"DDOS UE4\" dir=in interface=any action=block remoteip=<IP_Address>/32");

That would be as useful as an armelss drummer since botnets attack from hundreds of different IP addresses. We'd need something a little broader which is able to discard foul packets regardless of the IP.

Originally posted by richardboegli View Post

I am wondering now if Street Fighter V is also suffering for the same issues? Being an extremely high profile game it wouldn't surprise me if people were DDOSing it for fun.

https://twitter.com/SFVServer/status/701561093596971009

Wouldn't surprise me in the least. This needs to be addressed ASAP, for all developers concerned.
If your business plan is not to release dedicated servers to the public, people can keep your service down for as long as they please.

**Adam Davis** · 02-22-2016, 04:12 PM

Hi everyone,

Thank you for your posts. We are aware of the current situation and are investigating solutions to resolve this. If you have any callstacks or reproduction steps that we can follow to cause these crashes to occur, please post them here.

**Zeb89** · 02-22-2016, 04:58 PM

Originally posted by Adam Davis View Post

Hi everyone,

Thank you for your posts. We are aware of the current situation and are investigating solutions to resolve this. If you have any callstacks or reproduction steps that we can follow to cause these crashes to occur, please post them here.

Thank you for looking into this. In order to reproduce the issue you need to:

1) Host an unreal Tournament 4 dedicated server or any other UE4 game.
2) Perform a stress test using a botnet/ip stresser service.

The server will lock up/crash.

You probably need to check the headers of incoming packets. Just a guess.

Announcement

[URGENT] Game server DDoS

[URGENT] Game server DDoS

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment