DDOS russian players FAF
-
Добрый день,
Спасибо, что подробно и эмоционально описали ситуацию. Нам искренне жаль слышать, что вы и другие игроки сталкиваетесь с такими серьезными проблемами, которые полностью уничтожают возможность наслаждаться игрой. Понимаем ваше разочарование и гнев, и нам очень жаль, что сообщество, которое должно объединять людей, страдает от действий враждебно настроенных групп.
Мы хотели бы прояснить несколько ключевых моментов, чтобы вы понимали нашу позицию и возможности.
-
FAF — это сообщество энтузиастов. Как вы правильно заметили, FAF является проектом с открытым исходным кодом. Важно понимать, что все разработчики, модераторы и администраторы работают над ним абсолютно добровольно, в свое свободное время и не получают за это денежного вознаграждения. У нас нет выделенной команды безопасности или ресурсов крупной коммерческой компании.
-
Техническая сложность проблемы. Сетевая архитектура Supreme Commander и самого FAF является peer-to-peer (P2P). Это означает, что когда вы начинаете игру, компьютеры игроков соединяются напрямую друг с другом. Наши сервера отвечают за аутентификацию, подбор игроков (матчмейкинг) и лидерборды, но не за хостинг самих игр. Поэтому, если злоумышленникам известны IP-адреса игроков (а в P2P-сессии они раскрываются), они могут атаковать их напрямую, в обход наших серверов. Заблокировать такую атаку на уровне серверов FAF технически невозможно, так как трафик идет не через нас.
-
Мы не имеем отношения к конфликту между другими клиентами. FAF не поддерживает и осуждает любые действия, направленные на запугивание игроков и ограничение их выбора. Мы считаем, что игроки должны иметь возможность играть там, где им удобно. Утверждения о том, что мы можем ненавидеть русских игроков или мстить им, абсолютно не соответствуют действительности. FAF всегда было и остается глобальным и открытым сообществом для всех фанатов Supreme Commander, независимо от их национальности.
-
-
I understand all the difficulties.
But both of these groups managed to solve this DDOS problem at the client level.
They were able to solve this DDOS problem quite a long time ago.
At the level of their clients.
It turns out that it is possible.
And it is probably not that difficult if others have already done it.You just answered that you do not have a security team, and that it is not even planned.
So this is how it will end for us?
There will never be protection?
And it is not even in the plans?
Понимаю все сложности.
Но ведь у обоих этих групп, эту проблему с DDOS всё таки получилось решить на уровне клиентов.
Они смогли уже довольно давно решить эту проблему ДДОС.
На уровне своих клиентов.
Получается, что это возможно.
И, наверное, не так сложно, если другие уже сделали.Вы сейчас ответили, что у вас нет команды по безопасности, и что это даже не планируется.
Тогда для нас всё так и закончится ?
Защиты никогда не будет ?
И её нет даже в планах ? -
With smaller amount of players the other solutions could've utilized a peer-server-peer type of communication, with the scale of FAF this is not possible without huge expenses/other reworks, so a more demanding solution is required. It isn't always so black and white.
-
@Giebmasse I'm not a programmer. I suggest an idea. Can't we add secret fake IP addresses to the lobby? And use noise on these fake IP addresses? So that attackers can do DDoS on fake addresses? And immediately remove observers who track traffic on addresses in the game from the game?
-
I am a RU player and I confirm that in the last two weeks I have had connection problems, as Tayhig writes. I have not had such problems before.
-
Why should I suffer, just because of some freaks living in my country?
Yes, I am a patriot of my country, but not of these bad people. But this is too much. Now the game unites people.Sorry, but even suggesting that we are deliberately letting Russians down is pure disrespect and ignorance. First of all, why do you think that the problems only affect Russian players? And second: why do you think we wouldn't be looking for a solution?
We are constantly looking for solutions to ever-changing attack patterns. I spent hundreds of hours in the last 2 years on this topic. And that affects the entire FAF infrastructure. If we didn't constantly make changes, FAF would no longer be viable.
We are hearing more and more about individual players being attacked, and here too we do not differentiate based on nationality. But it is a very complex issue that cannot be easily resolved.
But both of these groups managed to solve this DDOS problem at the client level.
At least on of them doesn't even have to solve it, because they contain the community members responsible for it...
You just answered that you do not have a security team, and that it is not even planned.
So this is how it will end for us?
There will never be protection?
And it is not even in the plans?We have no paid experts and we will never have, as we do not have the money for it. So it - as always - depends on how far we can solve it ourselves with our limited knowledge. We have ideas, we have prototypes, but we are far from fixing the problem. And we do that in our free time, when we are not to tired from our jobs, our families and all the other responsibilties we have in our normal lives.
-
do you think that the FAF administration itself created problems with ddos, first of all, other clients similar to faf are created mainly for banned players who were banned by the FAF administration. And for the most part, I am sure that DDOS attacks are carried out by people who were also previously banned. And these people were banned for various reasons, even for some bad word addressed to another player. Don't you think that the FAF rules are too strict and the penalties are too heavy? Banning players for a month or more is an extremely severe punishment. You say that enthusiasts do faf in their free time, but in the end we see that there is always time to ban a player. And with each such ban, the number of ddos attacks increases. In my opinion, the problem is not so much that there is no time to protect the server from an attack, as there is a strong need to change the faf policy so that there are fewer people willing to ddos the faf.
-
Are you saying FAF's policy should be that if someone wants to be unbanned they should DDOS FAF?
Or alternatively that we should not ban people for 1m+ regardless of the offence or how many times they've committed it (so, for example, threatening to kill people, blatant nazi promotion, making use of exploits and cheats, crashing lobbies, harassing FAF contributors, nuking teammates, etc. - no matter how many times such things are done, we should turn a blind eye in case the person resorts to DDOSing FAF out of spite when banned)? -
@bugiman Nonsense. You can't make rules without being strict, this is how law works. If some deranged induvidual can't understand their actions and repeat them multiple times regardless of warnings they must be banned from community. You can't allow criminal to be among normal people, this is society.
-
for the negative actions of the players, the administration could put tags on the nicknames of the players and the players would decide for themselves whether they wanted to play with these people or not, rather than ban everyone in a row, while having one of the most vulnerable clients for DDOS. The policy that the FAF is currently pursuing can only be allowed by organizations that have enough resources to hire professional programmers who can create protection against various cyber attacks, as reality has shown, the FAF is practically unable to fight even small DDOS attacks, as a result, 70-80% of the time it is extremely difficult to play normally on the FAF.
-
This post is deleted! -
Your reasoning is wrong if you assume unbanning all players will stop DDoSes. Are you sure you've grown up already? Don't be naive like a child.
-
it seems to me that the children in the faf administration, who with their policies kill a project with good potential, who for so many years of regular ddos, because of which the server almost never works normally, cannot understand that the problem also exists in the administration itself
-
If you get banned more than few times, then it's genuinely skill issue on your part or you are utter person of lower intelligence that simply deserves the ban for all the shit you do.
Even Bennis managed to get unbanned. -
Faced with the same problem, it's all sad. as a result, it's still offline. perhaps the problem will be solved over time, or Sanctuary will be released and you will like it more. In general, the whole problem is because of a couple of idiots, in theory, according to the law, it is possible to attract them, but it is very difficult
-
@bugiman Players receive bans when they break our rules. If they do so often, they get longer bans. In some extreme cases, they get permanently banned. It's pretty much impossible to get permanently banned if you are a normal player just playing your games, and even then permanently banned players may appeal their ban. You may assume that any player who got a permanent ban and who did not get their appeal accepted was a genuine problem for our community, and it is to everyone's benefit that they were removed.
It may be that one or more of these players have decided to DDOS the FAF services because they are angry about their ban. There certainly have been forumposts asking us in the past to unban one or more accounts of players who were believed to be the cause of the DDOS. However, our answer then remains the same as it is now:This will never happen.
If we were to unban players because their DDOS was affecting our services, we would never be able to moderate anyone ever again, because any ban of a certain length would result in people trying to attack our services. This is the classic 'you do not negotiate with terrorists' cliche.
Rather than blame the FAF organisation for holding players to the rules they agreed to on signup, focus your attention on those people trying to kill an open-source community project because they've been told they're not welcome to it instead.
-
There was a FAF developer here who wrote about respect.
So here it is.
My respects.
Тут был разработчик ФАФ, который писал про уважение.
Так вот.
Моё почтение.
-
@Tyhig What has this got to do with anything?
-
@Tyhig said in DDOS russian players FAF:
There was a FAF developer here who wrote about respect.
So here it is.
My respects.
Тут был разработчик ФАФ, который писал про уважение.
Так вот.
Моё почтение.None of these people are involved with FAF development, so what they name their lobbies is completely irrelevant in the context of what FAF is or isn't doing to combat the ongoing DDOS.
As far as whether this is against the rules or not, here is the perspective of the moderation team:
We cannot force people to play with other people. These are custom lobbies and the hosts decide who they want to play with. Rules based on hate speech still apply, but asking certain people to not join is not hate speech.
"Death to all Russians" - Not allowed and will get you banned
"No RU" - Accepted and will not involve moderation team -
With such a policy, FAF is doomed. We have already seen this online for 2 months now, it has been falling, and there are fewer and fewer games. And all because the administration thinks that they are gods, but any student with the Internet breaks their client. Apparently, yes, the information will not reach you that only a strong administration team can afford to ban anyone, alas, the faf is not even close, as time has shown.
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login