Would that work with a SRO server? And how do I have to set it up? Like do I need to put the proxy's IP in cert config or wut?
Using a reverse proxy as DDoS protection?
07/01/2013 13:44
A new hope#1
07/01/2013 13:55
Nezekan#2
hyperfilter is a reverse proxy, and yes, it will obviously work.
However you'll need to spoof the IP that your modules send out (as the silkroad files use a sharded networking system)
You'll need to find out how to spoof them yourself though, or if you use hyperfilter just ask their modified modules
However you'll need to spoof the IP that your modules send out (as the silkroad files use a sharded networking system)
You'll need to find out how to spoof them yourself though, or if you use hyperfilter just ask their modified modules
07/01/2013 13:59
A new hope#3
I guess this tool should work to spoof the IPs in all modules: [Only registered and activated users can see links. Click Here To Register...] gezone.com/f722/certification-ip-addr-spoofer-generic-913944/Quote:
hyperfilter is a reverse proxy, and yes, it will obviously work.
However you'll need to spoof the IP that your modules send out (as the silkroad files use a sharded networking system)
You'll need to find out how to spoof them yourself though, or if you use hyperfilter just ask their modified modules
I found cheaper solutions than Hyperfilter, for example Javapipe: [Only registered and activated users can see links. Click Here To Register...]
100$/month for 10gbps/4m pps protection, 200gb clean bw
Hyperfilter offers 10gbps/2m pps 1tb bw for 300$
07/01/2013 14:03
Nezekan#4
javapipe has high ip ranges, so you'll need to see if it will actually work with your original IP (unless somebody has fixed that bug already)Quote:
I found cheaper solutions than Hyperfilter, for example Javapipe: [Only registered and activated users can see links. Click Here To Register...]
100$/month for 10gbps/4m pps protection, 200gb clean bw
Hyperfilter offers 10gbps/2m pps 1tb bw for 300$
Also, they use the voxility network in Romania, it's not the ideal location for an sro server (as it will have a relatively high latency for western european/north african players and the voxility network is not as good as they advertise).
07/01/2013 14:04
鳳凰城#5
You don't say?
Actually, This method won't work after someone gets your real IP beside, proxies are shits when they aren't paid. paid VPN should get the job done. 'read about the difference between vpn and proxies'
Actually, This method won't work after someone gets your real IP beside, proxies are shits when they aren't paid. paid VPN should get the job done. 'read about the difference between vpn and proxies'
07/01/2013 14:06
A new hope#6
I have a fix for that bug. Pretty lame, but it works. :DQuote:
07/01/2013 14:08
Nezekan#7
VPN and reverse proxies act completely the same in this case. A reverse proxy however is technically superior due to less overhead (as it is more close to raw networking, no need for the extra security overhead VPNs bring). Even if you use a vpn, if they get your main IP you're fucked either way, that's why you spoof the IP your modules send out and don't let a retard code your website.Quote:
Actually, This method won't work after someone gets your real IP beside, proxies are shits when they aren't paid. paid VPN should get the job done. 'read about the difference between vpn and proxies'
Also, he's talking about professional reverse proxies like hyperfilter, not some shitty socks proxy you use to enable facebook at work
Great, try if it works and tell me how you did it if it worksQuote:
07/01/2013 14:11
鳳凰城#8
I would create a registration panel in c# instead of php code. At least when its protected by any encryption, no one will be able to decrypt it unless he gets the mid point. (must be kral in ollydbg) <- Opps, released the new way. :pQuote:
07/01/2013 14:14
Nezekan#9
php is run server sided, there is no way for anybody to 'decrypt' it using the html code they get, nor will it send out the server IP if you don't tell it to do that
07/01/2013 14:16
鳳凰城#10
@Holy helper, no one was able to get the connection by this method. I may release it soon. so no one can really get the real ip OR use sql injection. but the site will be ONLY html/css .. no login/registration panel balblabla etc.Quote:
Edit: the mssql side of the program database was totally unsecured.
07/01/2013 23:21
Oriya9#11
What the heck are you talking about?Quote:
first of all, there's no such thing as "registration panel in C#", it's ASP.NET.
the language (and mostly the syntax as all .NET languages are alike) is C#.
if you speak Italian and you now teach science, you don't really teach Italian, right? these are two different things.
and decrypt what? an HTML source? OllyDbg? really man? really?
About your VPN post.
if you take into consideration that both the VPN and the DDoS Mitigation (proxy) have the same network liability,
and I'm talking about speed, uptime, location, latency and such - the proxy will always be better.
why? because every VPN has some sort of a security layer bound to the protocol.
even if you take out the PAP or even the IPsec, you will still have the "base security" of your VPN protocol, whether it's L2TP, PPTP or others.
obviously it is not needed and it will slow down the network as every packet will be encrypted and decrypted. also it's tons of extra headers.
where a DDoS Mitigation if done well will simply be tunneling the connections and that's it, no extra stuff. pure network tunneling.
I'm not sure if you simply have no idea what you're talking about or you're just trolling.
I hope it's the latter.
07/01/2013 23:34
MaximumDark#12
He says this because, there are companies offering tunneling over GRE or IPIP, it works, but slower than a proxy.
Also there are guys that think that using a proxy for linux or BSD (software proxy) will be the same as 'Hardware Proxying', it is a whole different matter, but still these wannabe companies will have to learn this :).
There are even the cases, when they use iptables rules, to perform some kind of NAT-Proxying, which ends the same as the other examples, full of overheads :D.
Also there are guys that think that using a proxy for linux or BSD (software proxy) will be the same as 'Hardware Proxying', it is a whole different matter, but still these wannabe companies will have to learn this :).
There are even the cases, when they use iptables rules, to perform some kind of NAT-Proxying, which ends the same as the other examples, full of overheads :D.
07/02/2013 02:25
鳳凰城#13
Have you finished yet? I did it. as I said, It worked. Unless you have 0 knowledge in this shit, don't even quote then. AAAAAND, you did not noticed that MSSQL part? Have you downloaded holy helper before I stopped the project? Have you played grindroad ? "They had this idea bec. they were running under an emulator"Quote:
first of all, there's no such thing as "registration panel in C#", it's ASP.NET.
the language (and mostly the syntax as all .NET languages are alike) is C#.
if you speak Italian and you now teach science, you don't really teach Italian, right? these are two different things.
and decrypt what? an HTML source? OllyDbg? really man? really?
About your VPN post.
if you take into consideration that both the VPN and the DDoS Mitigation (proxy) have the same network liability,
and I'm talking about speed, uptime, location, latency and such - the proxy will always be better.
why? because every VPN has some sort of a security layer bound to the protocol.
even if you take out the PAP or even the IPsec, you will still have the "base security" of your VPN protocol, whether it's L2TP, PPTP or others.
obviously it is not needed and it will slow down the network as every packet will be encrypted and decrypted. also it's tons of extra headers.
where a DDoS Mitigation if done well will simply be tunneling the connections and that's it, no extra stuff. pure network tunneling.
I'm not sure if you simply have no idea what you're talking about or you're just trolling.
I hope it's the latter.
Ignorance. Ignorance everywhere!
Edit: My method ONLY for hiding your real IP. So, no one will be able to DDoS you nor using SQLi . And @ Nezekan 's quote, HTML has nothing to do with this :facepalm:
07/02/2013 16:21
Nezekan#14
I think you are the one who doesn't know what you are talking about.Quote:
Ignorance. Ignorance everywhere!
Edit: My method ONLY for hiding your real IP. So, no one will be able to DDoS you nor using SQLi . And @ Nezekan 's quote, HTML has nothing to do with this :facepalm:
We're talking about reverse proxies, and you start about some kind of 'holy helper' (what the f*ck is that?), you think php is parsed client side and you have obviously no idea how the internet protocol works ;)
And then you call us ignorant, you are either the world's worst troll or the world's dumbest person, I hope it's the first :o
07/02/2013 16:24
鳳凰城#15
Was giving an example. What you don't understand, that if you were hiding your ip 100%, using a method that isn't SQLi-able or being hacked, you're totally safe then. <- for those who can't pay for decent coded-website.Quote:
We're talking about reverse proxies, and you start about some kind of 'holy helper' (what the f*ck is that?), you think php is parsed client side and you have obviously no idea how the internet protocol works ;)
And then you call us ignorant, you are either the world's worst troll or the world's dumbest person, I hope it's the first :o
Now I think you should understand the story.