Denial of service and blackmail attempts
Guys, take a cup of coffee and chill while reading this story.
We have been playing Age Of Chivalry for years and while many server operators moved away, we stayed up and running the whole time. We have a dedicated team of admin that kicks and bans players who don't respect basic rules such as attacking deliberately a team mate, being too offensive to others or just annoying little kids.
We maintain a list of permanently banned players only for those who are found cheating or were banned several times and are still complete ♥♥♥♥♥♥♥ which is what they were, no need to hide it and I will probably not offend anyone here). Those players are able to contact us through Steam if they wish and we also have a forum and an admin mailing list in case there was a mistake.
Now, this Russian player has been banned for rcon hacking attemps, he was enumerating our game server to get the admin interface and get full control of the server, probably to unban himself if he gets banned, and remove players who annoys him. He wanted to take over and we put him in the game ban list so that he won't be able to play for free on the server we have been maintaining for years.
The actual timeline is not very clear as at one point he was administrating one of our server with a clan member, he lost his admin privileges because he was abusing them, he changed the configuration to suit his taste (how much damage he could deal, etc) which was completely unacceptable from someone who was not even a clan member. This is when he started to attack us to try and guess the rcon password. To recover his lost admin powers he went a step too far and got definitely banned from our game server.
The rcon hacking attemps were dealt with ealily, it will take millions of PCs and much more lifetimes than we will see on this earth to guess the password at that rate.
Recently, he began to ask us to unban him and he said during a Steam chat session (we keep the logs) that he would crash our server if we didn't unban him. We didn't, of course, and now our server reboots every 5 minutes when this guy is awake (which is usually during the day in Europe, except on Friday when he seems to go to bed later...). Our server had a very good reputation of being a server where good players went out to play, we removed players who love to spoil the game and get friendly fire on to make it harder and more realistic. This feature needs admins around to keep in checks people who rage against their own team and keep attacking their teammates. Now, when our server starts to reboot, everybody stops playing, motivated players and beginners go to other servers to enjoy the game a little, but most just stop since we cannot stand playing on servers with a custom configuration (no friendly fire, blows deal more damage).
Today, we do not have a solution, our hosting company protects us against DDoS but not again targeted attacked towards a game server with crafted packets. We cannot monitor ourselves the server and block the offending IPs, etc.
Here are the steps we are currently taking:
1. Report to Steam via the button on his profile
2. Ask our hosting provider to block /24 blocks of Russian IPs (we find them in the logs, he changes often)
3. File a legal complaint for hacking attempts, denial of service and blackmail
Do you have any advice?
Last edited by eram
Jan 31, 2014 @ 12:47pm