*†ƦŦ* Fulgent Slut Jan 31 @ 11:39am
Denial of service and blackmail attempts
Guys, take a cup of coffee and chill while reading this story.

We have been playing Age Of Chivalry for years and while many server operators moved away, we stayed up and running the whole time. We have a dedicated team of admin that kicks and bans players who don't respect basic rules such as attacking deliberately a team mate, being too offensive to others or just annoying little kids.

We maintain a list of permanently banned players only for those who are found cheating or were banned several times and are still complete ♥♥♥♥♥♥♥ which is what they were, no need to hide it and I will probably not offend anyone here). Those players are able to contact us through Steam if they wish and we also have a forum and an admin mailing list in case there was a mistake.

Now, this Russian player has been banned for rcon hacking attemps, he was enumerating our game server to get the admin interface and get full control of the server, probably to unban himself if he gets banned, and remove players who annoys him. He wanted to take over and we put him in the game ban list so that he won't be able to play for free on the server we have been maintaining for years.

The actual timeline is not very clear as at one point he was administrating one of our server with a clan member, he lost his admin privileges because he was abusing them, he changed the configuration to suit his taste (how much damage he could deal, etc) which was completely unacceptable from someone who was not even a clan member. This is when he started to attack us to try and guess the rcon password. To recover his lost admin powers he went a step too far and got definitely banned from our game server.

The rcon hacking attemps were dealt with ealily, it will take millions of PCs and much more lifetimes than we will see on this earth to guess the password at that rate.

Recently, he began to ask us to unban him and he said during a Steam chat session (we keep the logs) that he would crash our server if we didn't unban him. We didn't, of course, and now our server reboots every 5 minutes when this guy is awake (which is usually during the day in Europe, except on Friday when he seems to go to bed later...). Our server had a very good reputation of being a server where good players went out to play, we removed players who love to spoil the game and get friendly fire on to make it harder and more realistic. This feature needs admins around to keep in checks people who rage against their own team and keep attacking their teammates. Now, when our server starts to reboot, everybody stops playing, motivated players and beginners go to other servers to enjoy the game a little, but most just stop since we cannot stand playing on servers with a custom configuration (no friendly fire, blows deal more damage).

Today, we do not have a solution, our hosting company protects us against DDoS but not again targeted attacked towards a game server with crafted packets. We cannot monitor ourselves the server and block the offending IPs, etc.

Here are the steps we are currently taking:

1. Report to Steam via the button on his profile
2. Ask our hosting provider to block /24 blocks of Russian IPs (we find them in the logs, he changes often)
3. File a legal complaint for hacking attempts, denial of service and blackmail

Do you have any advice?
Last edited by eram; Jan 31 @ 12:47pm
Showing 1-15 of 16 comments
< >
TastyToast Jan 31 @ 12:25pm 
man that sucks, fly to russia and beat the ♥♥♥♥ out of him is my suggestion.
Emperor Zombie Jan 31 @ 12:48pm 
I'm not sure if a Distributed Denial of Service (DDoS) attack is considered hacking. I'm not a network security expert but I'd pursue options one and two before taking the legal approach.
*†ƦŦ* Fulgent Slut Jan 31 @ 2:36pm 
@Emperor Zombie: It's not a DDoS, the game is old and it is actually pretty easy to crash a game server from a single connection. It's just sending a special IP packet and it restarts.

@TastyToast: I'm sure many of our players would agree with that, we might even be able to create a kickstarter campaign for it lol.

*TRF* Neo Jan 31 @ 3:30pm 
I'm in your opinion Toast, lets fly!
nuke pls Feb 1 @ 11:36am 
Can you link that guy's profile? We had one dude who crashed our servers(while he was on them too). We banned him, of course. Then he used multiple accounts asking us to unban "that guy". We refused. I have the suspicion of him doing all kinds of ♥♥♥♥ still from his diff. accounts, but we have no actual proof that he does it. If, by any chance, it's the same guy, we might join our forces to work out some kind of solution.
*†ƦŦ* Fulgent Slut Feb 1 @ 11:45am 
Here it is: http://steamcommunity.com/profiles/76561198005097906. We also have some of his IPs (rooted box or cloud rented servers we don't know). I think it should be enough to close down his profile, he have conversation logs, rcon hacking logs and Steam should be able to investigate with these. Then the cops might also be able to do something, fine him or ♥♥♥♥ him, I'm not sure what they do in Russia.
nuke pls Feb 1 @ 12:17pm 
Yep he's in our banlist by SteamID.
Then the cops might also be able to do something
Nah, I wouldn't count on those ♥♥♥♥ers or ruzke legislation.
Maybe subnet ban will do? That is, if he doesn't use proxies. While it's unlikely that somebody else plays AoC from there, somebody unrelated might get banned. No idea if HWID ban would work - too easy to bypass AFAIK. We still need to gather more info about his secondary accounts though. Maybe that's where Steam guys might help us?
Last edited by nuke pls; Feb 1 @ 12:19pm
*†ƦŦ* Fulgent Slut Feb 1 @ 12:54pm 
We are implementing a subnet ban, it's not that hard, we already blocked one of them and are constantly monitoring and banning the others. Socks proxies are rarer than HTTP proxies, I doubt he would find many of them, but he's in Russia so who knows. We have a few Russians and IIRC this ♥♥♥♥♥♥ is from Moscow Area, so we might actually block some of our players, but we don't have a better solution.

I am sure that Steam guys could help us, but I do not know how to reach those who would, we already reported his account but did not hear anything from them yet. Also, I am not sure what Steam can actually do? Block the account? Which means he won't be able to access the games he paid for? It's kind of a grey area.
nuke pls Feb 1 @ 1:22pm 
Also, I am not sure what Steam can actually do? Block the account?
Yes, and I think they might find some sort of connection between this exact one and many others.
Which means he won't be able to access the games he paid for? It's kind of a grey area.
I don't care. He gets what he deserves IMO, and it is unlikely he has much games/whatever on others(if any at all). Maybe we could get him VAC banned through Valve guys(sadly no idea how to contact them either aside from support tickets. There is no other way.
*†ƦŦ* Fulgent Slut Feb 1 @ 2:00pm 
Don't misunderstand me, I would totally love that he loses his steam account, I'd also like to break his computer and send him to Siberia to chill down a bit.
Good call on Valve, I'll see what I can do.

EDIT: Valve is more centered on cheating, since this guy didn't cheat it won't matter, besides they seem to just use the user reports for statistics and won't investigage/take action based on those.
Last edited by *†ƦŦ* Fulgent Slut; Feb 1 @ 2:01pm
Kaiser Feb 5 @ 4:16pm 
When I told our server hoster about this guy and the problem he brings, they said they will also support us and try to protect the server we rented. According to them, they already hunt down various ddosing guys. I will give them further information as soon as possible, but they want to get his IP adress on their own.
*†ƦŦ* Fulgent Slut Feb 6 @ 12:34pm 
Well, we could get some IP ranges banned (a few cities in Russia might be impacted). I am not sure our hosting provider is ready to hunt down these kind of guys, they instead implement DDoS protection at their level, but they can't hope to catch a motivated attacker and definitely stop him. The game has some critical bugs that makes it easy for anybody anywhere to crash/reboot a server and preventing everybody from playing.
Eye@you Mar 3 @ 8:41am 
Yep,
i think that same guy got me banned from hitgames servers a few yrs ago.
I remember his names, he was like speedhacking all the time, as i was trolling him, he took my name and started team killing every one for a week. I think the admin then found me in steam, didnt check the ID, and banned me :(
I cannot log anmore on Hitgames.

From what u explained this guy is breaking about a dozen rules of steam games users, therefore steam should do something about it.

keep us informed and GL mate !

Eye@you Mar 3 @ 8:46am 
btw ...

STEAM™ ONLINE CONDUCT

As a Steam subscriber you agree to abide by the following conduct rules.

You will not:

- Upload, or otherwise make available, files that contain images, photographs, software or other material protected by intellectual property laws, including, by way of example, and not as limitation, copyright or trademark laws (or by rights of privacy or publicity) unless you own or control the rights thereto or have received all necessary consents to do the same.

- Use any material or information, including images or photographs, via Steam in any manner that infringes any copyright, trademark, patent, trade secret, or other proprietary right of any party.

- Upload files that contain viruses, trojan horses, worms, or any other similar software or programs that may damage the operation of another's computer or property of another.

=> Institute attacks upon a Steam server or otherwise disrupt Steam.

- Use Steam in connection with surveys, contests, pyramid schemes, chain letters, junk email, spamming or any duplicative or unsolicited messages (commercial or otherwise).

=> Defame, abuse, harass, stalk, threaten or otherwise violate the legal rights (such as rights of privacy and publicity) of others.

=> Restrict or inhibit any other user from using and enjoying Steam services, software or other content.

- Harvest or otherwise collect information about others, including e-mail addresses.

=> Create a false identity for the purpose of misleading others.

=> Violate any applicable laws or regulations
Last edited by Eye@you; Mar 3 @ 8:51am
filipsime Mar 4 @ 12:28am 
that's because you are fulgent ♥♥♥♥
Last edited by filipsime; Mar 4 @ 12:30am
Showing 1-15 of 16 comments
< >
Per page: 15 30 50