ElwynEternity Starmade server

[therimmer96]

afaik there is evidence out there that the attack came from Elewyn.

I find it considerably hard to believe that this server shutdown/management change happening at the exact same time the server was used to DDoS other StarMade servers is merely a coincidence.

We have been discussing this for awhile now, this is unrelated. Today is the first time we have heard of these attacks.
[DOUBLEPOST=1440035604,1440035490][/DOUBLEPOST]

afaik there is evidence out there that the attack came from Elewyn.

Also, that is like when the MF people say there is evidence out there that tomino is god and can walk on water.

 

[Planr]

Also, that is like when the MF people say there is evidence out there that tomino is god and can walk on water.

Members of SCHINE have confirmed to me that logs of the servers attacked show tags/forms of identification tracing the source of the attack back to Elewyn. If you want I can PM you proof of that.

 

[therimmer96]

Members of SCHINE have confirmed to me that logs of the servers attacked show tags/forms of identification tracing the source of the attack back to Elewyn. If you want I can PM you proof of that.

I've seen the logs, and they tell you there is proof. They don't show it you. And even andy says there is a possibility of it not being us.

 

[Planr]

Well whatever. You guys hire a private investigator if you need to. lol

 

[Winterhome]

being able to hijack all of Elewyn seems extremely unlikely to me and is definitely unprecedented.

Why?

It's literally one bit of remote access shenanigans. One guy with too much time on his hands, an idea of a login username, and a rainbow tables program could get in. Server administration generally requires access, at the very least, to game files - and usually that means access to the file system in general. Nothing to stop them from pulling up a command console and pinging the hell out of a server's IP address until it choked, if it were a very simple server.

That kind of thing is done constantly, and breaking into a single server with a single access point and a single IP address isn't exactly "unprecedented"

 

[Megacrafter127]

Even if there are 1337 MLG fazeclan hackers out there in the community, the prospect of such people being able to hijack all of Elewyn seems extremely unlikely to me and is definitely unprecedented.

You don't need to hijack a server to get a DOS attack from it(it is the easiest way once you have a door inside though). Another possibility is to simply slap the server's IP as the sender's address on the packets of the DOS, even though you yourself are sending them. Yes, it is harder to do, but if the server is well protected it is easier, as you have full access to the system that is actually doing the DOS.
I'm not stating that this is what happened, I'm just pointing out possibilities.

 

[mikesheen]

Another possibility is to simply slap the server's IP as the sender's address on the packets of the DOS, even though you yourself are sending them

I was under the impression most decent ISP's / hosting providers these days will drop packets out which have the sender IP spoofed - they kinda learnt it was in their best interests to drop such packets.

Anyway - if you're running a public facing game server you should be using a provider which has proper DDoS mitigation - BGP routing via BlackLotus, Prolexic, et cetera. A public facing game server WILL be DDoS'd at some point - and where I am in Australia if you are using a cheap, unprotected dedicated server (or even a VPS) - the provider will null route your IP at the first sign of a DDoS and then terminate your account (it's happened to me several times).

Who was the alleged target of the alleged DOS from the EE server?

 

[therimmer96]

Who was the alleged target of the alleged DOS from the EE server?

Apparently GenXNova and 2 others that don't want to be named. we still haven't heard anything from schine other than "we're looking into it"

 

[mikesheen]

Apparently GenXNova and 2 others that don't want to be named. we still haven't heard anything from schine other than "we're looking into it"

Thanks for that. However, I am a little puzzled - how does schine have anything to do with it, or have any special insight to a DoS or DDoS attack on a server? The only thing I can think of is the server-pinger service used by the in-game server browser is a component of the attack - other than that schine would surely have no involvement.

 

[therimmer96]

Thanks for that. However, I am a little puzzled - how does schine have anything to do with it, or have any special insight to a DoS or DDoS attack on a server? The only thing I can think of is the server-pinger service used by the in-game server browser is a component of the attack - other than that schine would surely have no involvement.

That's part of our problem with the issue. We have pointed this out, but they still haven't shown us the supposed evidence or told us why they even give a damn

 

[Beliskner504]

Alright, I'm sensing a lot of tears in this thread, so lets get this all sorted out.

First off, the ownership of ElwynEternity is changing hands. As Gravypod and the other admins, myself included, saw ourselves drifting from the game, with long periods of little interest in playing it, and we felt that this was detrimental to the health of the EE community. A much more active administrator and active member of the community, NuclearDoughnut, will be taking on the roll of server owner, after a server migration period. EE will return with newfound enthusiasm, backed with the knowledge and experience from old EE.

As for the length of this period, whether the world will be the old EE save, or a new start, and the status of those who had donated; these are all questions for NuclearDoughnut. Due to his highly community-oriented approach, I am completely confident, however, that he will be more than reasonable and fair when dealing with these issues.

It has to be mentioned, that the communication regarding this transition has been entirely substandard, and on behalf of the entire EE staff, past and present, I would like to apologise to those who have been affected by this transition.

Secondly, Planr, or anyone else who would hurl accusations at EE or its staff. If you believe that the EE server has been involved in anything at all, then please, come to our TS and see us. Crying on the forums and whining in PM's to players, and SMDock or Schine staff will get you nowhere, and only breeds a hateful, mistrustful community. Trust me when I say that we want to help you get to the bottom of anything as serious as this. In the past we have been attacked in various ways, and have relied on the community to assist in our own investigations, and they have always come through for us. If you believe our logs have more information, or that our past knowledge may be able to assist you, then please, come and talk to us. We would be more than willing to return the favour to the community which has helped us so much.

On a lighter note, I think I speak for the entire former EE staff when I say thank you to the game, staff and community for providing such an enjoyable experience and for fond memories. We're proud to have supported this, and hope others continue to do so, in whatever ways they see fit, so that the game grows, and more can experience it.
This is not goodbye from the EE team, merely us taking a step back. We will still be around, playing and contributing to a game which we enjoy.

Feel free to ask any further questions.

 

[Rellith]

Apparently GenXNova and 2 others that don't want to be named. we still haven't heard anything from schine other than "we're looking into it"

We at CraftAU have been taken down a number of times the past month leaving us to just drop off all together until we can get DDos mitigation in place.

 

[therimmer96]

We at CraftAU have been taken down a number of times the past month leaving us to just drop off all together until we can get DDos mitigation in place.

Are you one of the servers that reported us#?

 

[Rellith]

Are you one of the servers that reported us#?

No, but simply stating that more servers are being effected by all the attacks.

 

[Dragon2000]

well i for one used to love playing on elwin but once starfleet disappeared i left the server i hope that the new one is just as good as the old one i wish it good luck Qapla

secondly i hope that the damage can be mitigated from ship losses

 

[Dvaren]

How about bringing that server online long enough for the players to save their BPs local? I do not believe that would require much effort or oversight on the part of the administration.

 

[Planr]

Secondly, Planr, or anyone else who would hurl accusations at EE or its staff. If you believe that the EE server has been involved in anything at all, then please, come to our TS and see us. Crying on the forums and whining in PM's to players, and SMDock or Schine staff will get you nowhere, and only breeds a hateful, mistrustful community.

Lol, no one is crying or whining here. Where did you get that idea from? As for whether or not people are making accusations here, I do not know, but I can assure you that all I am doing and have done is speculate. Since you're trying to sound professional here, you should probably avoid such snide use of straw-man fallacies to belittle other people, just because they don't share the same optimism of the innocence of Elewyn's staff as you.

I want to find out who's behind these DDoS attacks as much as you, it's just I am trying to keep my options and suspicions as open and unbiased as possible. And considering what Rimmer just said below about the way Gravypod shut down the server (wiping everyone else's hard work from existence and not telling them until after the matter is a huge dick move), it's a further reminder to me that I cannot dismiss the possibility that someone within your own server staff was involved in these attacks somehow. And if they are involved, they have already - and are currently - lying to you about it, which is even worse. That's something worth considering when you talk about things breeding mistrust.

 

[therimmer96]

How about bringing that server online long enough for the players to save their BPs local? I do not believe that would require much effort or oversight on the part of the administration.

I'm going to get yelled at for this, even though it pisses me off and I fully agree, however;

this isn't possible. No backup was made. the server is no longer under our control, it was always a rental. its how we could upgrade and move so often, we never owned the hardware. Gravy terminated the service, taking the server data and all of our wips with it.

 

[Dvaren]

Gravy terminated the service, taking the server data and all of our wips with it.

What a stand up fella.

 

[max stripe]

I'm going to get yelled at for this, even though it pisses me off and I fully agree, however;

this isn't possible. No backup was made. the server is no longer under our control, it was always a rental. its how we could upgrade and move so often, we never owned the hardware. Gravy terminated the service, taking the server data and all of our wips with it.

i was under the impression gravy was running the server on his own rig out of his basement