AwakenedRage 11 Posted February 17, 2015 I have removed the information regarding the last post, due to me realizing that I didnt handle the situation properly and over reacted. If you didn't see the previous post on the attack yesterday then let me fill you in on what happened. Around yesterday afternoon at 3PM about 15 accounts joined in about 60 seconds with the same ip. We had this happen before and didn't think much of it and we just banned the IP address. But nothing happened when we banned the IP and the server was having trouble kicking them off the server due to a packet related issue. When we got on their server and asked them about it, they took credit for the spam attack and laughed. I admit that the attack was very well thought out and bypassed our regular safety measures. Upon looking in the logs farther we found that business IP's were used in the attack and they were not classified as VPN's. At first I thoughtt that perhap's they worked at these companies, but now I realize that they were probably trafficing through that network to mislead where they really are at. The IP's they had were very unique and started with a single digit, these IP's are typically used by dedicated servers, which made me think "Are they the ones who has been attacking us since December?" The normal script kiddy attacker would not use a dedicated IP address or an IP Associated with a business to hide behind, so its a possibility. All staff keep an eye on the IP's of players that join and if you find multiple users using the same IP question them for an explaination. Apologies, AR Share this post Link to post Share on other sites More sharing options...
