Server under attack by Rise Gaming Staff

[DNice 10]

I would have posted this under Servers & Administration, but I lack the appropriate privileges to post there.

Today my server, a Takistan Life Server, has been the victim of constant attacks by RISE Gaming staff. 2 of its staff, [RISE] xxJimRogersxx and [RISE] Ignace, came into my TS, before the attacks happened, telling me to shut my server down, that I am not allowed to use a mission based on an obsolete build they used to use back in February, that has almost no relation to how their mission is today, not to mention the fact that 95% of the work on the mission was already done by the freely available Takistan Life Revolution mission on github.

Anyways, once I refused to take it down, explaining they are just hurting the community by trying to say something is theirs, when what they 'created' is also someone else's work, they began attacking my server with what seems to be restart scripts or remote execution, and have been consistently restarting it whenever enough people come on. I have contacted Battleye and provided them with the GUIDs and Player ID's of the accounts they are using to attack my server. I cannot IP ban them, as they are using proxies or have a dynamic IP. I also have the IPs of the 2 said staff members that were threatening me to take down my server. I would appreciate advice on what further action I can take. I don't understand why someone would want to hurt community development. The map I use has been severely modded from what it was, hence it has grown very quickly in a few days... and it doesn't even have stat saving like their server does, since I run it on a linux box.

[Mirek 166]

Anytime anyone does something wrong to you, that you cannot do anything about yourself, it doesnt hurt to call the police. The worst thing that can happen to you is that they wouldnt be able to help you.

[nettrucker 144]

If you are American don't call the police and if you should do it . . . it's on your own peril. For the rest I'm afraid I have no solution to offer to your problem.

Sorry.

[DNice 10]

Well, now I know the exact idiot that's doing the actually script executions to crash the server. His name is [RISE] Wumbo. I have his GUID as well. He accidently logged in to my server seconds before with that id, before switching to one of his 'script kiddie' accounts. Shouldn't battleye ban him if I provide this proof. I have screenshot of battlewarden log, the actual log files etc...

[Mirek 166]

Well, now I know the exact idiot that's doing the actually script executions to crash the server. His name is [RISE] Wumbo. I have his GUID as well. He accidently logged in to my server seconds before with that id, before switching to one of his 'script kiddie' accounts. Shouldn't battleye ban him if I provide this proof. I have screenshot of battlewarden log, the actual log files etc...

Why you dont ask battleeye?

[DNice 10]

I did, right when I created this thread. I'm still waiting for a reply from them.

[DNice 10]

An update on the issue, for people who in the future might get attacked by other server staff.

I had figured out the issue already a while ago, they were using a malicious squad.xml file to connect. Why Bohemia Interactive would not provide an internal function to reject or disable squad urls, is beyond me... Considering how fast the server would crash after connect, it was either a tiny picture file that was malicious, or more likely they were using some sort of code in the XML to dry up the memory and cause the server to crash. Just about every server I've been to on Arma 2 is susceptible to this attack... attacks possible range from bandwidth raping to desyncing clients to DoS as I saw against my server. Bohemia really needs to fix this... Someone could bandwidth rape with a TB file... I unfortunately tested this on my own server even, banned my own GUID, IP, you name it, and was STILL able to bandwidth rape, as Battleye doesn't initialize until the download is complete... Sadly, RISE have already secured their server from squad.xml files.

Anyways, for other server owners, you are going to want to disable all internet access on the user running the server, except for the essential game ports, like server port, client ports, battleeye port. I can't guide you how to do this on Windows, as my server runs on Linux.

Also, I catfished the idiot that was running the XML DoS attack on my server, I didn't institute the fix on my server until he crashed the server a few times with the same IP, Name, so I could get his GUID when he failed. Here is his GUID, other server owners and probably Battleye, may wanna ban this guy... GUID: 20fdbb23b4709a17562e33271ef669a4.

Log Proof (omitted lines in between to protect users on my server, other than the attacker) :

Edited June 14, 2014 by DNice

[DNice 10]

Just to add a final update and closure to this thread. Top level staff from [RISE] (Valgarr and Sirhc) who advised me they were not aware of the situation came to my server and respectfully discussed with me what changes they wanted from the mission to remove [RISE] content from it they felt was their intellectual property, and we agreed on terms so we could move forward from this past issue and hopefully work together in the future.

I wish to thank them for being mature and helping resolve this issue.

In regards to Battleye, they once more show their incompetency by not having the decency to even reply to one of my e-mails to them(other than the automated excuse for a reply, which says a reply can take a few days). 10 Days passed, not one reply.

Edited June 21, 2014 by DNice