Block CMD and dos

Post here any topics that related to Enigma Protector, its functionality, your misunderstanding, offers to improvements etc etc etc
Post Reply
marxc88
Posts: 4
Joined: Tue Jan 17, 2012 4:22 pm

Block CMD and dos

Post by marxc88 » Tue Jan 17, 2012 4:25 pm

Hi i come here for ask if anewone, hava one plugin block cmd and dos fuction...

Becausa my game, when ist open, the player go cmd.exe and whiter this netstat -b and after appear all conections and ip off my dedicaded too..


Please help me with this....

Or any away to close cmd.exe because i put the process in protect zone, and if open cmd.exe the game close but the cmd not close....

Have aneaway to put for close the cmd.exe too...

Enigma
Site Admin
Posts: 2582
Joined: Wed Aug 20, 2008 2:24 pm

Re: Block CMD and dos

Post by Enigma » Thu Jan 19, 2012 7:26 am

You should somehow block to use "cmd" program or "netstat". There are much more programs that allows to see established connections on the PC, it is impossible to block each of them.

What is the problem with hiding of the connection address?

marxc88
Posts: 4
Joined: Tue Jan 17, 2012 4:22 pm

Re: Block CMD and dos

Post by marxc88 » Thu Jan 19, 2012 2:16 pm

sorry dont understund this (hiding of the connection address?)

I can hiding in enigma?

Enigma
Site Admin
Posts: 2582
Joined: Wed Aug 20, 2008 2:24 pm

Re: Block CMD and dos

Post by Enigma » Thu Jan 19, 2012 2:25 pm

No, I meant that "netstat" allows to view established connections. But you want to avoid using of "netstat".

Why do you want to avoid it?

Please describe your needs more detailed.

marxc88
Posts: 4
Joined: Tue Jan 17, 2012 4:22 pm

Re: Block CMD and dos

Post by marxc88 » Thu Jan 19, 2012 4:28 pm

sorry dont understund my english not good..

Soo i have one server of games, and i protect the ip off vps , in main, and in website, and i think ist impossible for players look the ip of vps..

But recently i look netstat and found when i have the client (game) open, just go in cmd.exe and put in netstat and my ip appear..

With that the hackers can attack my vps...

And i like hide ip or block cmd,
i put the cmd in process protect, but when i open the cmd, just close the game , and the cmd.exe continue open, with that the hacker hava time for text netstat in cmd and look the ip..


I hope you understund what i said...

Sorry again for my english

scorillo7
Posts: 90
Joined: Mon May 11, 2009 11:16 am

Re: Block CMD and dos

Post by scorillo7 » Thu Jan 19, 2012 8:55 pm

Man,you can not block view for you're ip.if this you're game will work with server that connection will always be there.
if you block netstat.exe they will find other tool.is a loser action for you.
Forget that approach.
REMEMBER this is just a Enigma user's opinion and is pure unofficial
Your freedom stops where another man freedom begin.

marxc88
Posts: 4
Joined: Tue Jan 17, 2012 4:22 pm

Re: Block CMD and dos

Post by marxc88 » Thu Jan 19, 2012 9:07 pm

ok that, but you can say any anti ddos for vps... but good?

I try kiwi guard, fort guard but nor resolve...

scorillo7
Posts: 90
Joined: Mon May 11, 2009 11:16 am

Re: Block CMD and dos

Post by scorillo7 » Thu Jan 19, 2012 9:40 pm

marxc88 wrote:ok that, but you can say any anti ddos for vps... but good?

I try kiwi guard, fort guard but nor resolve...
depends what type of atacks they do on you're server.you may try clean pipes service on verisign.
http://www.verisigninc.com/en_US/why-ve ... ndex.xhtml
Please read wikipedia about solutions on ddos.
This is off topic for Enigma Forum.
REMEMBER this is just a Enigma user's opinion and is pure unofficial
Your freedom stops where another man freedom begin.

snura
Posts: 15
Joined: Sat Sep 05, 2009 11:58 pm

Re: Block CMD and dos

Post by snura » Sun Jan 22, 2012 2:44 pm

It's not possible to protect your ip from your game client as it's the base fundamental on how tcp/ip works, if you can block default netstat, they can easily use wireshark, proxy, etc, even if you somehow can block on client's end point, they can easily check it out on router/switch level, there is no way around these, the only ideal solution is to get good ddos mitigation services, and it will cost you a LOT of money, last time i've heard it's around 10,000$ - 100,000$ per-month depends on how many the incoming traffic will be .

Most probable affordable solutions would be to announce an update in your community forums, null route the current attacked ip, add new ip to your vps game server setup( i think new ipv4 ip is cheap, 2 of them around 15$/months), edit your game client to reflect the new ip, executed the update, if the attacker using 3rd party ddos services mostly imho based on IP, and they paid per-day, once you change ip in every attack most probably they will just given up.

Post Reply