DDoS Protection - Oh noes!

Fasga · 06-21-2008, 01:49 AM

Not really (@ title). To be honest, nobody here has the resources to come up with a particularly dangerous DDoS force, and DoS attacks simply don't do anything. That is, for anything written with the slightest bit of intelligence. Apparently, modern RS2 private servers do not fit into that category. Therefore, you only need very simply (and minimal) protection. The code:

RecentConnectionManager.java

Code:

import java.net.InetAddress;
import java.util.Calendar;
import java.util.GregorianCalendar;
import java.util.LinkedList;
import java.util.List;

public class RecentConnectionManager {
	public static final int SECONDS_UNTIL_RECONNECT = 5;
	
	private static List<RecentConnection> connections = new LinkedList<RecentConnection>();
	
	public static boolean isValidConnection(InetAddress source) {
		RecentConnection connection = getOrCreateConnection(source);
		boolean ret = getSecondsFromLastConnection(connection) >= SECONDS_UNTIL_RECONNECT;
		connection.setTime(new GregorianCalendar());
		return ret;
	}
	
	private static RecentConnection getOrCreateConnection(InetAddress source) {
		for(RecentConnection connection : connections) {
			if(connection.getSource().equals(source)) {
				return connection;
			}
		}
		RecentConnection connection = new RecentConnection(source);
		connections.add(connection);
		return connection;
	}
	
	private static int getSecondsFromLastConnection(RecentConnection connection) {
		return Calendar.getInstance().get(Calendar.SECOND) - connection.getTime().get(Calendar.SECOND);
	}
}

RecentConnection.java

Code:

import java.net.InetAddress;
import java.util.Calendar;
import java.util.GregorianCalendar;

public class RecentConnection {
	private InetAddress source = null;
	private Calendar time = null;
	
	protected RecentConnection(InetAddress _source) {
		this(_source, null);
	}
	
	protected RecentConnection(InetAddress _source, Calendar _time) {
		if(_time == null) {
			time = new GregorianCalendar();
			time.set(Calendar.SECOND, time.get(Calendar.SECOND) - RecentConnectionManager.SECONDS_UNTIL_RECONNECT);
		}
		source = _source;
	}

	protected InetAddress getSource() {
		return source;
	}
	
	protected void setTime(Calendar _time) {
		time = _time;
	}
	
	protected Calendar getTime() {
		return time;
	}
}

Unfortunately, it became slightly more complex than I was hoping to keep it, but it works fine and is still quite simple. You should be able to easily interpret what it does by glancing at the code, so I won't need to explain the details. All that you need to do to integrate it with your server is:

1. Grab the InetAddress instance from a connecting client (Socket.getInetAddress())
2. Call RecentConnectionManager.isValidConnection(inetAddr ess), which will return true or false depending on the validity of the connection
3. Block all connections that return false, and continue if true

Tnt Pk · 06-21-2008, 02:06 AM

good i guess =)

**BraydenF** · 06-21-2008, 02:51 AM

riiiiiiiiiiiiiiiiiight........

No...no, I totally follow you.

(In 10 years maybe i'll understand this)

**Link** · 06-21-2008, 02:53 AM

Hah nice. Better than any other protection that just blocks names

**blakeman8192** · 06-21-2008, 06:02 AM

Not bad, but it could be much more simple.

Fasga · 06-21-2008, 06:39 AM

Originally Posted by Stormrider

Not bad, but it could be much more simple.

Sure, but the simple way isn't always the best way.

**samy** · 06-21-2008, 06:56 AM

Great job. Thanks!

**~~Meet Willy~~** · 06-21-2008, 09:33 AM

Well i came tro with my ddos program =)

**cube** · 06-21-2008, 10:36 AM

Nice job, Fasga

**~~durpidahurp~~** · 06-21-2008, 04:31 PM

Lol at Ikin; 99.999% of the attacking programs on here could do nothing other then crash a server or maybe slightly lag an smf forum.

Thread: DDoS Protection - Oh noes!

Thread Tools

Users Browsing this Thread

User Tag List