Jump to content

[SOLUTION] Dns and IP - MTA:SA 1.4.1


Recommended Posts

HELLO all administrators,

I come here, to bring a great idea and solution for the MTA:SA 1.4.1.

- Here is an example of an IP with a dns

( mtasa://NAMESERVER.mtasa.com:PORT ) and ( mtasa://NAMESERVER.mtasa.com.br:PORT )

I will mention a name of a server any (Multi Theft Auto) - this would be the in DNS short name.

( mtasa://mta.mtasa.com:PORT )

- good, this difficults attacks DDós against hosting of low-accommodation setting

therefore need to visualize the IP to able to make the attacks

Here in Brazil we are already doing certain protections, bad is clear that we are within the rules of the MTA

EXAMPLE IMAGE:

V4c04PS.png

Edited by Guest
Link to comment

it would be great if ip's were hidden

however players would still be able to see server ip's because in mta folder there's a file(i dont remember name) which is used to save servers in recent,favorites and internet tab

would be great if that file would be encrypted or something too

Link to comment
I think it's a good idea, however, i'm sure the server IP can still be discovered.

yes, my friend

- good, this difficults attacks DDós against hosting of low-accommodation setting

therefore need to visualize the IP to able to make the attacks

thanks by support

Link to comment

No point.

[b]ping nerdgaming.org[/b] 
  
Pinging nerdgaming.org [[b]192.99.212.222[/b]] with 32 bytes of data: 
Reply from [b]192.99.212.222[/b]: bytes=32 time=154ms TTL=48 
Reply from [b]192.99.212.222[/b]: bytes=32 time=272ms TTL=48 
Reply from [b]192.99.212.222[/b]: bytes=32 time=148ms TTL=48 
Reply from [b]192.99.212.222[/b]: bytes=32 time=179ms TTL=48 
  
Ping statistics for 192.99.212.222: 
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), 
Approximate round trip times in milli-seconds: 
    Minimum = 148ms, Maximum = 272ms, Average = 188ms 

And there are endless other options to find out the IP address any given domain points to.

Link to comment
No point.

[b]ping nerdgaming.org[/b] 
  
Pinging nerdgaming.org [[b]192.99.212.222[/b]] with 32 bytes of data: 
Reply from [b]192.99.212.222[/b]: bytes=32 time=154ms TTL=48 
Reply from [b]192.99.212.222[/b]: bytes=32 time=272ms TTL=48 
Reply from [b]192.99.212.222[/b]: bytes=32 time=148ms TTL=48 
Reply from [b]192.99.212.222[/b]: bytes=32 time=179ms TTL=48 
  
Ping statistics for 192.99.212.222: 
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), 
Approximate round trip times in milli-seconds: 
    Minimum = 148ms, Maximum = 272ms, Average = 188ms 

And there are endless other options to find out the IP address any given domain points to.

friend , there are people who have not this knowledge

Link to comment
  • Moderators
No point.

[b]ping nerdgaming.org[/b] 
  
Pinging nerdgaming.org [[b]192.99.212.222[/b]] with 32 bytes of data: 
Reply from [b]192.99.212.222[/b]: bytes=32 time=154ms TTL=48 
Reply from [b]192.99.212.222[/b]: bytes=32 time=272ms TTL=48 
Reply from [b]192.99.212.222[/b]: bytes=32 time=148ms TTL=48 
Reply from [b]192.99.212.222[/b]: bytes=32 time=179ms TTL=48 
  
Ping statistics for 192.99.212.222: 
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), 
Approximate round trip times in milli-seconds: 
    Minimum = 148ms, Maximum = 272ms, Average = 188ms 

And there are endless other options to find out the IP address any given domain points to.

Yes, is that what I was thinking. And even someone who doesn't know about it, he can easily learn it by searching on internet.

Link to comment
  • MTA Team

As has been stated, this offers 0 protection. DNS does not hide anything, it is just a way to translate a name to a number like a phonebook. You can even browse that phonebook.

see: http://jupiter.modpro.be/dns.png . Phonebook browsing on the left, tools let you even decide which phonebook (i used opendns here). An online tool for DNS checking on the right

The only way to take the load off a server would be to hide it behind another system like a proxy. But than the proxy would become the target of any potential vandal so you are just shifting the problem.

Even if you did not use DNS, but MTA added it's own alternative, in the end the client, your game, still has to connect to that server. You can than find the IP of that server by simple tools like netstat (available in every OS) or by more complex tools like wireshark.

Link to comment
As has been stated, this offers 0 protection. DNS does not hide anything, it is just a way to translate a name to a number like a phonebook. You can even browse that phonebook.

see: http://jupiter.modpro.be/dns.png . Phonebook browsing on the left, tools let you even decide which phonebook (i used opendns here). An online tool for DNS checking on the right

The only way to take the load off a server would be to hide it behind another system like a proxy. But than the proxy would become the target of any potential vandal so you are just shifting the problem.

Even if you did not use DNS, but MTA added it's own alternative, in the end the client, your game, still has to connect to that server. You can than find the IP of that server by simple tools like netstat (available in every OS) or by more complex tools like wireshark.

right I understand, more is possible to add this option in MTA:SA 1.4.1??

( mtaserver.conf )

xxx.xx.xx.x

and

Nameserver.mtasa.com

Reasons simple

can be used for players disclosing your servers, because once disclosed the dns

you do not need to communicate to all who changed the IP of your hosting

between several other advantages

Link to comment
  • MTA Team

DNS names already get resolved with the protocol handler. If they don't get resolved in the quick connect bar, file a bug report please. There is also no need or no advantage for us to set up an infrastructure to get a something.mtasa.com . It would even get confusing to players because they will beleive that if a server has an .mtasa.com domain that it is something official from us.

Link to comment
  • MTA Team

But what was a great idea? The fact that we take the hit when someone wants to attack a server (and spent thousands of euros/dollars/pounds/...) on it, money we do not have as well as increase latancy for anyone anyway because they would have to proxy trough our servers? Or the fact that you can use a name instea of an IP (something that is perfectly possible:

)?
Link to comment
  • 9 years later...
On 29/08/2014 at 20:08, Blokker_1999 said:

But what was a great idea? The fact that we take the hit when someone wants to attack a server (and spent thousands of euros/dollars/pounds/...) on it, money we do not have as well as increase latancy for anyone anyway because they would have to proxy trough our servers? Or the fact that you can use a name instea of an IP (something that is perfectly possible:

)?

Can this be done? 🤔
Using a CDN
For example, we connect the domain to CDN Cloudflare
 Then we write the IP address of the server
And then, for example, an option should be added in mtaserver.conf so that we can write the domain
example a CDN with SSL for site,
Only with the difference that if you can design this option in MTA.

With this method, the original IP will not get into people's hands at all, even with Cmd ping x.x.x.x
There will only be one way that the IP will be distributed by a high-ranking person

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...