I was watching some of the people from my server on Twitch or something and commented my server IP because it was a large group playing a lot of servers... Just like 10 viewers. Thought I'd invite them on. They said I was spamming and started raging, for some reason. They got on and said they were gonna DDoS which I believe they really can't do, however they later said on Twitch that they posted the IP on a hacking forum. I don't believe anything will happen, but I still don't really understand DDoS. Would it attack my server host's port? Am I or the players in any danger? It's a small public server, just me and a couple IRL/online friends. I'm currently backing up all my server files even though they host makes daily copies. Is there anything else I should do to prepare for the DDoS attack if it happens? I have the usernames of the players who threatened DDoS saved.
DDoS means that a large amount of clients sends data to the same destination. And if the destination can't handle it, you can't reach the destination from anywhere because it's trying to respond to all the data. An explanation in a simple perspective.
Most likely they are being haters and bluffing. If they aren't, this is how it works: They infect lots of computers with a little virus that they can control. This is part of the name, Distributed Denial of Service. The virus uses this network of computers that have been infected to send massive ping packets to the target IP. This overloads the server because it isn't capable of handling the massive amounts of data being shoved down its throat. DDoS protection can get complicated, but in its simplest form, it stops too much data from being crammed into the server. DoS, or simply Denial of Service, is from one computer only I believe, though I may be mistaken. I doubt they even know how to do this.
If they put something on the hacking forums who knows what there going to do. It can be ddos or drdos or something else. Your server can crash maybe with to much packages because it may or may not cause cpu or ram usage to increase. Depending on the router you have it has a little ddos protection and it may or may not take effect. And im a server a hoster to and people claim to ddos my server if i dont give them a server because i gave away atleast 200 minecraft servers for free and people are still asking for it. I spent over 4k on ddos protection equipment and better server equipment. To be honest, Your servers are fine. If they ddos you, it will only be your server, which means your server will not respond for people to connect to it. and sorry, my computer is hot, running slow, and i bukkit is lagging bad for me since im rendering a hight quality video at the moment. So sorry for my grammer or if anything does not make sence
ZanderMan9 DDoS can come from a "botnet," as you described, or a large group of people each donating their bandwidth to hit you off (think 4Chan raids, etc.). Most often it is a botnet or a "booter" (websites that offer DDoS services under the guise of "load testing your server") that people will use to flood your server. Some more powerful booters can offer flooding in excess of 10Gbps, enough to take down large server banks. With most DDoS attacks it is useful to think of the internet as a series of tubes or pipes, with the size of your pipe being your "bandwidth." Under normal conditions your piping flows normally and traffic can move in and out normally, when under a standard DDoS (i.e. non-specific, non-amplified) attack where the goal is to saturate your bandwidth with useless data. That being said, the amount of useless data one player can send is (without amplification [most of which only works on web servers]) limited by the size of their pipe, and it wouldn't be unreasonable to estimate your server's piping is 10-100x as large as normal household piping, and therefore (again, without amplification) incapable of plugging up your piping without 10-100 different households attacking at once. At each stage of the routing process there is a potential for a bottle-neck. The largest being the internet backbone that serves the area (>100Gbps almost never goes down), then to the ISP of your server host (again an unreasonablely large number), then to your actual server host (>1GBps, hard to flood), then to the limits the routers in-house apply to your server (varies depending on your plan). The last step is usually where you get bottlenecked. With more advanced tools that could target MineCraft specifically (or any application running on the server, e.g. Apache web server, FTP client, etc.) and this could cause your server to overload (slow response due to high CPU or RAM usage) or to crash the MineCraft server. However, I wouldn't be too concerned about it, I'm head admin on the largest GMod server in the world and I can tell you for a fact that most DDoS threats are lies or exaggeration.
