LeaverBuster
LeaverBuster - Deal with LeaveSpammers
Version: 0.1
The forumpost is best kept up to date, furthermore, this page is outdated.
This will ban players who are leaving too many times within a set time period. This will deal with those who spam leaves, which seems to have become common practice these days, unfortunately.
This is especially useful for non-whitelisted servers.
Details
Useful pages:
Dependencies:
- None that I know of.
Features:
- Bans players when they have left too many times in a time period.
- Logs when players have been banned.
- Fully configurable.
- Lightweight.
Downloads:
Changelog:
Version 0.1
- Initial release.
If your server has been under attack by one of these scripters, please share your experiences.
Before you do, please do read the About LeaveScripters and the effectiveness of this plugin page.
@Rahazan
Oh, now I see. I thought the problem was a non-exploit, just joining/leaving repeatedly. I see now that they're exploiting a security vulnerability. Thanks!
I wish this could stop all clients They can still hack away on my server with this :< Cant you just completely remove that packet
This is currently not working, We had an attack and the only difference with this plugin was that it had /kick spam not /leave spam
I've posted a direct fix for the crash that results from leave spam.
http://forums.bukkit.org/threads/net-minecraft-server-packet254getinfo-spam-server-crash.51945/#post-882734
Hey there Rahazan, thanks for doing this, We've had this problem for a while now and I'm testing to see if this will fix it.
Just a quick question, I noticed that your plugin tracks players logging out over a period of time, and it reaches the limit they are banned. However, from what I have seen, the server spams "X has left the game" over and over without the player actually logging in. Would it not be easier to check if a player has sent the "leaving" packet to the server or dropped connection, and then not allow the player to leave again?
There would be no normal player who would leave the game and then leave again, for any reason, so adding protection against this may be the way to go, however I'm still looking into the fine details of this problem and figuring how it works, so I COULD be wrong.
Your input is greatly valued. Thanks!
@bigscary
Hey there, it´s not a bad idea, I must say. One thing must, unfortunately, be noted;
The griefers are long gone when they are spamming these leaves. The hacked clients, somehow, make use of an exploit that makes for recurring leaves. They do not continously log in / log out. The reason of the few seconds that it takes right now to ban a player, is because the server has to so many calculations because of all the leave-packets that it was not prepared to deal with, it takes a while before it can go through the code to detect the griefer and ban him, so it stops at last. As is stated in the forum thread OP, this time is dependant on the power of the server. From I'd say a second to 6 seconds on my home computer. A lot better than having your server crash and getting a logfile thats multiple GBs big..
Still, it's not perfect, unfortunately.
Hey, umm... instead of letting the damage be done and then banning the player, why not just implement a login cooldown? If you've logged in in the last 10 minutes, you can't log in again yet.
Now there's never any login spam, from any players. Not even momentarily. And nobody gets banned, so you don't have to answer whines and appeals and questions and all that.
@PhiberOptikx
Please look at the forum, the newest version tries to counter this.
http://forums.bukkit.org/threads/sec-fix-leaverbuster-v0-3-deal-with-leave-and-kick-spammers-1-0-1-r1.42138/page-2
Hi there, can this plugin help me in this specific situation?
http://pastebin.com/u8jRYuwT
A user joins then spam leaves a few hundred times.