![XCord: Optimized, Anti-bot, Anti-Exploit (Spigot+Bungee[ALL]) Bungeecord fork (1.7-1.16+)](https://infiniteleaks.com/data/assets/ozzmodz_xfrmrid_icon/smul.jpg){kind=icon}
Description
XCord's main purpose is to halt exploits, and bots in their place. It'll block server-related exploits (Such as packet spam, NBT exploits (Books, fireworks, ect), payload exploits, ect. I've found zero bypassing exploits - and if there is a bypass it'll be quickly patched. And all of this without impacting the performance of your server. This means you can remove all those ExploitFixer plugin's on your spigot instances, and just rely soly on XCord's Exploit stopping ability to protect your network.
Features
Anti-Bot
Modern minecraft server's are plagued by increasingly more and more powerful botting programs designed to down the server in seconds. XCord however provides a powerful anti-bot solution programmed directly into the roots of Bungeecord with the ability to migrate these attacks without hindering the performance of your server.
Currently, it consists of multiple fixes and checks
Checks
More and more exploits are coming out and server owners are being forced to use heavy anti-exploit plugins on all their spigot instances. XCord luckily has it's own built in anti-exploit module designed for performance, and efficient exploit blocking! Currently, no clients have the ability to bypass XCord's powerful anti-crash exploit blocker.
Bungeecord Anti-Exploit
With the recent discovery of various vulnerabilities on Bungeecord, it's no longer optional to run a network without some level of exploit protection. XCord fixes all known Bungeecord vulnerabilities, and appended all offending addresses to a blacklist in order to rapidly migrate any attack.
Anti-VPN System
XCord comes with a built in anti-vpn/proxy solution to help cut down on hackers and or bots. Unlike most other anti-vpn solutions, this system will not bog down networking threads, and will not allow it's self to become saturated by instantly executing HTML queries to several API's. On top of that, it also contains a cache system to prevent using up all your API calls.
Configuration example
Code:
anti-vpn:
enabled: true
blocked-asn:
- 20001
blocked-country:
- CHN
whitelisted-ip-or-name:
- bob7l
- 143.231.1242.12
save-interval: 3600
purge-interval: 86400
purge-age: 2592000
blacklist-on-detection: false
only-blacklist-on-detection-during-attack: true
initial-connection-checkenabled: true
initial-connection-checkonly-during-bot-attack: true
initial-connection-checkcache-only: true
proxycheckerio-api:
enabled: true
arguments: '&risk=1&vpn=1&asn=1&tag={name}'
key: '34534627234534'
iphub-api:
enabled: true
key: '3463453453463453'
IPTable Blacklisting
The most efficient way to block malicious TCP connections is with the IPTable. XCord will utilize a program called IPSet to blacklist connections if your server is running on ROOT, and you've enabled it in the config "ipset-blacklisting: true".
XCord will otherwise use a low level (Low level in terms of netty) blacklisting system to quickly terminate malicious connections. Although when dealing with massive -Redacted- attacks, it's highly recommended to enable ipset blacklisting.
Packet Batching
If your Spigot supports it, XCord will use controlled flushing to attempt to send packets in batches instead of instantly flushing them. Spigot forks such as Tuinity and a few other forks floating around will function with this.
Helps increase network stability, and reduce CPU/memory usage. SIGNIFICANTLY thrives in high population areas with a lot of entities moving about.
Global Blacklist
XCord utilizes multiple scraper bots to constantly find new malicious proxies and add them to a global blacklist. If you're running your server on ROOT, and have IPTables, you can enable this option in the config. XCord will download the blacklist, and deny all the addresses listed in the blacklist using IPSet + IPTables on a configurable interval.
For those who have already bought XCord, this option comes HIGHLY recommended as some bots exceed 20k connections in under just a couple of seconds.
Commands
My Discord : wearelivingart#2323
XCord's main purpose is to halt exploits, and bots in their place. It'll block server-related exploits (Such as packet spam, NBT exploits (Books, fireworks, ect), payload exploits, ect. I've found zero bypassing exploits - and if there is a bypass it'll be quickly patched. And all of this without impacting the performance of your server. This means you can remove all those ExploitFixer plugin's on your spigot instances, and just rely soly on XCord's Exploit stopping ability to protect your network.
Features
- Various optimizations, highly optimized packet compression, reduced CPU load, native encryption. Guaranteed to decrease CPU usage
- Built in ping-spam protection
- Built in powerful anti-bot designed to withstand incredibly large attacks, while keeping the Bungeecord at a low CPU level
- Configurable compression strength (Native only)
- 1.7-1.16+ (Thanks to Travertine)
- Anti-bungee/TCP exploit system: Blocks many exploits that aren't even publicly known. Especially "BungeeSmasher"
- Anti-spigot/mc-server exploit system: This bungeecord comes with an optional module that blocks Jessica/Payload/Spigot-Cracker/NBT-bomb/spam exploits. There's no known bypass, and it's extremely lightweight.
- Blacklist system (With IPSet support)
- Non-interfering (No fake lobbies, captcha's, ect. Users wont know)
- Designed with performance, and false positives being the main objective.
- Filters login/ping/ect logs ONLY during bot attacks
- /xcordreload command for reloading the config without having to reboot the entire network
- Option to use a high performance Anti-VPN system (Requires API(s) IPHub.info or proxycheck.io)
- Around ~40+ configuration entries (xcord.yml)
- Packet batching system to increase network stability, and decrease native load
Anti-Bot
Modern minecraft server's are plagued by increasingly more and more powerful botting programs designed to down the server in seconds. XCord however provides a powerful anti-bot solution programmed directly into the roots of Bungeecord with the ability to migrate these attacks without hindering the performance of your server.
Currently, it consists of multiple fixes and checks
Checks
- Connection speed: Prevents bots from pinging, or connecting too rapidly
- Login speed: Prevents bots from logging in rapidly from multiple accounts
- Slow-Bot: Checks whether a connection is acting like a bot. Designed to catch slow bots, and Non-Minecraft clients.
- Chat-Check: Checks for /register or /login bots
- DNS-Check
- Linux-Check: Checks whether a connection potentially came from a Linux computer
- Random-name: At the moment, only detects whether they're using a certain pattern of randomized name. I plan on expanding on this module in the future
- Proxy check: Checks whether a client potentially came from a proxy during an attack using network logic instead of a database (Therefor, super fast)
- Verification check: Verifies whether the connection is coming from an actual minecraft client. Very powerful check with more to come in the future (If there's bypasses)
- Latency check: Block connections exceeding a configured limit. Very useful for blocking slower proxies, or exhaustion attacks
- Timeout check: Blacklists connections who are abusing the minecraft protocol by spamming handshakes without ever completing them. This is already fixed by XCord, but having this additional check allows some extra protection against certain bots.
- Name Pattern: Detects names that are similar. Highly configurable
More and more exploits are coming out and server owners are being forced to use heavy anti-exploit plugins on all their spigot instances. XCord luckily has it's own built in anti-exploit module designed for performance, and efficient exploit blocking! Currently, no clients have the ability to bypass XCord's powerful anti-crash exploit blocker.
Bungeecord Anti-Exploit
With the recent discovery of various vulnerabilities on Bungeecord, it's no longer optional to run a network without some level of exploit protection. XCord fixes all known Bungeecord vulnerabilities, and appended all offending addresses to a blacklist in order to rapidly migrate any attack.
Anti-VPN System
XCord comes with a built in anti-vpn/proxy solution to help cut down on hackers and or bots. Unlike most other anti-vpn solutions, this system will not bog down networking threads, and will not allow it's self to become saturated by instantly executing HTML queries to several API's. On top of that, it also contains a cache system to prevent using up all your API calls.
Configuration example
Code:
anti-vpn:
enabled: true
blocked-asn:
- 20001
blocked-country:
- CHN
whitelisted-ip-or-name:
- bob7l
- 143.231.1242.12
save-interval: 3600
purge-interval: 86400
purge-age: 2592000
blacklist-on-detection: false
only-blacklist-on-detection-during-attack: true
initial-connection-checkenabled: true
initial-connection-checkonly-during-bot-attack: true
initial-connection-checkcache-only: true
proxycheckerio-api:
enabled: true
arguments: '&risk=1&vpn=1&asn=1&tag={name}'
key: '34534627234534'
iphub-api:
enabled: true
key: '3463453453463453'
IPTable Blacklisting
The most efficient way to block malicious TCP connections is with the IPTable. XCord will utilize a program called IPSet to blacklist connections if your server is running on ROOT, and you've enabled it in the config "ipset-blacklisting: true".
XCord will otherwise use a low level (Low level in terms of netty) blacklisting system to quickly terminate malicious connections. Although when dealing with massive -Redacted- attacks, it's highly recommended to enable ipset blacklisting.
Packet Batching
If your Spigot supports it, XCord will use controlled flushing to attempt to send packets in batches instead of instantly flushing them. Spigot forks such as Tuinity and a few other forks floating around will function with this.
Helps increase network stability, and reduce CPU/memory usage. SIGNIFICANTLY thrives in high population areas with a lot of entities moving about.
Global Blacklist
XCord utilizes multiple scraper bots to constantly find new malicious proxies and add them to a global blacklist. If you're running your server on ROOT, and have IPTables, you can enable this option in the config. XCord will download the blacklist, and deny all the addresses listed in the blacklist using IPSet + IPTables on a configurable interval.
For those who have already bought XCord, this option comes HIGHLY recommended as some bots exceed 20k connections in under just a couple of seconds.
Commands
- /xcordreload: Reloads the configuration
- /clearblacklist: Resets the blacklist
- /timedelayedevents: Outprints the time plugins take to process events. Very useful for figuring out what's bogging down your initial logins and proxy
- /testmemory: Have XCord outprint details about your memory usage. It'll also print out garbage collection events. This is useful for figuring out lag caused by memory consumption/leak issues.
My Discord : wearelivingart#2323
