is this a bot?
Is this one of those port scanning bots?
39 Replies
That IP is from a datacenter, so.. yeah, potentially it is a bot
o wait, his name is cuute. 100% a bot
yes
What type of damages could this lead to?
Like say i didn't have a firewall up
0 damage
doesnt even matter if you have a firewall or not, it will not do anything to you
what do you think a firewall does anyways lol
Restricts in and outgoing (missing a word)
Asking since i don't know what these bots are capable of. Are they something to worry about or should I just ignore them?
ignore them
if you dont want to see the log messages, block the ips in your firewall
Alright. Appreciate it
@Had2FlushTwice (@ Me With Reply) its a bot. Many people code a scanning bot to find out what Ips are hosting a minecraft sevrer.
They typically do it out of curiosity or just a project. In some cases it can be malicious as they want to find servers to easily grief or troll on but if you take care of your security you're fine
As the other user said just firewall restrict the Ip's if its bothering you but as long as you're using online mode and got anti grief plugins like coreprotect and then you're fine
this cuute persons a menace to society
Bro same it's been bugging my console
@mat Ya hear that? you and ye mates are a menace to society
I have the exact same account spamming my logs every 5 minutes
Definitely blocking the ips
Could someone here please remind me of the command to block the IP?
I used
ufw deny <IP_ADDRESS> to ANY
Is that not the right command or am I missing something?Cuute has moved to an American datacenter now as well as being in a russian datacenter. FYI
I search on the web, and they say you use windows firewall to block. How do I do that on a hosting website
bots tryna join mine now too
In the thread that I had joined in on, it was stated that ping bots are typically harmless though can be used for malicious intent. You can protect yourself with whitelist or a server password plugin (like the one I use: https://www.spigotmc.org/resources/serverpass.103396/ ).
i think its aight now, blocked him in firewall
The IP address tends to change by the looks of it. Cuute visited my server under two different IPs before I installed Console Spam Fix to just hide the pings.
yeah same, came as cuute, and u_cuutemc
funky
I'm using the phrase "com.mojang.authlib.GameProfile" with the Console Spam Fix plugin, which seems to hide all the pings from console. The last time someone mentioned going this route, it got deleted though..
The risk of going this route is that any message someone says in chat with that phrase will also be not seen by console. Considering my server is a friends and friends of friends private server, the risk of that is actually very small.
Haven't seen u_cuutemc before
I think i have solved it on my ubuntu server now, did the same as you first and it didnt work.
the issue was the priority order, so if you do "ufw status numbered" you can see the priority of the different rules, and I had allow to port 25565 above the deny in rules to block these bots
to fix this you can do: "ufw instert 1 deny from (ip)"
then the deny rule will be above the allow rule and block their ip, hope this helps 😄
after you have inserted the new rules you can do "ufw status numbered" again and delete the old deny from rules that are below the allow in rules
@Had2FlushTwice (@ Me With Reply) ^
I'll try that thanks 😁
nice, just message me if you have any problems, i did it 20min ago and it seems to be working great, havent gotten any more spam in my console since
this same cuute bot keeps logging in my server
i have whitelist enabled so i didnt worry
but then suddenly they logged in as all the people i whitelisted
how did they get a copy of my whitelist?
Offline mode servers with security holes? Who woulda thunk
they keep a log of every user that has ever logged onto your server, and it just so happens that all the people who have ever joined are also whitelisted :shock:
also the fact that they are able to join means that your server is cracked which is cringe, and you should either switch to online mode or add a login plugin
and whitelist is completely pointless on cracked servers
me or anyone else with access to a server database could spend 15 seconds searching and easily find your server on
34.***.**.*** with the motd WELCOME and see that the account Jaja has op
i suggest you install AuthMe or similaryes i do have an auth plugin installed
Is there a fabric mod to block those spam in console
Modrinth
Sneaky Server - Minecraft Mod
Anonymise your server from scanners like Copenheimer and ServerSeeker. With options to disable logging spam logins and rate limit new connections.
do u know something similar for spigot/paper?
i don't, sorry
how do I set it up?
probably drag and drop into mods folder
the next time you start up your server, it should generate some config files that you can change
restart again to apply changes to config
Is there something similar for paper?
look up