Help! Unable to use DLS on TRS22PE from Steam

[matthewshill]

In search of help! I purchased Trainz 22 Premium Edition from Steam last night, and am unable to download anything from the Download Station. It says "Connection interrupted." I am able to install DLC items. I have also validated my MyTrainz account. Any suggestions?

 

[sultan1966]

This happens to me because my ISP (Internet Service Provider) blocks so I crank up my VPN and go around them. Cellphone hotspot or other internet connection might work as well. If you have a firewall it may be blocking too.

 

[matthewshill]

Thank you! That appears to be the issue. Appreciate your help.

 

[Just_A_Train]

This happens to me because my ISP (Internet Service Provider) blocks so I crank up my VPN and go around them. Cellphone hotspot or other internet connection might work as well. If you have a firewall it may be blocking too.

So I get a vpn to download things?

 

[sultan1966]

1st 2 things I would do is if yter operating system (Windows/Mac) or Router.. check it to allow downloads on at least Port 21/FTP. If all is good there or it doesn’t apply.. contact your ISP (Internet Service Provider) and make sure they are not blocking FTP/Port 21. They may be and may refuse to uner fire them and go with someone else. If you have all phone with a hotspot I would try it, especially if if it’s from another carrier. If it it works then you have proof your home internet provider is blocking. I chose VPN since I have no o

 

[trainsplace]

sftp establishes a connection on port 22, if they are using ftp on 21 they are newbs.

 

[PhilChorusch01]

This happens to me because my ISP (Internet Service Provider) blocks so I crank up my VPN and go around them. Cellphone hotspot or other internet connection might work as well. If you have a firewall it may be blocking too.

I have TRS22PE on Steam and never had any issues downloading from the DLS. I don't even use a VPN

 

[wreeder]

sftp establishes a connection on port 22, if they are using ftp on 21 they are newbs.

To use sftp or secured ftp you would have to use an ftp client that supports those protocol. BTW, there is nothing inherently insecure with ftp on port 21 unless you are using shared wifi connections. ISPs normally block inbound ftp connection attempts due to bulk password guessing attacks. Since the ftp daemon in an on demand service, ISPs will limit the number of possible simultaneous connections to make such attacks less effective but then legitimate users can have trouble updating their websites during attacks. The ultimate solution is to use a firewall (fail2ban) that blocks the IP address of the attacker after a number of failures for a period of time such as 15 minutes and progressively increasing the duration of the blocking. So if your ISP is permanently blocking port 21 at the border router than they really don't know what they are doing.

So that being said, the end user creating the FTP connection is going outbound through NAT that will remember the connection and allow the return packets through to the end user. Unless as I mentioned, the ISP has blocked blocked port 21 at the border router which is overwhelmingly stupid.

 

[JCitron]

ftp has been blocked because of lazy admins using simple passwords such as "password" or none at all for their ftp connections. When I managed a company ftp server, I put in a complex admin password which kept hackers from accessing the server. The logs showed hundreds to failed attempts daily and I was able to report a number of them with success.

 

[wreeder]

Yep, the Chinese bot net will hammer anything with an live IP. At the ISP, we had a custom app that pulled the logs of all 148 servers, routers and switches every 5 minutes and then compiled the attacking IP addresses and added a no route entry in the routing table of the border router. It kept track of the time and would remove the entry when it expired. It tracked what passwords was failing and logged them. All the variants of password were there on the list. Very clever bit of programming by the network supervisor. Pre 2013, at anytime, there would be maybe 40 or 50 IP addresses blocked. After 2013, it was normally several thousand.

 

[JCitron]

Yep, the Chinese bot net will hammer anything with an live IP. At the ISP, we had a custom app that pulled the logs of all 148 servers, routers and switches every 5 minutes and then compiled the attacking IP addresses and added a no route entry in the routing table of the border router. It kept track of the time and would remove the entry when it expired. It tracked what passwords was failing and logged them. All the variants of password were there on the list. Very clever bit of programming by the network supervisor. Pre 2013, at anytime, there would be maybe 40 or 50 IP addresses blocked. After 2013, it was normally several thousand.

My operation wasn't that extensive. The one server was enough to keep me busy in addition to the 20 other servers for general business use, R&D, and field service.

The hacker location changed over the 3 years we had that ftp server in operation. Initially, they were from various UK, US, Canadian, and European locations with an occasional Taiwanese and Chinese attempt. As time went on, the attacks become more and more Asian and Eastern European and in large swarms which indicated they were those bots you mentioned.

For the US and Canadian hosts, I was met with mixed results, meaning most wouldn't bother to respond to my request for takedown even with the accompanying logs. This was the same with European hosts.

With one UK based attempt, I took a chance and notified the ISP, and someone responded back to my email thanking me for notifying them. A few days later, I got another email telling me that the police arrested the hacker and had him in custody. A short time later, the FTP server suffered a hard drive crashed and I was told not to rebuild it. It was fun while it lasted.