It’s very common for cheaper Minecraft SaaS hosts to serve it on a non-default port.

Probably not common but definitely non-zero.

I'm in roughly the same boat as you (minus the multiple instances). My personal Minecraft server I run on a machine sitting behind me at home for friends uses SRV records. I bump the port number each "major" version release (yeah, I know, "minor" version in semver semantics) in case I ever have to run a previous version for whatever reason. This gets reflected in the SRV records. I've never actually had a reason to do this, but it's there if I need to.

Or at least that's the theory. I haven't updated it for 1.18. Not sure I will unless I run Tekkit or something in the future.

25565 is less common than alternate ports from what I've seen. Most small, individually run, servers are not running 25565.

Extremely common on managed server providers, not so much on self-hosting. So, I think a vast amount is missing under the iceberg.

Yeah, I usually set up private servers to use some meme port and I'm sure that's not an uncommon practice

> Minecraft has SRV record support

He’s scanning IP addresses, not dns names, so there’s no easy way to get SRV records. He could first do a reverse DNS lookup, but that would slow things down tremendously and also there are many, many Minecraft servers running without DNS names

So a proper census would do a reverse dns lookup on every IP looking for a "minecraft" SRV record and connecting to that.

It's super common to run older server versions due to mod support. Unless there's some new mechanic in an update that people want to use, not using the latest version isn't really a big deal. Easiest to grab the mods you like and just freeze it.

All online games have factions that think their game has been downhill since one version or another and stay there with private servers. Minecraft has a few such factions, so your plugin probably serves one of them.

Your host isn't likely to care unless it causes them grief. There are so many scans happening at any given moment I doubt any of the targets will notice yours.

I do vaguely remember one of these, "I scanned the whole internet! It's easy!" stories from years ago where the author wound up receiving an email from someone at Electric Boat who told them, "Please don't portscan us. We're required to call the FBI when it happens." Your host would probably be "very annoyed" if they received one of those, but I doubt anyone cares enough to send such a message nowadays.

1 packet going out to 4 billion hosts probably doesn't even matter next to a few 4K video streams.

I expect if author had launched it through CGNAT, someone wouldn't have been pleased. (Correct me if I'm wrong)

I don't know if the tool is called Massscan (I thought there is a tool called something with rabbit) but I followed a security blog a few years back and since then I had the impression that scanning all ipv4s is basically a solved issue.

You have to take the quote in context:

> However, Germany ends up taking the prize for most Minecraft servers per capita, with a whopping four servers for every 10,000 people. This is probably thanks to cheap hosting offerings from companies like Hetzner.

Hetzner is a German company, OVH is not. And while OVH has a presence in Germany, if we run this query on Shodan: https://www.shodan.io/search?query=product%3A%22Minecraft%22... OVH is #8 while Hetzner is #2. So I'm not sure why you'd think this is advertising, they're merely providing an example for Germany.

That being said, GPortal is also a German company and #3 overall, but they're a dedicated provider of game servers, rather than commodity servers. Conspicuously absent is Nitrado - also a German company - probably because they run most of their servers on non-default ports, whereas GPortal assigns each server its own IPv4 last I checked.

Are you in the game server hosting scene? Curious how you came by such an insight

I tried it a while ago and unfortunately immediately ran into some rather serious bugs.

Yup, my family minecraft server fell victim to that. Thankfully it was a new map with only a couple days' work into it, but annoying nonetheless.

Whitelist your private servers!

> Really good post. It's amazing how fast you can scan all of IPv4.

If you're just scanning one port, which the author seems to have done, you can probably do it in some minute or two, unless you wanna play nice and lower the rate of sending packets.

Otherwise if you wanna scan full IPv4 + all ports, it'll take a couple of minutes at least. Masscan with the right hardware seems to be able to do it in five minutes or less.

Yes, the author would probably get another huge speed up there. Some more potential optimizations here [1].

[1] https://phiresky.github.io/blog/2020/sqlite-performance-tuni...

On IPv4, running on port 25565, which were online at the time of being scanned

No, why would they? It's like pissing in the ocean.

Thanks for the interest, I might publish the thing after auditing and documenting. There are hard-coded insensitive credentials like Cognito pool ID and player UUIDs, which I should make nicely configurable. If I do it soon enough I’ll reply here. It’s very basic-looking though (and without dynamic registration, intended for small infrequently changing groups with memberships managed by an admin).

As I have already been using AWS and this was not at all business-critical, I did not care about vendor lock-in and thought of it as an exercise in how much I could delegate (neither letting random visitors access our dashboard, nor spending time implementing custom auth). Their JS SDK documentation wasn’t great, but after some digging it was somewhat straightforward to make a fully static SPA (hosted on S3) access specified AWS resources (per IAM policy) on behalf of authenticated Cognito user.

The app also “integrates” with Discord to ping a channel on each instance start/stop, but that is merely posting to a webhook URL.

I wrote it in React and TypeScript with a bare-minimal Babel + Webpack configuration but it could just as well be written in vanilla JS.

As to the server, it is plain Ubuntu with a cron job that periodically tries to launch MC server if it’s not already running (or something silly like that). Another cron job publishes stats to DynamoDB (IAM policy allowing the instance access the table), and I wanted to add yet another job to generate a PNG with a pretty map of the spawn.

I've got a similar setup myself, check out https://lobste.rs/s/yppnts/tailscale_on_nixos_new_minecraft_... where I describe how I did it. It's quite custom but all open source. https://github.com/infinisil/on-demand-minecraft is the main part

In my setup it is instance start + cron job timer + MC server initialization. AWS instance wakes up pretty quickly, cron job is configurable (I set it to 15 seconds or so), MC may depend on the size of the world and any mods I suppose (we played vanilla). All in all took between 40–100 seconds I think.

Additionally, as far as I know, after 1.12, the development of minecraft paced up and a lot of internals of minecraft changed. This turns the update of mods past 1.12 into a complete rewrite most of the times, which has burned out quite a few authors.

> There simply isn't an incentive for many mod owners to update their mods to the latest version

There is quite a strong incentive. What there is not, is means — Forge and Minecraft have both changed dramatically between versions, to the point that many mod developers throw their hands up in the air and rewrite the mod entirely. For something complex enough that that isn't an option, for instance Electrical Age, it's easy to remain stuck on an older version forever.

There's no documentation, and the API owners often assume that forcing a complete rewrite of major parts of the mod is fine. It's really not.

To throw in another reason why old versions are still popular, a good chunk of modded players use modpacks, and some of the more popular ones are pretty highly polished collections of mods with a bunch of glue to make them work together as a somewhat unified experience. This can't really happen until the mod ecosystem for a given version has already stabilised a fair amount (and can only happen on versions for which a large number of mods are available, which tends to be every 5 releases or so).