Luca662 Posted February 23, 2009 Share Posted February 23, 2009 I just came across an interesting read on Ars technica. http://arstechnica.com/gaming/news/2009/02...vice-attack.ars People are now starting to do dos attacks on players through xbox live. The article describes the people using a packet-sniffer to find your ip then flooding you with packets. The packet sniffer is most likely cain and abel or ettercap. I'm curious to know what kind of packet they use to flood their victims. Most people have a small upload bandwith and huge download bandwidth meaning you don't have much to work with. Also, I run a small linux server that handles all my connection (I'm currently trying to get a windows sever up and running) and what would be the best way to protect against this attack? Quote Link to comment Share on other sites More sharing options...
Eviltechie Posted February 23, 2009 Share Posted February 23, 2009 I would try and figure out where the packets are coming from and then block them. Also, being good sport helps too. Quote Link to comment Share on other sites More sharing options...
Sparda Posted February 23, 2009 Share Posted February 23, 2009 People are now starting to do dos attacks on players through xbox live. The article describes the people using a packet-sniffer to find your ip then flooding you with packets. The packet sniffer is most likely cain and abel or ettercap. I'm curious to know what kind of packet they use to flood their victims. Most people have a small upload bandwith and huge download bandwidth meaning you don't have much to work with. Also, I run a small linux server that handles all my connection (I'm currently trying to get a windows sever up and running) and what would be the best way to protect against this attack? The only way to defend against this attack and stay online in the context of a web site is really big pipes, and lots of server distributed in different locations. If you just want to stay online in the context of your home connection, just change your internet IP address. Quote Link to comment Share on other sites More sharing options...
DingleBerries Posted February 23, 2009 Share Posted February 23, 2009 Sparda hit it on the head Quote Link to comment Share on other sites More sharing options...
misfitsman805 Posted February 23, 2009 Share Posted February 23, 2009 Sparda hit it on the head as always :P Quote Link to comment Share on other sites More sharing options...
shonen Posted February 23, 2009 Share Posted February 23, 2009 good luck if your ISP only provide static and not dynamic IP addresses. Some ISP are not so quick to respond to such issues and this goes double for Indian technically support staff who think that unplugging and plugging your router/modem back in corrects all ISP related issues. XD Quote Link to comment Share on other sites More sharing options...
stingwray Posted February 23, 2009 Share Posted February 23, 2009 I would try and figure out where the packets are coming from and then block them. Also, being good sport helps too. No good. Any half decent DoS attack will spoof their source address of the attack traffic. At best it is random addresses, at worst they could be claiming to be coming from high-profile targets, which would then limit your use of those legitimate services if you started blocking them. You also have a bloody difficult job of decided what is attack traffic and what is legitimate traffic. Quote Link to comment Share on other sites More sharing options...
decepticon_eazy_e Posted February 24, 2009 Share Posted February 24, 2009 No good. Any half decent DoS attack will spoof their source address of the attack traffic. At best it is random addresses, at worst they could be claiming to be coming from high-profile targets, which would then limit your use of those legitimate services if you started blocking them. You also have a bloody difficult job of decided what is attack traffic and what is legitimate traffic. Also, if you create an ACL to block them... you are still processing the packet which is what caused the DDOS in the first place. DDOS attacks are actually very hard to fight, you need help from the ISP upstream to reroute traffic that fits the profile of the attack. Usually the profile of the attack is "legitimate traffic" that you desire, so it makes it very difficult to filter. Most companies that are attacked use the oldest defense in the book... add more bandwidth. Quote Link to comment Share on other sites More sharing options...
Seshan Posted February 24, 2009 Share Posted February 24, 2009 Man I was playing some hacker on xbox live, he was playing for atleast 5 hours today, wish I could use this against him D: Quote Link to comment Share on other sites More sharing options...
FireTime Posted February 24, 2009 Share Posted February 24, 2009 You have to be cautious if you decide to block the dDos attack. If the attack is originating from the other players connection you could end up blocking his x-box live connection to your x-box. This was a popular form of hacking that Microsoft has gotten much better noticing. SO you could end up being banned by Microsoft instead of the dDos attacker. So as Sparda stated, just change your IP. Quote Link to comment Share on other sites More sharing options...
Razor512 Posted February 24, 2009 Share Posted February 24, 2009 the best way to deal with it is to find the brown note (like in south park) then play it over xbox live voice and make the attacker crap their pants :) jk blocking the ips doesn't really stop the attack because your still receiving the data I have experienced a few DOS attacks but some of them weren't well done, the user was mainly using a simple app to flood, but the user was using the internet connection at a school or some public location to get a really good amount of bandwidth, depending on the schools network, you can use their connection to do a DOS it may be a dumb college student or someone who has a friend who is in a location with a good connection who can do the DOS (PS a dsl connection can DOS a dialup connection, I tried it when kmart used to offer that blue light internet service like 10 hours for free each month) Quote Link to comment Share on other sites More sharing options...
decepticon_eazy_e Posted February 25, 2009 Share Posted February 25, 2009 the best way to deal with it is to find the brown note (like in south park) then play it over xbox live voice and make the attacker crap their pants :) jk blocking the ips doesn't really stop the attack because your still receiving the data I have experienced a few DOS attacks but some of them weren't well done, the user was mainly using a simple app to flood, but the user was using the internet connection at a school or some public location to get a really good amount of bandwidth, depending on the schools network, you can use their connection to do a DOS it may be a dumb college student or someone who has a friend who is in a location with a good connection who can do the DOS (PS a dsl connection can DOS a dialup connection, I tried it when kmart used to offer that blue light internet service like 10 hours for free each month) PS any connection that has a greater upload than the target's download can DOS. You don't need any special software or apps. Just ping with the -t on it and let it go. The trick is to get 1000 of your friends to do the same thing. This is what brought down the banks and government in Estonia. A couple thousand people sending non stop pings to specific IP addresses. For double the fun, they spoof the return address so a second IP address will get a flood of pings. Which is why the IP address of your attacker is pretty trivial, it's probably spoofed. Quote Link to comment Share on other sites More sharing options...
VaKo Posted February 25, 2009 Share Posted February 25, 2009 A while back i had an excellent ddos resistant apache config, needed to be restarted every 12hrs but it kinda worked despite the server being battered. Quote Link to comment Share on other sites More sharing options...
RoccoKitson Posted March 18, 2009 Share Posted March 18, 2009 For DDoS defense and ddos protected hosting i can recommend GigabitDC.COM. They even offer free migration. Quote Link to comment Share on other sites More sharing options...
moonlit Posted March 18, 2009 Share Posted March 18, 2009 Sad bastards, why not just play the game on super-simple-the-enemies-zey-do-nathing-mode if you're that desperate to win? Jesus. Quote Link to comment Share on other sites More sharing options...
Sparda Posted March 18, 2009 Share Posted March 18, 2009 Sad bastards, why not just play the game on super-simple-the-enemies-zey-do-nathing-mode if you're that desperate to win? Jesus. I'm sorry, I can't understand that post. Quote Link to comment Share on other sites More sharing options...
Sparda Posted March 18, 2009 Share Posted March 18, 2009 For DDoS defense and ddos protected hosting i can recommend GigabitDC.COM. They even offer free migration. "This rock is a magical Tiger/Lion replant guaranteed money back on proof of been attacked by a Lion/Tiger. Available for only £200!" Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.