Jump to content


How To Prevent Ddos Attacks?


  • Please log in to reply
40 replies to this topic

#1 Thea

Thea

    Junior Member

  • Posts:11
  • Joined:11-September 07
  • RS Name:T__h_e_a
  • RS Status:Free

Posted 30 September 2009 - 06:52 PM

ok so does any1 know how to block ddos attacks.. like any antiviruses or firewalls that auto block them? or any way at all to block them? if so please post here and tell me thanks. i want to make my computer block them so i dont get ddosed by people

#2 Envie

Envie

    Je t'envie

  • Posts:1,053
  • Joined:22-August 09
  • RS Status:Member

Posted 30 September 2009 - 06:57 PM

Just don't click pictures etc. and untrustworthy links.
However, for "further" protection, change your I.P. Address
from what I have learned, DDOS attacks are usually through
sending a large package to your I.P.Address but by changing it,
they send it to some nonexistent (or someone else's) address
so you will be free from the attack.

In order to change your I.P. Address, if you have wireless,
then disconnect (take the plug out) your router overnight
or at least for 15 minutes before reconnecting it. Check if
your I.P. Address has been changed or not; if not, I suggest
you do the overnight thing.

These kinds of things are preventable if you are proactive
rather than being the victim and acting later. Just avoid untrustworthy
links, sites, and even pictures.

Here's a youtube video of someone getting DDOS'ed
and it says the two people who did it got banned so it's bannable and
that jagex is working on it to get rid of those players who are breaking
the rules, the laws, just so they can get some gp's... :wink:


#3 Thea

Thea

    Junior Member

  • Posts:11
  • Joined:11-September 07
  • RS Name:T__h_e_a
  • RS Status:Free

Posted 30 September 2009 - 07:00 PM

ya but ppl get ur ip from vent/forums and i didnt ask for someone to tell me to change my ip, im asking for someone to help me get firewall or something to help me so i cant get ddosed

#4 DaveC

DaveC

    Your soul. I has it.

  • Posts:1,120
  • Joined:21-January 06
  • RS Name:Talisker
  • RS Status:Member

Posted 30 September 2009 - 07:13 PM

There are extremely slim chances you will become subject to a DDoS attack your self. The most you'll probably come to one is on an IRC server and a channel in there becomes subject to attack.

Generally DDoS attacks are stemmed and mitigated on the ISP side. Blocking them yourself is very hard to do, especially if you are worried about someone trying to connect 1000 computers to you in a single second, which is near impossible because they'd need the correct IP and the correct port, and I really doubt the minority of people who have your IP from forums you visit have both the motivation and knowledge to attack you.

Don't worry about them.


Posted Image
Posted Image


#5 Jme

Jme

    Don

  • Posts:2,606
  • Joined:27-October 07
  • RS Name:Thunderbolts
  • RS Status:Member

Posted 30 September 2009 - 07:19 PM

I would laugh if that video & the video of him admitting it would be enough evidence for a conviction.

[font="Verdana Arial Helvetica  sans-serif"]Posted Image
[/font]


#6 Sgt_Shankers

Sgt_Shankers

    Member

Posted 30 September 2009 - 07:24 PM

View PostDaveC, on 30 September 2009 - 07:13 PM, said:

There are extremely slim chances you will become subject to a DDoS attack your self. The most you'll probably come to one is on an IRC server and a channel in there becomes subject to attack.

Generally DDoS attacks are stemmed and mitigated on the ISP side. Blocking them yourself is very hard to do, especially if you are worried about someone trying to connect 1000 computers to you in a single second, which is near impossible because they'd need the correct IP and the correct port, and I really doubt the minority of people who have your IP from forums you visit have both the motivation and knowledge to attack you.

Don't worry about them.

Partially true. DDoS, not likely to happen, DoS however is becoming VERY common in runescape. Alot of skiddies get ips from clan forums, clan vent servers etc and then keep a log of those ips to use in game if they see a person while pking. Since most people use the same name on forums as they do in game, its easy to pair them up.
I dont have much experience in networking but aside from changing your ip or complaining to your isp, there isnt really much you can do about it.

Posted Image
   Posted Image


#7 Thea

Thea

    Junior Member

  • Posts:11
  • Joined:11-September 07
  • RS Name:T__h_e_a
  • RS Status:Free

Posted 30 September 2009 - 07:28 PM

ok then its DOS i guess... and trust me i know people who do it ... so any1 know any good antivirus/firewall to dl to protect vs them?

#8 No1

No1

    Disaster Control Ward

  • Posts:15,528
  • Joined:24-December 02
  • RS Name:No1 1000
  • RS Status:Member
  • Clan:Zybeznet

Posted 30 September 2009 - 07:38 PM

No. You can't block a DOS attack locally by any conventional means; definitely not with software.
"He attacked everything in life with a mix of extraordinary genius and
naive incompetence, and it was often difficult to tell which was which."

- Douglas Adams [Confirmation Bias]

#9 seeborg

seeborg

    Member

  • Posts:220
  • Joined:11-November 08
  • RS Name:seeborg
  • RS Status:Free

Posted 30 September 2009 - 07:42 PM

The person in that video obviously doesn't know what a DDoS is.

A) It's distributed not direct
B) He is performing a DoS (Denial of Service) not a DDoS.


To reiterate what has already been said: don't look at pictures from unknown sources (ie. only trust imageshack, tinypic etc), be cautious about what clan or fan websites you visit -- any of the admins or mods can get your IP address and use it maliciously, and be cautious about Teamspeak/Ventrilo servers as they also expose your IP to the operators.

If you think someone knows your IP or if it's being distributed through clans and attackers, turn your router off to obtain a new IP address. It can take up to 48 hours on some ISPs (usually a lot quicker). Contact your ISP for IP lease times.

Probably a good time to reassure everyone that SwiftKit in no way captures your IP address and no one in the staff (or users, for that matter) can access it from solely using SwiftKit.

Edited by seeborg, 30 September 2009 - 07:52 PM.

Posted Image
SwiftKit Staff


#10 Thea

Thea

    Junior Member

  • Posts:11
  • Joined:11-September 07
  • RS Name:T__h_e_a
  • RS Status:Free

Posted 30 September 2009 - 08:00 PM

ugh so theres nothing u can do to stop people from dosing u?

cant u like close all ur ports and u cant get attacked?

#11 seeborg

seeborg

    Member

  • Posts:220
  • Joined:11-November 08
  • RS Name:seeborg
  • RS Status:Free

Posted 30 September 2009 - 08:10 PM

If you can get out, they can get in. Turn off your router which will physically nullroute your IP and there will be no destination for the malicious packets.

Your best course of action is to obtain a new IP as aforesaid.

Posted Image
SwiftKit Staff


#12 Webhostbudd

Webhostbudd

    Computing CL

  • Posts:1,717
  • Joined:25-August 05
  • RS Name:Webhostbudd
  • RS Status:Retired

Posted 30 September 2009 - 10:04 PM

If they are pushing packets to your machine then there is no way for you to stop them, as you can't control what packets transfer from the ISP to your home. Now, if you did have ports open and they were spamming packets so you would continuously upload packets out to the net, then you have something you can fix with a good firewall.

Sadly for your scenario, there isn't must you can do. The best way to protect against these sort of attacks is to get a very high bandwidth connection, so only very large botnets can DDoS your network. Honestly, the whole DDoSing with Runescape Pking is getting out of hand. I remember the good old days where it involved skill and hacking to win fights was very uncommon.

RS Name:  Webhostbudd
Created: 12/07/2004
Last Active: 9/22/07
May be back sometime.
Level 106 for life.


#13 MDW

MDW

    .:|:.:|:.

  • Posts:8,494
  • Joined:20-July 03
  • RS Name:MDW19873
  • RS Status:Retired
  • Clan:Zyebz

Posted 30 September 2009 - 10:14 PM

In the event of a (D)DoS attack, you can always call your service provider and claim your connection is slow. Some will actually look into it and stop it. Others blow you off. Always worth a shot.
-> Experienced and Certified IT Professional
-> Former RSC King & Zybez Lead Developer

#14 Simmo

Simmo

    Head of SwiftKit Support Services

Posted 01 October 2009 - 02:23 AM

Think of it like this. You IP is your House. and your Ports are your windows and Doors. and now you have 1000 angry guys out there trying to get in.
You Could
A) Lock all the Windows and doors but then you can't get out.
or
B) Call the police (in this case you isp) and be asked to be put on the witness protection program and be relocated (change IP) then your safe.

By putting up a FireWall all information you request through that firewall is going to be slowed down by all the angry guys trying to get through the hole in your firewall that you used to send the infomation.

And Spraying 1000 Angry guys with bug Spray isn't going to do much.

Edited by Simmo200, 01 October 2009 - 02:29 AM.

Posted Image


#15 Glebe

Glebe

    Junior Member

  • Posts:7
  • Joined:07-September 09
  • RS Status:Free

Posted 03 October 2009 - 12:55 PM

get wireshark and learn to monitor your own network.

#16 W13

W13
  • Posts:19,973
  • Joined:27-February 01
  • RS Name:W13
  • RS Status:Member

Posted 03 October 2009 - 01:03 PM

AVOID GIVING OUT YOUR IP...
1. Don't use IRC while playing Rs.
2. Don't accept files over MSN (even pics) from people you don't trust.
3. Don't click any links to websites owned by people you don't trust.

CHANGE YOUR IP OFTEN...
1. Every night, cut the power to your cable modem (or DSL modem). (Just connect it to a power strip and use the switch on the power strip)
Posted Image
Posted Image
Posted Image
"Can't tan pon it long, naw eat no yam, no steam fish, nor no green banana" - Sean Paul

#17 GLaDOSDan

GLaDOSDan

    I got hepatitis C from a horse

  • Posts:7,232
  • Joined:31-July 07
  • RS Name:Black Mesa
  • RS Status:Member

Posted 03 October 2009 - 01:04 PM

View PostGlebe, on 03 October 2009 - 12:55 PM, said:

get wireshark and learn to monitor your own network.


Because that'll totally prevent DoS attacks.
Posted ImageRather than offer you the illusion of free choice, I will take the liberty of choosing for you... if and when your time comes round again. I do apologize for what must seem to you an arbitrary imposition, Dr. Freeman. I trust it will all make sense to you in the course of... well... I'm really not at liberty to say. In the meantime... this is where I get off.

-G-Man, Half-Life 2

#18 `James

`James

    Member

  • Posts:1,026
  • Joined:11-January 06
  • RS Status:Retired

Posted 03 October 2009 - 04:09 PM

Common sense is the best thing to use.

If you're using SwiftIRC then follow these guidelines:
Do not open links that random people send to you
Do not type /mode your nick -x
Do not join random teamspeak/ventrilo servers

I've noticed an increase of people doing the above to trick users into revealing their IP addresses on SwiftIRC.

dreams are so intoxicating
Posted Image


#19 Zpoon

Zpoon

    hey

  • Posts:2,976
  • Joined:05-February 05
  • RS Name:ZPUN
  • RS Status:Retired

Posted 04 October 2009 - 12:36 AM

View PostW13, on 03 October 2009 - 01:03 PM, said:

1. Don't use IRC while playing Rs.

WAT.

Most (respectable) networks, including SwiftIRC use hostmasking systems to prevent others from finding user's IP. Unless the user has done anything outlines in the post above me, IRC is perfectly fine.
Those who talk don't know. And those who know don't talk.
Posted Image
http://www.reddit.com/r/runescape

#20 alphamox

alphamox

    Member

  • Posts:99
  • Joined:03-September 04

Posted 09 October 2009 - 07:50 AM

View Postseeborg, on 30 September 2009 - 07:42 PM, said:

A) It's distributed not direct

Glad someone said it.

I've read so much misinformation on this forum, it's unbelievable! First of all, there is a MAJOR difference between a DoS attack, and a DDoS attack. It's not just a matter of one computer sending a large amount of data to single computer (DoS) compared with multiple computers sending large amount of data to a single computer (DDoS). There is a simple reason for this:

In order to overwhelm a victim with traffic, the attacker must be able to send more data than the victim can recieve.

I'll use my Internet connection as an example: I have a download speed of 4.74 Mb/s, and an upload speed of 0.77 Mb/s. If someone wants to perform a DoS attack on me by overwhelming my connection, they need an upload speed of more than 4.74 Mb/s. According to Speedtest.net, only 7 countries have (average) upload speeds greater than that. And my Internet connection isn't even that great...

So moving on - DoS attacks which try to overwhelm a victim with data are very unlikely. DoS attacks have to use other mechanisms which utilise a large amount of resources on the victim's computer, but a small amount on the attacker's. This means things such as software exploits, and vulnerabilities in the operating system's network stack (unlikely). So, can you prevent this kind of attack? Hell yes. (What's with everyone saying no?) Use a stateful firewall. These things will remember what outgoing connections you make, and only allow incoming connections based on your outgoing ones. What does this mean? If a guy tries to exploit a piece of software on your computer remotely, and you didn't previously connect to his computer, then your firewall will reject his connection. Easy.

On to the more complicated DDoS attacks. These things don't rely on vulerabilities in software, or the operating system. Instead, multiple computer send traffic to one computer (the victim) at exactly the same time, and overwhelm them. Look at my connection speed again - if I was to DDoS myself, I would need an upload speed of AT LEAST 4.74 Mb/s - approximately seven computers running exactly the same connection as me. It's possible, but not really likely. Can you protect against it? Nope. Your ISP might have some mitigation methods, but it's unlikely they'd detect seven computers sending you data all at once. That's pretty common (consider BitTorrent).

References: http://www.ietf.org/rfc/rfc4732.txt




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Font:
Arial | Calibri | Lucida Console | Verdana
 
Font Size:
9px | 10px | 11px | 12px | 10pt | 12pt
 
Color: