Protecting Gamers: Answering Your Questions About Stopping DoS and DDoS Attacks
This is a writing sample from Scripted writer Stephen Ashley
Have you ever experienced a suspiciously well-timed connection drop while playing an online game? Maybe you were just about to round out that royal flush or take down the mid-lane tier 2 tower, when suddenly your ping spiked and it was game over. If that sounds familiar, there's a good chance that the game that you're playing was the target of a denial of service (DoS) attack.
If you're a fan of Xbox, PlayStation or any popular PC game, you've probably heard of DDoS attacks on the gaming networks. The denial of service arms race is currently raging across the globe, and the weapons of would-be attackers are strong, widespread and simple to use. As a consequence, it's now easier than ever to launch a DDoS attack against individual users, and gamers are paying the price.
Thankfully, you don't need to hire Microsoft's network security team to defend yourself.
We'll answer some pressing questions about DDoS attacks on gamers and offer some tried and tested steps you can take to protect your network and stay safe as you enter the digital battlefield.
How Do DoS and DDoS Attacks Work?
In a denial of service (DoS) attack, unwanted traffic is sent to a target IP address to overwhelm it with data, either to take the network entirely offline, or simply slow it down. Since one network connection is unlikely to be able to send enough data to properly flood its target alone, attackers use distributed denial of service (DDoS) attacks instead to bring down the site. Gamers encounter denial of service attacks typically.
In a DDoS attack, multiple computers are used to flood the target IP address, ensuring that enough data is sent to overwhelm its network. This is typically done by using a botnet, or a group of computers that have been infected by a virus allowing attackers to initiate network traffic from that device, often without the owner's knowledge or awareness. When gaming servers are victims of DDoS attacks, the game is unavailable to gamers.
Botnets are so common that attackers can literally rent one to carry out a successful attack without any specialized knowledge or technical ability.
Can I be DDoSed?
Anybody can be the target of a DDoS attack, but only if the attacker knows your IP address. Fortunately, your IP should be hidden automatically if you only play online through official servers and platforms like the Xbox or Steam networks. However, if you're a PC gamer who plays games that support private third-party servers (like Minecraft or Team Fortress 2), your IP may be visible to server administrators or to the public when you're connected.
Third-party voice chat programs are the most notorious weak points for attackers searching for your IP address. Skype, which was consistently identified as having very poor IP security, recently added the ability to hide your IP address.
Whichever voice program you use, follow basic security practices, keep your program updated with the latest patches and adjust your settings to ensure that you only receive calls and requests from players on your friends list. Your user profile and identifying information should also be kept private. Procedures for adjusting the relevant settings are different for every program — and change frequently — so you'll need to consult help files or the program's support site for the most up-to-date information.
How Do I Know if I'm Being Attacked?
Often, sudden outage and unexplained disconnect is the only sign you'll have that you're experiencing a DoS attack. To confirm that it's an attack, you first need to rule out normal network errors that might be impacting your internet connection.
- Start by unplugging your modem and/or router, both at the power source and the network cable.
- Turn off your computer (or console, if the modem is connected to it directly).
- Leave everything off for five minutes, then plug everything back in and turn the equipment on.
If your internet connectivity isn't restored, you'll need to call your ISP for technical support. Many ISPs have automated messages alerting callers to service problems in their area, but if you don't have that option, or don't have a service alert, ask to speak directly to a support technician. They can walk you through troubleshooting steps for your network, and in many cases can find out directly whether suspicious traffic is being sent to your IP that might be a DoS or even DDoS attack.
What Should I Do if I'm DoSed?
Obtaining a new IP address is usually an effective way to stop an ongoing attack, since attackers often configure their botnet to operate automatically for as long as the target IP remains active.
Use a site like whatismyip.com to verify that your IP address has been successfully reset before and after taking any of the following steps:
Reset Your IP Address
Resetting your IP address every few days is a good habit to develop if you've been the target of multiple DDoS attacks, or if you're a streamer or highly visible gamer. While doing so won't prevent an attacker from searching for your new IP address, it can delay the process of finding it.
- Unplug
The easiest way to reset your IP address is to unplug your modem and/or router. Depending on your ISP's procedures, you may need to leave the devices unplugged for anywhere between 10 minutes and 12 hours, at which point your existing IP address should expire. You'll be assigned a new one when your hardware reconnects.
- Using your router console
To reset your IP address when your computer is connected directly to an ISP router, navigate to your router's Admin Console, usually by typing "http://192.168.1.1" into your web browser's address bar. Consult your router's manual to find out how to access Admin functions if that doesn't work.
[continued at link below]