The whole DDoS thing is plaguing the WoW PvP community at the moment, and it is my understanding that it is negatively affecting tournaments, which is a shame. I wanted to provide a little insight, and some solutions that should be rather fool-proof.
As a note: I have read through Mugem's guide, and I think it is a great starting point, but there are a few things that I don't like that I am going to touch on here.
READ CAREFULLY AND THOROUGHLY.
1. Stop trying to change your IP.
Guys, if someone wants your IP, they are getting it. Fuck, if you post on this forum once, your IP can be obtained. If you stream, play WoW, go on Skype, watch a stream, someone can get your IP. It isn't really something that is SUPPOSED to be secret. You need to thwart DDoSing at the heart of the issue, which I will explain in the next header.
2. Basics on DDoS.
A basic DDoS attack, which you guys already know, is pretty much connection flooding on some port(s) on some IP(s). It is really very easy to stop this.
Buffer the amount of connection requests and responses in a short period of time.
Prevent that traffic from even making a request.
It is as simple as that.
3. Buy a router made in the last 5 years, and actually take time to set it up.
Routers don't want to deal with the kind of flooding that is DDoS. They stop it. They manage it. Turn on the router's firewall, don't forward ports you don't have a reason for forwarding. Enable IPv4 and IPv6 SPI firewall protection, if it isn't already.
4. Get a free firewall, and prevent incoming traffic from EVERYTHING. Then enable it where needed.
Do that ^.
5. Skype Shit
For the love of fuck, turn off:
"Use port 80 and 443 as alternatives for incoming connections".
Port 80 is the HTTP port, and that is the first port ANYONE is going to try DDoSing you on.
Disabling it won't negatively affect ANYTHING.
Set-up a Skype proxy. Mugem's guide has good resources for doing so. Pick a high rated proxy in your region with a low MS, and you can screen share with the same quality as not having the proxy.
That's really it guys. A basic DDoS is easily preventable through controlling traffic, and not making yourself vulnerable. If you are having problems beyond that, you really need to contact the appropriate authority for your nation. It isn't a bunch of nerds on WoW, it is terrorism.
"Denial-of-service attacks are considered violations of the IAB's Internet proper use policy, and also violate the acceptable use policies of virtually all Internet service providers. They also commonly constitute violations of the laws of individual nations."
Was motivated to write this after reading a thread. Probably has typos and grammar errors, but read through it, think about shit, and do some research. Take the time to set up your router, firewall etc. thoroughly. If you don't know what an option does, look it up.
Is it even known if these attacks are actually distributed? Has anyone actually logged their network traffic to see what is going on? Are all the attacks made of cheaply made chinese packets?
But seriously, assuming that they're actually dealing with a distributed botnet attack, you can have the most bulletproof configuration and that won't stop a sheer bandwidth mismatch. Your home network just doesn't have the horsepower, redundancy, or bandwidth/load balancing to handle a heavy distributed attack properly. And unless you spend a lot of money and time, it never will.
Most of the suggestions are ok, but you'd probably be better off talking to your ISP to see where the attacks are coming from, and what they can do for you to filter them before they ever get to your network. China is notorious for having plenty of compromised systems, primarily because of the proliferation of pirated Windows XP SP1, which are still in use. Maybe they have ACLs to filter out traffic from certain regions? Just a thought.
I'm sure there's a lot going on behind the scenes, and good luck to them stopping these attacks on the tournament players. I guess one bonus of being bad is not having to worry about being attacked.
P.S, Wasn't this website just compromised a few months ago? It's curious to me that everyone thinks the attackers are getting their IP lists from skype, and not some from other commonly used service. If you had admin access to the web console for these forums, for example, you could easily see anyone's IP address, or any other host of logs tied to this webserver.