Jump to content

  • Curse Sites
Help

Teaw

Member Since 22 Apr 2008
Offline Last Active Mar 17 2013 04:00 AM
*----

#3742000 Information about DDOS, Skype & Changing IP's

Posted hoodrych on 10 August 2012 - 11:08 PM

I know there are several of these with some of the same information, but it seems that people are either lazy or uninformed.

If you're playing in a tournament or streaming, you will need to prepare for and prevent DDOS attacks.

It's incredibly frustrating for the people being DDOS'd, especially when it effects their streams or tournaments. However, I feel some people are not using the internet and available information to protect themselves. The process of changing IP's and Skypes has been documented, but still, the same people have the same Skypes and continuously fall back on "I've rebooted my router" or "I called and my ISP and they said I can't".

Understanding DDOS/DOS:

One common method of attack involves saturating the target machine with external communications requests, such that it cannot respond to legitimate traffic, or responds so slowly as to be rendered effectively unavailable.

Essentially, your internet becomes overwhelmed with incoming requests and you eventually just go offline. This is why your Skype will usually become robotoic or some services will be available/slow while others aren't.

How it happens:

The attacker get's your IP address. The most common method is Skype. The WoW community is kind of shit so people who you may think are your friend will share your Skype username, or someone without "Stream Privacy" will accidently leak your username. That is all the attacker needs to find it, it doesn't matter how it happens - the bottom line is once your Skype is available, you are compromised. There are methods of using a proxy server to connect to Skype, but honestly once it's compromised I'd just make a new one to be sure.

Prevention:

Static IP and Dynamic IP's

The most common misconception is that people think they have static IP's and it cannot be changed. Unless you actually have this information specified in your network/router properties:

Posted Image

Then you most likely have a Dynamic IP address. Most people will keep the same Dynamic IP for an extended period of time (could last years, and this is where the confusion lies). This is due to the MAC Address of their router (and DHCP leases) This is why simple /release and /renew from command prompt does not work.

To prevent further DOS attacks, it is very important to understand how obtaining a new IP is possible, and how your internet/router functions in the way of just getting your last IP address.

DHCP - Dynamic Host Configuration Protocol (aka the server that gives you an IP Address)
Media Access Control address (MAC address) is a unique identifier assigned to network interfaces
Local IP Address - ex. 192.168.0.1, 10.0.0.1
Public IP Adddress - http://www.whatismyip.com/ (aka will never be in the local format)

1. Your router has a MAC Address of 1:2:3:4:5. This is a physical address assigned in the hardware/software.
2. It establishes connection to the DHCP server, and will be assigned an IP Address. The DHCP server records the MAC Address of the router, so that it can hand it the same IP if it becomes disconnected.
3. The DHCP server says Ok, here is your IP Address. (75.75.75.2)
4. Your internet is active and your public IP is (75.75.75.2)

DDOS Happens

1. You go to command prompt and /release /renew, a common practice for changing your IP.
2. You come back online, go to http://www.whatismyip.com/ and have the same address (75.75.75.2)
3. You turn off your router/modem for 10 minutes. You come back online and have the same public IP (75.75.75.2)

THIS IS BECAUSE YOUR ROUTERS MAC ADDRESS IS SAVED IN THE DHCP SERVER. When the DHCP server see's your MAC address (1:2:3:4:5) it just assigns it the same IP it has in it's records (75.75.75.2).

(Obviously there are exceptions to this, some people get new IP's from just resetting or /release /renew, but often times that will only work on a random or first time basis, as the DHCP Lease was probably very old.)

Understanding MAC Address cloning:

Most routers have the functionality to clone your MAC Address. Essentially, you are able to put a disguise on your routers physical MAC address (1:2:3:4:5). Let's say it disguises it as (5:2:3:4:1) so that when it connects to the DHCP server, the DHCP server says "hey, I don't remember this MAC address"... therefore treats it as a new guest and assigns it a new IP Address.

Posted Image


Once you understand the process, it becomes fairly simple to continuously clone your MAC Address (can change just one or two numbers, randomize it, etc.) and obtain a new IP almost on-demand. It is EXTREMELY important that you make a new Skype, as if you change your IP and use your old Skype, the attacker can just obtain your new IP Address again.

I recommend anyone who is having DDOS issues to firstly figure out how to connect to your routers web interface (like the image above). It is a fairly simple process and requires you to login as an Administrator (default credentials can be found by googling)

http://www.techspot....r-ip-addresses/

Follow the steps below to successfully release your DHCP Lease, Clone your MAC Address, Renew your DHCP lease and obtain a new IP.
  • Type 192.168.1.1 in your Internet address bar.
  • Enter the password. If you have not chosen a password, use the factory default password of "admin." No username is required.
  • Go to status.
  • Click DHCP Release.
  • Under Setup in the grey bar go to Mac Address clone on the blue bar.
  • Click enable, then click clone pcs Mac address. Save settings.
  • Unplug the modem, but keep the router plugged in. (aka unpluged the Coax if you have 1 device)
  • With the modem (internet/coax) unplugged, go to status.
  • Click DHCP renew.
  • Plug in modem.
  • Wait 1 minute and press refresh. Your new IP address should be there.

Make a new Skype, educate yourself about the process of DHCP and MAC Address cloning, get a new IP.

tldr; avoid getting disconnected by 14year olds on foreign shells by changing your ip address through MAC address cloning and getting a new skype even though it's a fuckin hassle to re-add your friends, follow my fuckin stream

http://www.twitch.tv/hoodrychx

- hr


#3726114 Lvl 90 Arenas Mage 1v2 MoP

Posted Minpojke on 06 July 2012 - 04:04 PM

first xxx xxx


#3726121 Lvl 90 Arenas Mage 1v2 MoP

Posted Hotted on 06 July 2012 - 04:16 PM

ps: my pov



#3726116 Lvl 90 Arenas Mage 1v2 MoP

Posted Hotted on 06 July 2012 - 04:04 PM

mop looks fun except when I get railed x.x


#3324142 Glad Sellers Resets

Posted Fearful on 26 June 2011 - 10:13 PM

lopez isn't getting r1, all that matters


#3307232 MMR EXPLOITERS LASERX ELSA TWLGHTSPARKlL

Posted Admoney on 17 June 2011 - 03:30 AM

View Postsikemu, on 17 June 2011 - 03:28 AM, said:

rep me if you don't give a fuck
^rep me if think this dude is gay


#3230341 Images of Gladiator Mount (Confirmed) || Updated 1st June

Posted Starcookie on 09 May 2011 - 11:16 AM

Obviously this model is unfinished, so don't bite my head off. Taken from 4.2 PTR.


June 1st - Minor update to the behind



------------------------

May 24th - "Release" version



------------------------

May 19th - Bronze version

Posted Image

------------------------

May 19th - Confirmation

http://db.mmo-champi...twilight-drake/

------------------------

May 16th - Version 2

Posted Image
Posted Image

------------------------

9th May - Version 1

Posted Image

Edit for Kuroqt :
Posted Image


#3108827 Hunter s10 Gear and weaps

Posted kinexa on 06 March 2011 - 08:52 PM

male:
Link
Spoiler

female:
Link
Spoiler

Weapons: (thx Potà)

polearm:
Link
Spoiler

bow:
Link
Spoiler

crossbow:
Link
Spoiler

gun:
Link
Spoiler



#3217379 First time playing MLD & having the worst series of games in my life

Posted L0Liver on 02 May 2011 - 02:26 PM

MLD is a setup that is so fucking strong if you learn to not overlapp your cc and also learn to spam your cc.

You can, without to much effort, keep one target cced, FOREVER. And this is the strongest side of MLD, the amount of cc, the druid shouldnt even be healing, he should be ccing lol, well almost.

If I played MLD seriously, I would, for at least 10 games, practice the cc rotation without putting out any dmg at all,

dont even touch frostbolt or icelance, just cc untill you lose, for 10 games at least. then make new team and start from scratch.


#3218780 Ring of Frost now has a 1.5-second cast time.

Posted Cryogenics on 03 May 2011 - 02:58 AM

Deep - Ring was pretty retarded, but it was the only thing that made mages viable. the amount of interrupts and stuns in this game right now is just ridiculous so it's impossible to get casts off. it's going to be lovely trying to get 1.7 sheeps off with no r1 bolt or WC once this gets nerfed. Time to reroll


#3141319 The REAL mage changes in 4.1

Posted Inflamez on 23 March 2011 - 03:47 PM

True story

Posted Image


<