Jump to content

  • Curse Sites
Help

forteh

Member Since 18 Dec 2007
Offline Last Active Nov 08 2013 09:29 PM
-----

#3742000 Information about DDOS, Skype & Changing IP's

Posted hoodrych on 10 August 2012 - 11:08 PM

I know there are several of these with some of the same information, but it seems that people are either lazy or uninformed.

If you're playing in a tournament or streaming, you will need to prepare for and prevent DDOS attacks.

It's incredibly frustrating for the people being DDOS'd, especially when it effects their streams or tournaments. However, I feel some people are not using the internet and available information to protect themselves. The process of changing IP's and Skypes has been documented, but still, the same people have the same Skypes and continuously fall back on "I've rebooted my router" or "I called and my ISP and they said I can't".

Understanding DDOS/DOS:

One common method of attack involves saturating the target machine with external communications requests, such that it cannot respond to legitimate traffic, or responds so slowly as to be rendered effectively unavailable.

Essentially, your internet becomes overwhelmed with incoming requests and you eventually just go offline. This is why your Skype will usually become robotoic or some services will be available/slow while others aren't.

How it happens:

The attacker get's your IP address. The most common method is Skype. The WoW community is kind of shit so people who you may think are your friend will share your Skype username, or someone without "Stream Privacy" will accidently leak your username. That is all the attacker needs to find it, it doesn't matter how it happens - the bottom line is once your Skype is available, you are compromised. There are methods of using a proxy server to connect to Skype, but honestly once it's compromised I'd just make a new one to be sure.

Prevention:

Static IP and Dynamic IP's

The most common misconception is that people think they have static IP's and it cannot be changed. Unless you actually have this information specified in your network/router properties:

Posted Image

Then you most likely have a Dynamic IP address. Most people will keep the same Dynamic IP for an extended period of time (could last years, and this is where the confusion lies). This is due to the MAC Address of their router (and DHCP leases) This is why simple /release and /renew from command prompt does not work.

To prevent further DOS attacks, it is very important to understand how obtaining a new IP is possible, and how your internet/router functions in the way of just getting your last IP address.

DHCP - Dynamic Host Configuration Protocol (aka the server that gives you an IP Address)
Media Access Control address (MAC address) is a unique identifier assigned to network interfaces
Local IP Address - ex. 192.168.0.1, 10.0.0.1
Public IP Adddress - http://www.whatismyip.com/ (aka will never be in the local format)

1. Your router has a MAC Address of 1:2:3:4:5. This is a physical address assigned in the hardware/software.
2. It establishes connection to the DHCP server, and will be assigned an IP Address. The DHCP server records the MAC Address of the router, so that it can hand it the same IP if it becomes disconnected.
3. The DHCP server says Ok, here is your IP Address. (75.75.75.2)
4. Your internet is active and your public IP is (75.75.75.2)

DDOS Happens

1. You go to command prompt and /release /renew, a common practice for changing your IP.
2. You come back online, go to http://www.whatismyip.com/ and have the same address (75.75.75.2)
3. You turn off your router/modem for 10 minutes. You come back online and have the same public IP (75.75.75.2)

THIS IS BECAUSE YOUR ROUTERS MAC ADDRESS IS SAVED IN THE DHCP SERVER. When the DHCP server see's your MAC address (1:2:3:4:5) it just assigns it the same IP it has in it's records (75.75.75.2).

(Obviously there are exceptions to this, some people get new IP's from just resetting or /release /renew, but often times that will only work on a random or first time basis, as the DHCP Lease was probably very old.)

Understanding MAC Address cloning:

Most routers have the functionality to clone your MAC Address. Essentially, you are able to put a disguise on your routers physical MAC address (1:2:3:4:5). Let's say it disguises it as (5:2:3:4:1) so that when it connects to the DHCP server, the DHCP server says "hey, I don't remember this MAC address"... therefore treats it as a new guest and assigns it a new IP Address.

Posted Image


Once you understand the process, it becomes fairly simple to continuously clone your MAC Address (can change just one or two numbers, randomize it, etc.) and obtain a new IP almost on-demand. It is EXTREMELY important that you make a new Skype, as if you change your IP and use your old Skype, the attacker can just obtain your new IP Address again.

I recommend anyone who is having DDOS issues to firstly figure out how to connect to your routers web interface (like the image above). It is a fairly simple process and requires you to login as an Administrator (default credentials can be found by googling)

http://www.techspot....r-ip-addresses/

Follow the steps below to successfully release your DHCP Lease, Clone your MAC Address, Renew your DHCP lease and obtain a new IP.
  • Type 192.168.1.1 in your Internet address bar.
  • Enter the password. If you have not chosen a password, use the factory default password of "admin." No username is required.
  • Go to status.
  • Click DHCP Release.
  • Under Setup in the grey bar go to Mac Address clone on the blue bar.
  • Click enable, then click clone pcs Mac address. Save settings.
  • Unplug the modem, but keep the router plugged in. (aka unpluged the Coax if you have 1 device)
  • With the modem (internet/coax) unplugged, go to status.
  • Click DHCP renew.
  • Plug in modem.
  • Wait 1 minute and press refresh. Your new IP address should be there.

Make a new Skype, educate yourself about the process of DHCP and MAC Address cloning, get a new IP.

tldr; avoid getting disconnected by 14year olds on foreign shells by changing your ip address through MAC address cloning and getting a new skype even though it's a fuckin hassle to re-add your friends, follow my fuckin stream

http://www.twitch.tv/hoodrychx

- hr


#3798563 PvP Gear upgrades for conquest points on PTR

Posted Kettu on 02 November 2012 - 07:02 PM

View PostWildeHilde, on 02 November 2012 - 02:35 PM, said:

Well last season everyone complained about inactive ladders, now everyone whines as there are incentives to play. This very community gave the clear feedback that we want reasons to continue playing and not sit on rating.
How exactly is this supposed to make the ladders more active? (rating inflation+gear change)

-This will just make the ladders even more inactive, as there won't be any point in trying to get high ratings before the last 2 weeks of season because of rating inflation.
-People tend to get their cap from RBGs / 2v2. Having to play those 2 more will lead to less time available for 3v3 -> less activity in 3v3.

The solution to making the ladders more active is to merge the battlegroups and fix the queue system. Simple as that. If there are not many teams playing, how is a change on the rating system supposed to increase activity?

People tend to play arenas for fun. Not because they want to get the best possible gear and then stop. If the change goes live, you'll get the best possible gear maybe 1-2weeks before the season ends. How dumb is that? How can you even defend this change? If someone decides to sit on high rating, it's his own choice. They've propably played well to get that high, they have the right to hang around on that rating if they want to. They have the choice of camping for a title or the choice of playing for fun. It's their decision. Who are you to judge what they are supposed to do? From what I've heard, you've only got experience from the spectator side of arena. Sure, as a spectator you might think that this change brings more competition and action into arena. But it simply doesn't.

And what comes to boosting. The same people who bought the 2.2k boosts will just end up buying 2.4k 2.7k 3k 3.3k 3.6k 3.9k boosts etc. You really think this change will stop people from buying boosts?

Changing the rating system midseason would be dumb. Changing the rating system without testing the new system properly beforehand is even more dumb. The rating system has been changed a few times before, and every single time there were plenty of bugs and problems.

TLDR: The change would:
-lower overall arena activity
-remove competition from arena apart from last 2 weeks of season
-increase gear differences between players (There should be no gear differences in pvp expect for visual differences)
-make it mandatory to play RBGs if you don't want to fall too far from others on gear
-make gearing more than 1 alt pretty much impossible for normal people
-fuck up arena statistics (inbefore lolwhocares) Skilled 3.9k exp'd warrior LF team!11! etc. (atm it's pretty easy to check if people are terrible or not just by glancing through their achis / statistics / gems / enchants / reforges
-Won't affect the boosting business much of at all
-Current rating system is shit, but the change would make it even more shit.
-You are an idiot.


#3210350 UA Dispell Hotfix to be deployed ("Ultra high priority")

Posted Starcookie on 28 April 2011 - 05:56 PM

Posted Image

UA Dispell is ignoring resilience and is due for a hotfix very soon.


<