BF2S Forums DDoS?

They cant DDoS you unless they know your IP. They arent smart enough to figure that out through a game. Even if they got your IP they would need to scan your router for open ports otherwise they wont be able to even send one packet.

Last edited by Dragonclaw (2008-01-18 16:14:32)

Th1nkG33k wrote:

Edit: ^What he said^

I'm no expert, but I think that's how it works. If you've got DHCP turned on, your router should get a new IP addy every X hours, meaning that the DDoS would stop. My router's set to retrieve a new IP address every 24 hours.

Lol, I have an epic DHCP forcer program that changes my IP when I open it and click one button.

Denial of Service is so lame.

Funny part is one person DDoSing wont do shit. A botnet on the other hand will fuck your internet up for hours.

TheEternalPessimist wrote:

If you have a decent working firewall, no sad fuck on any game is ever going to be able to touch you, just piss them off and dare them to do it, even better say your ip is 127.0.0.1 and see how long before they 'mysteriously disconnect'.

Anyone with half a brain knows that the 127.0.0.0 address/es is nothing more than a loop back address.  I doubt anyone is that stupid to use it.

lol at anyone who threatens a ddos.  unless they have command of a bot network with huge amounts of bandwidth, there is no possible way to launch a ddos from their own computer.  the whole idea of distributed denial of service is based on huge numbers of computers from several subnets clogging one particular system.  most traditional denial of service attacks are stopped by blocking the ip or subnet of the attacker.  the idea behind a ddos is that the number of computers involved across several hundreds or thousands of ip subnets makes it much more difficult to block.  and anyone who tried from their home system would quickly see their isp shutting them down.

edit: yeah basically what dragonclaw said in his last post

Last edited by steelie34 (2008-01-18 17:07:26)

Well, it'd be really hard for a single person with one node to do a distributed denial of service attack. You typically need two or more topologically separated nodes for it to be distributed. :p

Of course, you can't attack what you can't find, so if you can pull a new IP address from your provider and keep them from obtaining it, that's pretty much a complete end to any attack you may have going against you. If you can't change it, you're in trouble.

There are a good number of different methods to do denial of service. Big zombie networks typically use SYN flooding, which forces the server on the opposite end to initiate TCP connections until the connection limit is reached, preventing communication completely. The effectiveness of this attack is directly proportional to the number of machines that are participating in the attack, since connection attempt frequency makes it easier to discern between attacking nodes and legitimate connections as the connection attempts rise. This kind of attack is extremely effective if you have a big zombie network to do your bidding, but more or less completely useless if you have under a thousand machines, and the target has a decent firewall.

Another possibility is a brute force denial of service attack, which really just consists of sending as much data down your pipe as possible. Typically this is done either with junk payload packets, or ICMP packets forcing some sort of reply, preferably an ECHO REPLY packet with a payload of its own, to clog both directions. Both of these methods are almost exclusively done using spoofed sender addresses in the layer 3 header, and the latter is typically only effective in both directions if the target has no firewall.

The problem with these attacks is that they mimic perfectly legitimate traffic, meaning that you can't really prevent them from harming you. You will either have a clogged up server, or a clogged up outside connection, and both are problems that you cannot really do anything about at all.

In light of that, you should have your IP address changed if you're actually attacked.

TheEternalPessimist wrote:

You'd be amazed, believe me, retards are retards after all.

And it's 127.0.0.1 not 127.0.0.0

It's somewhat disturbing, but a long time ago, in a galaxy far away, some bright-minded researchers decided that the entire 127.0.0.0/8 network should be reserved for loopback purposes. That means that every address from 127.0.0.1 through 127.255.255.255 is a loopback address, so if you ever need to set up more than one loopback interface on your machine, remember, you have sixteen point five million addresses available for this purpose. :p

A DRDoS may be easier for them to do, but hey, its still unlikely!

Last edited by Titch2349 (2008-01-19 02:23:34)