The Safety Dance - Part 2Edit This Entity
In my last blog, I talked about internet security and how to keep your account secure. But in 2012, a threat that you may not expect is also around the corner. It may not necessarily compromise your account, but in most cases it is done to ensure a loss of items or used to gain an advantage in some other form.
I am referring to DDoSing, or more properly referred to as, DoSing. To the average person, these two terms may not mean anything.
The terms DDoS and DoS are often used interchangeably, which is because most people are unsure about the difference. "DoS" stands for Denial of Service, whilst DDoS stands for "Distributed Denial of Service". These are both forms of attacks that can take place against servers or players. It can cause servers to crash and players to disconnect.
How does this happen?
When a computer communicates with a server, the server communicates back. If this is done at a very high rate, it can cause the server to slow down or even crash. This is because these attacks flood the network's available bandwidth, not allowing traffic to happen from both directions; inbound and outbound. So where does the difference come into play? Simply the amount of people who are involved. A DoS is when a single person is performing the attack, while a DDoS is when multiple people or computers are involved. However, one person can still perform a DDoS attack. That is through the use of a botnet. The only information that a person needs to initiate an attack is an IP or website address.
What is a botnet?
A botnet is a group of "ghost" computers that have been infected through some means of virus software or spyware that, usually unknown to the user of the computer, can allow the computer to be a part of an attack. These "ghost" computers are controlled by a remote computer by the perpetrator. This is why DDoS attacks are virtually untraceable; sorting through all of this is very difficult and even though it is illegal, trying to chase those who did it can often be futile.
Who is effected?
If you are a member of the PK community or the clanning community, you'll be aware of this and would likely acknowledge that it is a regular problem. Even if you are not a member of this community and you wish to participate in one of these activities, you can become a victim just as easily. One example of this is staking. If, for example, you were staking quite a large amount, and the opponent deliberately caused you to disconnect, you would end up losing the duel. That is, unless you manage to reconnect before you die. In the clan world, often if you're a fall in leader or if you're in the clan wars arena, a DoS attack can be very attractive to an opposing clan.
How can this be done?
The first step in prevention is acknowledging how perpetrators end up doing it in the first place. As stated previously, all that is needed to initiate an attack is an IP address or a website address. If you are a player, then your IP address is what you need to worry about.
Keeping your IP address private
There are common misconceptions about how IPs end up being leaked. Often, they point fingers at website administrators of fansites such as Zybez. Unfortunately, it's not that simple. There are a wide variety of ways in which your IP can be leaked. Here are a list of the most common ways your IP can be given to someone else:
- If you register or post on a clan forum, your IP will be available for their leadership to see.
- Visiting a voice server such as one for Teamspeak or Ventrilo. ,li>Visiting a private IRC server; public IRC staff are responsible with this type of information and will never divulge this information.
- Loading a 'scraper' image - a script can be attached to an image loaded on a server to list the IPs that viewed the image. This is the most popular way someone can get your IP address and that's why the Zybez community forums have instituted an image whitelist.
- Database dumps from websites being compromised.
Dynamic vs Static
When referring to IP addresses, often they will be grouped into two types: dynamic and static. Dynamic IP addresses can be changed by simply turning off and on your modem. Static IP addresses remain even after doing so, and as a result, this is very dangerous if this kind of IP is in the possession of those who would use it for their own purposes. If you have been a victim of a DoS attack in the past, I'd recommend contacting your ISP to change to a dynamic address, otherwise you can just be a victim over and over again.
If you are currently being DoSed...
If you have a dynamic IP address, you can change it by resetting your modem. The simple procedure is outlined below:
- Remove the power cable or turn off your modem
- Wait 30 seconds
- Replace the power cable or turn it back on
What if my TS/Vent server is attacked?
The best way to deal with this is to use another server for the time being while contacting your hosting company. They are trained to deal with these kind of attacks and will go through solving this problem for you.
Often clans will use public teamspeak servers as a backup just in case of an attack. With the ability to have multiple tabs in Teamspeak, this has made it even easier. Simply by "connecting in a new tab" through bookmarks or a new server window, you can connect to multiple servers at once.
Connections -> Connect
Bookmarks -> Right-Click -> Connect In New Tab
If you've noticed, there is a trend between my last two blogs. No, I'm not referring to the general theme of security, but more so the fact that many of the methods stated include prevention. Prevention is your biggest tool. Use it wisely.
Internet security is something that is important, similar to securing your home or banking information. Even though they may not seem comparable, they can be equally damaging to you should something happen to you online. After all, many people do not enjoy losing a large sum of coins in RuneScape and by doing so, it takes a long time to make it back. Time that many do not have nowadays.