Protecting Gamers: Answering Your Questions About Stopping DoS and DDoS Attacks

Have you ever experienced a suspiciously well-timed connection drop while playing an online game? Maybe you were just about to round out that royal flush or take down the mid-lane tier 2 tower, when suddenly your ping spiked and it was game over. If that sounds familiar, there’s a good chance that the game that you’re playing was the target of a denial of service (DoS) attack.

If you’re a fan of Xbox, PlayStation or any popular PC game, you’ve probably heard of DDoS attacks on the gaming networks. The denial of service arms race is currently raging across the globe, and the weapons of would-be attackers are strong, widespread and simple to use. As a consequence, it’s now easier than ever to launch a DDoS attack against individual users, and gamers are paying the price.

Thankfully, you don’t need to hire Microsoft’s network security team to defend yourself.

We’ll answer some pressing questions about DDoS attacks on gamers and offer some tried and tested steps you can take to protect your network and stay safe as you enter the digital battlefield.

• How Do DoS and DDoS Attacks Work?
• Can I be DDoSed?
• How Do I know if I’m Being Attacked?
• What Should I Do if I’m DoSed?
• What Other Basic Steps Can Keep Me Safe?
• What Are Advanced Solutions for Stopping a DDoS Attack?
• Stay Secure and Game On

(Watch this webinar hosted by AWS and Imperva to learn how Imperva helped this leading web company automate its DDoS and other application security.)

How Do DoS and DDoS Attacks Work?

In a denial of service (DoS) attack, unwanted traffic is sent to a target IP address to overwhelm it with data, either to take the network entirely offline, or simply slow it down. Since one network connection is unlikely to be able to send enough data to properly flood its target alone, attackers use distributed denial of service (DDoS) attacks instead to bring down the site. Gamers encounter denial of service attacks typically.

In a DDoS attack, multiple computers are used to flood the target IP address, ensuring that enough data is sent to overwhelm its network. This is typically done by using a botnet, or a group of computers that have been infected by a virus allowing attackers to initiate network traffic from that device, often without the owner’s knowledge or awareness. When gaming servers are victims of DDoS attacks, the game is unavailable to gamers.

Botnets are so common that attackers can literally rent one to carry out a successful attack without any specialized knowledge or technical ability.

Can I be DDoSed?

Anybody can be the target of a DDoS attack, but only if the attacker knows your IP address. Fortunately, your IP should be hidden automatically if you only play online through official servers and platforms like the Xbox or Steam networks. However, if you’re a PC gamer who plays games that support private third-party servers (like Minecraft or Team Fortress 2), your IP may be visible to server administrators or to the public when you’re connected.

Third-party voice chat programs are the most notorious weak points for attackers searching for your IP address. Skype, which was consistently identified as having very poor IP security, recently added the ability to hide your IP address.

Whichever voice program you use, follow basic security practices, keep your program updated with the latest patches and adjust your settings to ensure that you only receive calls and requests from players on your friends list. Your user profile and identifying information should also be kept private. Procedures for adjusting the relevant settings are different for every program — and change frequently — so you’ll need to consult help files or the program’s support site for the most up-to-date information.

How Do I Know if I’m Being Attacked?

Often, sudden outage and unexplained disconnect is the only sign you’ll have that you’re experiencing a DoS attack. To confirm that it’s an attack, you first need to rule out normal network errors that might be impacting your internet connection.

1. Start by unplugging your modem and/or router, both at the power source and the network cable.
2. Turn off your computer (or console, if the modem is connected to it directly).
3. Leave everything off for five minutes, then plug everything back in and turn the equipment on.

If your internet connectivity isn’t restored, you’ll need to call your ISP for technical support. Many ISPs have automated messages alerting callers to service problems in their area, but if you don’t have that option, or don’t have a service alert, ask to speak directly to a support technician. They can walk you through troubleshooting steps for your network, and in many cases can find out directly whether suspicious traffic is being sent to your IP that might be a DoS or even DDoS attack.

What Should I Do if I’m DoSed?

Obtaining a new IP address is usually an effective way to stop an ongoing attack, since attackers often configure their botnet to operate automatically for as long as the target IP remains active.

Use a site like whatismyip.com to verify that your IP address has been successfully reset before and after taking any of the following steps:

Reset Your IP Address

Resetting your IP address every few days is a good habit to develop if you’ve been the target of multiple DDoS attacks, or if you’re a streamer or highly visible gamer. While doing so won’t prevent an attacker from searching for your new IP address, it can delay the process of finding it.

1. Unplug

The easiest way to reset your IP address is to unplug your modem and/or router. Depending on your ISP’s procedures, you may need to leave the devices unplugged for anywhere between 10 minutes and 12 hours, at which point your existing IP address should expire. You’ll be assigned a new one when your hardware reconnects.

2. Using your router console

To reset your IP address when your computer is connected directly to an ISP router, navigate to your router’s Admin Console, usually by typing “http://192.168.1.1” into your web browser’s address bar. Consult your router’s manual to find out how to access Admin functions if that doesn’t work.

Consult the Admin Console’s help files or your ISP’s support site to find out how to release your IP. In most cases, the appropriate settings can be found under a “Network Settings” or “Network Identification” section. Note that some ISPs won’t allow you to reset your IP this way.

If unplugging and using the Admin Console doesn’t work, you can try the next steps to reset your IP address if your network is connected through a Windows PC or Apple computer.

3. To reset your IP address on a Windows PC:
4. Open the Start Menu, then open a Command Prompt by typing “cmd” into the search/run bar.
5. In the Command Prompt window, type “ipconfig /release” and hit enter. Then, type “ipconfig /renew” and hit enter.
6. To reset your IP address on an Apple computer:
7. Open the Apple Menu, then select System Preferences, then click Network.
8. Select your network in the listed DHCP services.
9. Click Advanced, select TCP/IP, then click “Renew DHCP Lease.”
10. It may be necessary to restart your computer and modem or router to complete the process.

Request a New IP Address

If you’re not able to reset your IP address on your own, you may contact your ISP directly to request a new address.

If you’re a frequent target of DDoS attacks, you can ask for a “dynamic IP,” which changes your IP address on a regular schedule. However, many ISPs don’t allow consumer-level users to hold a dynamic IP and it often is not effective against a determined attacker. Additionally, a dynamic IP may lead to technical difficulties with your chosen streaming site if you’re a regular game streamer.

Note: Depending on your set up, ISP and home network, you may need to check with your service provider to find out what specific steps you need to take.

What Other Basic Steps Can Keep Me Safe?

While an antivirus program and software firewall won’t stop determined attackers, they’re still a good first-line defense to stop casual IP detection. They can also prevent you from being caught up in a larger DDoS attack directed at game servers you’re connected to.

Additionally, a robust firewall and antivirus are the best ways to make sure your own devices don’t become infected by a Trojan virus and turn into members of a botnet themselves. Make sure you have a firewall and antivirus installed on all computers connected to your network, and be sure to configure your security software to automatically download important updates.

What Are Advanced Solutions for Stopping a DoS Attack?

If you’ve reset your IP and taken care of the network basics, but are still experiencing DDoS attacks, here are some more advanced solutions to look at.

Use a Virtual Private Network

A Virtual Private Network (VPN) effectively hides your IP address behind a virtual wall. In a VPN, all of your internet traffic is first routed to the provider’s network before passing to the open internet. For would-be attackers and their IP-detection tools, your IP is the VPN’s IP. DDoS traffic will hit your VPN’s servers first, where it is screened out before reaching your home network.

The downside of a VPN is that its ability to safeguard your IP is dependent on the provider’s procedures, and the addition of a new “hop” in your network path can lead to latency and higher ping times in-game. To avoid those issues, look for a VPN provider with experience providing low-latency connections to gamers and that can guarantee your IP will stay secure.

Upgrade Your Home Network

If your network hardware is provided by your ISP, it should be up to date and secure. However, if you bought your own third-party modem or router, or if you’ve had the same hardware from your ISP for more than four years, it’s time to upgrade.

Some routers and hardware firewalls are available with built-in safeguards against DDoS attacks and other network intrusions. They can automatically block heavy bursts of network traffic, especially if it comes from many sources, which could indicate a DDoS botnet in action. Another feature is a “blacklist” that blocks incoming connections from known botnet IP addresses.

Advanced network security can sometimes impact your internet usage and game playing, so consider hardware upgrades to be a last resort, unless yours is significantly out of date.

Stay Secure and Game On

The bot wars may be raging across the internet, but your home network can avoid becoming a casualty with the safeguards mentioned above. By regularly updating your security software, taking steps to secure your IP address, and using a VPN, you can ensure that your gaming time continues without interruption.

As a part of the gaming community you understand the importance of an uninterrupted gaming experience. Let your game provider know if you are having trouble and request them to provide a better and more secure gaming environment.

We’ll be covering how gaming companies can protect themselves against attacks. If you work for a gaming company, find out more about infrastructure protection and how it can keep your players safe on the digital battlefield.

If you work for an ISP, you can read more about using GRE tunneling to provide fast, secure VPN services.