Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

DDoS: Denial of Service Attacks


  • Please log in to reply
11 replies to this topic

#1 shellfish!

shellfish!

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:10:55 AM

Posted 15 June 2014 - 10:53 PM

I have seen people complaining in chat rooms about having their internet frozen out or crashed from DDoS attacks.  I was told they can get your ip address from skype?  Do you have any suggestions for protecting myself and others from such an attack?  Thank you so much.



BC AdBot (Login to Remove)

 


#2 Crazy Cat

Crazy Cat

  • Members
  • 808 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lunatic Asylum
  • Local time:03:55 AM

Posted 16 June 2014 - 02:06 AM

I have seen people complaining in chat rooms about having their internet frozen out or crashed from DDoS attacks.  I was told they can get your ip address from skype?  Do you have any suggestions for protecting myself and others from such an attack?  Thank you so much.

Surfing the Internet in general, and your IP can be identified - not just Skype. Click on this link http://www.ip-adress.com and it will show your Wide Area Network (WAN) IP. LAN stands for Local Area Network and WAN stands for Wide Area Network.

Your PC==(LAN)==[Home Router/ISP]==(Internet WWW)=={www.ip-adress.com}

LAN address is your home network. Eg. 192.x.x.x or 10.x.x.x
WAN address is your broadband ISP connection, and is called the router's WAN IP address.

To hide your WAN IP, you need an Anonymous proxy or VPN.

Your PC==(LAN)==[Home Router/ISP]==(Anonymous Proxy or VPN)==(Internet WWW)=={www.ip-adress.com}

Edited by Crazy Cat, 16 June 2014 - 02:11 AM.

 

Two things are infinite: the universe and human stupidity; and I'm not sure about the universe. ― Albert Einstein ― Insanity is doing the same thing, over and over again, but expecting different results.

 

InternetDefenseLeague-footer-badge.png


#3 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,263 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:01:55 AM

Posted 16 June 2014 - 04:37 AM

I have seen people complaining in chat rooms about having their internet frozen out or crashed from DDoS attacks.

I have never used Skype.  So I will not comment on that.
 
As somebody who "knew" quite a bit about this stuff.
 
PalTalk And Yahoo.
Not only that, They can also take over your PC.  
 
Yahoo chat is dead exept for the Japan rooms, Stay away from those. The exploits and other stuff is just not worth it.
Read post 19 by JohnnyJammer, He knows what he is talking about.
http://www.bleepingcomputer.com/forums/t/530092/linux-anti-virus/page-2
 
 
Paltalk.
When you go into a premium room the admin's of that room can see your IP, There are also "tools" that allow you do do stuff that you shouldnt. , Pop a script into pm send to victim, Victims Paltalk messenger freezes up, Or their PC freezes And you can oly Exit by having to hit the Re Set button on your PC,  Good for the PC and OS.  Victim has no idea who sent it.
 
Even using Paltalk messenger downloaded from official site you run the risk of ASK toolbar and Conduit.
 
Facebook.
I hear there is an exploit that allows you to find an ip.
 
The use of 3rd party chat clients in Paltalk and Yahoo.
Do not trust these most are poorly coded in VB.Net or C by wanna be script kiddies. Those who know Yahoo may remember White Chat etc.
Paltalk 3rd party chat clients are just as bad. Some of these 3rd party client guys make these clients just to steal you nice new $100 id so they can re sell it.
And if Paltalk detects you are using 1( 3rd party or portable client) say goodbye to that ID and they may even ip block you, Including that 100 US dollar per year purple id you just paid for.
 
 
 

Do you have any suggestions for protecting myself and others from such an attack?

 
There is nothing you can do but stay away from chat, Remember this you may think your PC is secure and it might be at that unless you are in chat. How do you stop an exploit in the Yahoo, PalTalk or Facebook servers? How do you stop an exploit in PalTalk messenger or Yahoo messenger. You don't simple as that.


Edited by NickAu1, 16 June 2014 - 06:21 AM.

Arch Linux .
 
 Come join the fun, chat to Bleeping computer members and staff in real time on Discord.
 
The BleepingComputer Official Discord Chat Server!


#4 Kilroy

Kilroy

  • BC Advisor
  • 3,391 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:10:55 AM

Posted 16 June 2014 - 08:18 AM

There is no way to completely hide or spoof your IP address as the IP address is required to get your requested traffic back to you.  Getting your public IP address is a trivial matter.

 

Treating everyone with respect, even though they don't know who you are, is also a good idea.  Don't be a jerk and give them reasons to want to take revenge.

 

You can use a VPN service.  I have proXPN.  Using a VPN will mask your IP address because you will seem to be coming from the exit on the VPN service.  You can learn more about VPNs from Security Now! - Episode 400 - VPN Solutions.  A VPN solution won't help you if your current IP address is constantly under attack as the VPN traffic will be coming to that address.



#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,490 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:55 AM

Posted 16 June 2014 - 07:04 PM

DOS (Denial-of-Service) / DDOS (Distributed Denial-of-Service) Attack attempt to exhaust the victim's resources and are generally attempted against large enterprise networks and dedicated servers. They typically target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and root nameservers. These types of attackes involve saturating the target machine with so many external communications requests that it cannot respond to legitimate traffic, or responds so slowly that it is essentially rendered useless.

When an attempt originates from a single host of the network, it constitutes a DOS attack. When the attempt originates from multiple malicious hosts in an effort to coordinate to flood the victim with an abundance of attack packets, so that the attack takes place simultaneously from multiple points, it is a DDOS attack.

Methods of such attackes include:For more information and resources, please refer to:
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 connor12568

connor12568

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:11:55 AM

Posted 01 October 2014 - 03:32 PM

Sorry to bring this post back to life, but I do have a question, is there any programs that you can download, that will alert you if you're getting ddos'd/dos'd?


Edited by connor12568, 01 October 2014 - 03:33 PM.


#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,490 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:55 AM

Posted 01 October 2014 - 03:57 PM

Prevention Resources for DoS/DDoS Attacks:Again these types of attacks are generally attempted against large enterprise networks and dedicated servers. Home users are rarely subject to DoS/DDoS and most of the above information is not going to to be applicable.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:55 PM

Posted 03 October 2014 - 05:44 AM

Sorry to bring this post back to life, but I do have a question, is there any programs that you can download, that will alert you if you're getting ddos'd/dos'd?

 

Are you asking for your workstation or your server?


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#9 connor12568

connor12568

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:11:55 AM

Posted 03 October 2014 - 05:48 AM

My workstation.

#10 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:55 PM

Posted 03 October 2014 - 01:39 PM

And how is your workstation connected to the Internet?


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#11 connor12568

connor12568

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:11:55 AM

Posted 04 October 2014 - 11:38 AM

And how is your workstation connected to the Internet?

Router, I have a wireless connection.



#12 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:55 PM

Posted 04 October 2014 - 01:20 PM

OK, then (D)DOS attacks done against you are actually targeting your router (more precisely, the network interface with the public IP address).

So to detect these, you should be looking at your router. If this router is provided by your ISP, check with them what protection they offer.

 

The DDOS protection advise posted here (like the one from quietman7) is more geared towards servers, and not clients like yourself.

 

But unless you experienced DDOS attacks against your system, I would not worry too much about them.

DDOSing servers is much more profitable and much better PR than DDOSing clients.

 

The only case I know when criminals performed (D)DOS attacks against clients, is when they were stealing money from their bank accounts and wanted to prevent their victims from connecting to their online banking accounts and finding out. These (D)DOS attacks were also done against their phones: constantly calling and sending SMS, so that the victim could not use their phone will the crime was ongoing.


Edited by Didier Stevens, 04 October 2014 - 01:20 PM.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users