Microsoft Responds to DoS Attacks
This scenario seems to be happening more and more recently; so much, in fact, that Microsoft has felt the need to comment on the occurrence. What is happening, you ask? Players seem to be implementing what is referred to as a Denial of Service attack against their rivals very Internet connection. For those of you unaware of this, a quick lesson:
If you are connected to the Internet, you have what is called an IP address, normally given to you from your ISP. These four numbers, separated by decimal points, act almost like a real life address: They identify you on the Internet, allow you connectivity, so on and so forth. A Denial of Service attack, or DoS, occurs when someone of malicious intent gains your specific IP address, which is not all that hard to do these days, and floods that address with data with requests. These requests must be answered by your hardware, whether you use a simple cable modem, a router, firewall or whatever else some of you geeks may have. It is usually done through a couple of thousand hijacked computers; so one address getting flooded with hundreds of requests from thousands of different computers cannot possibly respond to them all, and effectively shuts down. This eats your bandwidth, kills download and upload speeds, and drops your Internet connection.
This seems to be the new way to get back at your opponent: Set off a DoS attack against their Internet connection that will drop them off of Live, along with whatever other Internet-based services they were using. Now, doing this may be a bit much for your average Xbox Live a$$hole. Well, they don't need to do anything, as the BBC News recently reported that hackers are actually selling a type of "DoS on Demand" service to Live players that determined to screw with the opposition. What this means is that for a one time fee as low as twenty dollars, anyone can attack any player with a very effective, hard to trace hack.
A statement, made by a Microsoft representative last Friday, said that "In our continued effort to help provide a safer and more secure experience for our community of more than 17 million members, we are investigating reports involving the use of malicious software tools that an attacker could use to try and disrupt an Xbox Live player's Internet connection.
"This problem is not related to the Xbox Live Service, but to the player's Internet connection. The attacker could also attempt to disrupt other Internet activities such as streaming video or web browsing using the same tools."
While this is true; DoS is not a flaw in Live, but a crafty hack that cripples the victims very Internet connection, I just find it funny that Microsoft is very adamant in pointing out that it has nothing to do with them. The quickest solution to avoiding reoccuring attacks? Refresh your IP address straight from your ISP. However, a really determined attacker can always try it again once they obtain your new address. Microsoft has said that in cases of reoccurring DoS attacks, customers should call their ISP to report the incident. While the ISP will not be able to trace the attack, they may be able to provide your connection with a little more security.
Microsoft did not state how these attacks are occurring, but have said that they are "looking into the matter" and "banning any malicious offenders from Xbox Live." Is this really what it has come to? Is the need to win so great, that players need to pay for a hacking service in order to piss off their opponents? While the Live service has come a long way from its inception back in 2004, we must remember that it is relatively new. And while it is constantly evolving, so to are the attacks that can be used against it. As there is a bigger and bigger push to make everything virtual; to do everything online and have that as your sole lifeline, there will be bigger, more devastating attacks against it.