Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


Marksman33

8 posts

Wannabe Geek


#199225 9-Aug-2016 11:36
Send private message

Hi all, need some advice. After many years of very slack internet connection, I started looking around for an alternative, turns out I didn't  have many options as I live rurally. The option I went for was Uber based in Whangarei, it has been great to have decent speeds after all these years but a couple of weeks ago, went to get on my laptop and could only access Youtube and Trademe.

 

After ringing Uber it appeared that my youngest had been playing Black- ops online with his mates and they had a run in with someone else and they had DDossed us so Uber had pulled the pin on us. They reset us and we were away again, unfortunately it has happened again on Sunday just past, my son swears there hadn't been any trouble that he was aware of, when I rang Uber to get them to reset us again the guy told me that if this keeps happening they will cut us off ( not sure how that is in a legal sense ) he mentioned  a 3 strikes ultimatum.

 

I asked what we can do to prevent it happening again, his suggestions were, don't play online, take headphone off my son. This makes me sad as my youngest has some physical special needs and he never asks for much in life so I was hoping some of you good people could give me some advice or thoughts on what we can do. Thank you in advance, Mark.


View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2

xpd

xpd
Geek @ Coastguard NZ
13765 posts

Uber Geek

Retired Mod
ID Verified
Trusted
Lifetime subscriber

  #1606880 9-Aug-2016 11:48
Send private message

Unfortunately there probably isn't much you can do - it just comes down to what the other players interpret as a reason for attacking your connection - could be actual verbal abuse via chat, or could just be the fact your son is a better player than the other guy.

 

I get booted off CS:GO servers all the time, just because I have a rare moment of playing well and some players (on my own team!) dont appreciate it and vote me off.

 

 





       Gavin / xpd / FastRaccoon / Geek of Coastguard New Zealand

 

                      LinkTree

 

 

 




tripp
3848 posts

Uber Geek

Trusted
Lifetime subscriber

  #1606884 9-Aug-2016 11:52
Send private message

Well easy way is to stop child playing black ops online for a few weeks to see if the issue happens again. otherwise VPN your traffic and let him play :P


ubergeeknz
3344 posts

Uber Geek

Trusted
Vocus

  #1606889 9-Aug-2016 11:57
Send private message

A VPN service is probably the best way, in order to hide your IP.




Talkiet
4792 posts

Uber Geek

Trusted

  #1606891 9-Aug-2016 12:00
Send private message

Supervise your son while playing? You wouldn't believe what the most angelic respectable kids say in the heat of the CS:Go moment.

 

Cheers - N





Please note all comments are from my own brain and don't necessarily represent the position or opinions of my employer, previous employers, colleagues, friends or pets.


surfisup1000
5288 posts

Uber Geek


  #1606930 9-Aug-2016 12:48
Send private message

Marksman33:

 

Hi all, need some advice. After many years of very slack internet connection, I started looking around for an alternative, turns out I didn't  have many options as I live rurally. The option I went for was Uber based in Whangarei, it has been great to have decent speeds after all these years but a couple of weeks ago, went to get on my laptop and could only access Youtube and Trademe. After ringing Uber it appeared that my youngest had been playing Black- ops online with his mates and they had a run in with someone else and they had DDossed us so Uber had pulled the pin on us. They reset us and we were away again, unfortunately it has happened again on Sunday just past, my son swears there hadn't been any trouble that he was aware of, when I rang Uber to get them to reset us again the guy told me that if this keeps happening they will cut us off ( not sure how that is in a legal sense ) he mentioned  a 3 strikes ultimatum. I asked what we can do to prevent it happening again, his suggestions were, don't play online, take headphone off my son. This makes me sad as my youngest has some physical special needs and he never asks for much in life so I was hoping some of you good people could give me some advice or thoughts on what we can do. Thank you in advance, Mark.

 

 

 

 

The ISP's suck in this respect (me not being an expert on this though).

 

I was getting DDOSSED with snap -- and they made very agressive phone calls threatening service disconnection etc. 

 

Happened a few times a couple of years ago, then, once in feb and maybe april last year.... then they just stopped.   No reason. . . I thought it was minecraft but the kids say they play nicely and I don't see how an attacker can get my ip address through using our minecraft user name. 

 

Anyway, one day they just stopped. No idea why. 

 

Snap were awful and of no help. 

 

Surely their management systems should just issue a new ip to any attack target automatically. Is it that hard?

 

 

 

 

 

 

 

 


michaelmurfy
meow
13240 posts

Uber Geek

Moderator
ID Verified
Trusted
Lifetime subscriber

  #1606969 9-Aug-2016 13:33
Send private message

@surfisup1000 incorrect. Also, Snap! were great.

 

Basically it comes down to this. Lets say if you really pissed somebody off and they sent you a DDOS and you're on a 20Mbit ADSL connection. Now, the attacker doesn't know that so he floods you with 2Gbit. Since you're on a 20Mbit connection yes, your connection goes down but what about the other (excess) BW? Well, it gets dropped at the ISP's end.

 

So during this time they're dealing with 2Gbit of traffic they really shouldn't be dealing with - the easiest way to deal with it is to null-route the traffic and block the IP it was getting sent to.

 

I've likely pissed off some people online (unintentionally) and it is easy to figure out my home IP (always had services hosted from it) but have never got a DDOS. If you want to prevent them then go to a VPN provider.

 

@darylblake can likely comment further since he is in the ISP scene.





Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.


Marksman33

8 posts

Wannabe Geek


  #1607105 9-Aug-2016 16:36
Send private message

Ok, thanks everyone. Could you give me some recommendations for whatever VPNs you guys use. Thanks again. Mark.


 
 
 

Cloud spending continues to surge globally, but most organisations haven’t made the changes necessary to maximise the value and cost-efficiency benefits of their cloud investments. Download the whitepaper From Overspend to Advantage now.
hio77
12999 posts

Uber Geek

ID Verified
Trusted
Lizard Networks

  #1607117 9-Aug-2016 16:52
Send private message

its rather unfortunate that the world of gaming is so interlinked with ddos attacks now days.

 

 

 

One thing i personally have noted from my own experience, tends to be a larger problem on consoles and the P2P based games. Consoles seem to be around the community you tend to get on there, while P2P based games, well... thats easy to find an IP.

 

All it takes is for someone to google ddos service or anything along those lines to have whoever they do not want cleared out..

 

 

 

I've personally ran a few communities, i do recall one in particular where i laughed off a well known members threats to ddos the service in spite.

 

End of the day, said person was reported through the correct authorities, our hosting company moved us to a datacenter with better mitigation services and after a month it forgotten about.

 

 

 

Best advice i can give is, Try to encourage your kids not to bait/taunt those who they are playing with. - we are only human, being competitive can be rather grey in what is acceptable in the heat of the moment.

 

In the event an attack does happen, be proactive with your provider rather than hoping it will just 'go away' or rebooting your modem for a new dynamic ip.

 

Last of all, and somewhat of a dim approach is, be careful with the selection of games. be aware of the methods used to obtain your IP (Steam calls, reverse IP resolving through skype are often popular options) when a P2P gameserver is not at play and official servers will save you from a scriptkiddie overlord who decides your 'too good'

 

 

 

unlike other advice here, i would say VPN is not the correct solution, Your simply handing off the issue to another service provider to deal with.





#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

 

 


Sam91
620 posts

Ultimate Geek


  #1607127 9-Aug-2016 17:03
Send private message

I don't know how old your son is, but just remember the game is R16. Make sure you monitor and restrict how much he is playing. Trust me, it's very easy as a teenager to get sucked into the COD world and become very addicted.


xpd

xpd
Geek @ Coastguard NZ
13765 posts

Uber Geek

Retired Mod
ID Verified
Trusted
Lifetime subscriber

  #1607391 10-Aug-2016 08:53
Send private message

Marksman33:

 

Ok, thanks everyone. Could you give me some recommendations for whatever VPNs you guys use. Thanks again. Mark.

 

 

VPN may not be the solution you're after, especially for games like COD - lower the ping, the better - adding a VPN into the mix will add to the ping. By how much, I don't know, some maybe better than others.

 

COD players are well known for being verbally aggressive in game, the few times Ive played COD online I've been abused for being a lousy player altho it was obvious I was a new player (no XP/levels). Put me off it, stuck with the light abuse/banter from CS players instead ;) (Who actually have a sense of humor)

 

 

 

 





       Gavin / xpd / FastRaccoon / Geek of Coastguard New Zealand

 

                      LinkTree

 

 

 


surfisup1000
5288 posts

Uber Geek


  #1607450 10-Aug-2016 10:30
Send private message

michaelmurfy:

 

@surfisup1000 incorrect. Also, Snap! were great.

 

Basically it comes down to this. Lets say if you really pissed somebody off and they sent you a DDOS and you're on a 20Mbit ADSL connection. Now, the attacker doesn't know that so he floods you with 2Gbit. Since you're on a 20Mbit connection yes, your connection goes down but what about the other (excess) BW? Well, it gets dropped at the ISP's end.

 

So during this time they're dealing with 2Gbit of traffic they really shouldn't be dealing with - the easiest way to deal with it is to null-route the traffic and block the IP it was getting sent to.

 

 

I'm not sure which bit I said is incorrect? Certainly snap were quite aggressive on this, and no help at all. 

 

So, why can't ISP's detect DDOS attacks, 'null-route' the traffic, and change the ip address of the target (which is an effective block right)? This can be done without human intervention. 

 

And, with me, it was not like you were saying.  I was being targeted by a robot army which nearly caused snaps whole network to crash. 

 

And, I still have no idea why. . . 

 

Using a VPN is impractical ... given we have about 7 windows machines plus a variety of iOS devices. 

 

And, given it was impossible to determine the cause what do you do? The attacks would still occur after I blocked the kids from online games. 

 

 

 

 


noroad
949 posts

Ultimate Geek

Trusted

  #1607453 10-Aug-2016 10:35
Send private message

This is quite an issue, and one Ive had to deal with for years and there is no easy answers. As someone that has built and run an ISP using CGNAT the "easy" option of rewarding the attacker and black-holing my own customers IP was not an option (the IP pool gets DDOSed, not the customer IP) so we had to develop a better alternative. That better alternative is upstream scrubbing, and it actually allowed me to get some sleep and no longer penalized my customers for someone else's illegal behavior. Upstream scrubbing redirects the IP being attacked through a scrubbing service overseas, so this means the latency increases but good packets still flow. It may or may not be an option for you where you live, but asking your potential ISP's to explain their DDOS policies, and picking one that has scrubbing might be useful.

 

 

 

Note, scrubbing is not always successful, I recently had a VM in LAX knocked out for 1/2 a day as the provider was being attacked by a group trying to extort them. 300Gb/s DDOS, and they attacked every POP and IP the company owned.


surfisup1000
5288 posts

Uber Geek


  #1607486 10-Aug-2016 10:52
Send private message

noroad:

 

This is quite an issue, and one Ive had to deal with for years and there is no easy answers. As someone that has built and run an ISP using CGNAT the "easy" option of rewarding the attacker and black-holing my own customers IP was not an option (the IP pool gets DDOSed, not the customer IP) so we had to develop a better alternative. That better alternative is upstream scrubbing, and it actually allowed me to get some sleep and no longer penalized my customers for someone else's illegal behavior. Upstream scrubbing redirects the IP being attacked through a scrubbing service overseas, so this means the latency increases but good packets still flow. It may or may not be an option for you where you live, but asking your potential ISP's to explain their DDOS policies, and picking one that has scrubbing might be useful.

 

 

 

Note, scrubbing is not always successful, I recently had a VM in LAX knocked out for 1/2 a day as the provider was being attacked by a group trying to extort them. 300Gb/s DDOS, and they attacked every POP and IP the company owned.

 

 

So, you're saying the entire ISP IP address range gets attacked, not just the single IP? 

 

Then how do you identify the original target IP?

 

This must happen all the time to our bigger ISP's such as spark. I wonder how they deal with it. 

 

 

 

Anyway, thankfully I seem to have escaped from being a target now.  I did reinstall the OS on all of our windows machines, and no attacks since then.   I was wondering if one of my machines was sending out spam and someone didn't like it.   Wild guess though, it could have been anything. 


noroad
949 posts

Ultimate Geek

Trusted

  #1607502 10-Aug-2016 11:10
Send private message

surfisup1000:

 

 

 

So, you're saying the entire ISP IP address range gets attacked, not just the single IP? 

 

Then how do you identify the original target IP?

 

This must happen all the time to our bigger ISP's such as spark. I wonder how they deal with it. 

 

 

 

Anyway, thankfully I seem to have escaped from being a target now.  I did reinstall the OS on all of our windows machines, and no attacks since then.   I was wondering if one of my machines was sending out spam and someone didn't like it.   Wild guess though, it could have been anything. 

 

 

 

 

That's the thing, a seemingly random IP in the pool will get attacked, so the ISP has no way to determine who the target was. So, the old black-hole the target (which was always a really bad way to deal with the issue, it rewards the attacker) is not an option unless you remove the target from the pool before black-holing. Scrubbing is a much better solution.


michaelmurfy
meow
13240 posts

Uber Geek

Moderator
ID Verified
Trusted
Lifetime subscriber

  #1608518 10-Aug-2016 12:48
Send private message

@surfisup1000 my servers have been through DDOS attacks - not quite as simple as forcing an IP refresh in the server (or static IP world). Also the ISP still wears the DDOS until it is successfully mitigated (depending on how complex the DDOS is, can be a while).




Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.


 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic





News and reviews »

Air New Zealand Starts AI adoption with OpenAI
Posted 24-Jul-2025 16:00


eero Pro 7 Review
Posted 23-Jul-2025 12:07


BeeStation Plus Review
Posted 21-Jul-2025 14:21


eero Unveils New Wi-Fi 7 Products in New Zealand
Posted 21-Jul-2025 00:01


WiZ Introduces HDMI Sync Box and other Light Devices
Posted 20-Jul-2025 17:32


RedShield Enhances DDoS and Bot Attack Protection
Posted 20-Jul-2025 17:26


Seagate Ships 30TB Drives
Posted 17-Jul-2025 11:24


Oclean AirPump A10 Water Flosser Review
Posted 13-Jul-2025 11:05


Samsung Galaxy Z Fold7: Raising the Bar for Smartphones
Posted 10-Jul-2025 02:01


Samsung Galaxy Z Flip7 Brings New Edge-To-Edge FlexWindow
Posted 10-Jul-2025 02:01


Epson Launches New AM-C550Z WorkForce Enterprise printer
Posted 9-Jul-2025 18:22


Samsung Releases Smart Monitor M9
Posted 9-Jul-2025 17:46


Nearly Half of Older Kiwis Still Write their Passwords on Paper
Posted 9-Jul-2025 08:42


D-Link 4G+ Cat6 Wi-Fi 6 DWR-933M Mobile Hotspot Review
Posted 1-Jul-2025 11:34


Oppo A5 Series Launches With New Levels of Durability
Posted 30-Jun-2025 10:15









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.