Support
FR EN ES PT
FR EN ES PT
Play!

DDoS Prevention 2016-07-27 18:00

Back to list
PvP tournaments and other community events are – sadly – often the target of DDoS-type attacks, carried out by killjoys suffering from a lack of attention. In order to ensure these events run smoothly, here is some information and advice which will help you protect yourself against such attacks.
 
 
 

What are DoS attacks?


Denial of Service attacks, with the DDoS variant: Distributed Denial of Service attacks. These are a type of computer manipulation designed to block a service for a defined period of time, subsequently preventing the user from accessing the service in question.

In our case, we talk about DoS or DDoS when a user experiences external connection disruptions, preventing them from accessing desired services: network software, browsing the internet, and of course, the DOFUS MMO.

DoS attacks are entirely independent from the service itself; the sole target is your internet connection. Being unable to access services is the result of this.

Consequently, these services can do absolutely nothing to help you avoid such inconveniences, it is you and you alone who can protect yourself from DoS attacks, by protecting your connection as much as possible.

 

How can I protect my connection?


DoS attacks are launched using the IP address of the targeted connection. Protecting your connection must therefore involve masking your IP address.
 
Protecting your IP address: 3 core bits of advice

An IP address can be revealed on certain unsecured websites (such as public information forums) or through various software (such as Skype, despite recently-introduced measures).

We're obviously not going to tell you to stop browsing the internet and using your communication software. Nonetheless, there are some simple precautions you can take, which require no special skills:
 

Favor using more secure communication mediums


Discord – which is currently very popular for security reasons – offers a text and voice exchange medium which never reveals the IP address of your connection, be it to users or administrators. This is the huge added value that it has over software such as TeamSpeak or Mumble, where channel administrators have access to your IP address.
So currently, Discord is probably the most secure medium when it comes to hiding personal information.
  • Tip #1: Use Discord as your first choice for conversations.
 

Activate and carefully configure your Firewall


A firewall allows you to precisely target data you agree to receive, as well as their origin. It will thus help you to block – in advance – any stream of malicious information that you receive, and to stabilize your connection.
  • Tip #2: Use a quality firewall and correctly configure its security settings.
 

Don't use the same username everywhere


Indeed, if Super-Percedal, player of Jiva, uses the same username on their Guild forum, as well as on their Alliance's forum, but also on the tuning forum where they show how they've customized their two-wheeler, and why not on the cooking forum where they teach others how to prepare a stew and then some, and not to forget it's their Skype username… it goes without saying that they become easy to spot.
  • Tip #3: Use a different username from your game character for Skype, forums and discussion channels.

 
Modifying your IP address:

Before modifying your IP address, you must know its type beforehand: Fixed IP or Dynamic IP. If you are uncertain, the simplest thing to do is to ask your ISP (Internet Service Provider).
 

► Modify a dynamic IP address


A dynamic IP address can be changed whenever you please. The easiest, safest, and most drastic way to do so involves simply restarting your router, so that your connection will use new settings.
Having a dynamic IP address therefore allows you to more easily conceal yourself, but mustn't in any case make you forget basic security precautions.
 

► Modify a fixed IP address


A fixed (or "static" ) IP address is, as its name indicates, one that never changes. This therefore means that if you have already come under attack, the core advice above is of no use to you, since your attacker is already in possession of your IP address. Consequently, the only solution available to you is to contact your ISP as soon as possible, and to ask them to modify your IP address; and while you're at it, ask them to put you on a dynamic IP address.

Please note: Some ISPs (for example the French ISP Free, who only provide fixed IP addresses) are reluctant to comply with such requests at first sight. So don't hesitate on being insistent, especially if you have already been victim of a DoS attack: they'll feel duty-bound to protect the connection for which you're subscribed to them.

 

How can I combat DoS attacks?


Despite being precautious, you've just experienced a DoS attack. Remember that this isn't the end of the world, and you have means to enter into legal proceedings against the perpetrator of these attacks.

Indeed, practicing DoS attacks on others is a criminally punishable offense.

From there on, you have two main approaches:
  • Securing your connection, which will in any case include an IP address modification.
  • Legal proceedings against X.
 
Filing a complaint against "X"

Even if it may at first seem exaggerated, you shouldn't forget that a DoS attack is an attack targeting a user's personal and private data, and is consequently strictly forbidden by the law.

In 4 steps, here are the procedures to initiate to fight your attacker juridically:
 

Step 1: Confirm the attack


The first thing to do is contact the one and only body that can attest to the fact that your connection has come under attack: your ISP. Don't hesitate to ask them to carry out checks on your line so they can officially confirm the attacks.
 

Step 2: Trace the origin


Still involving your ISP, you can ask them to retrace the origin of the attack. Depending on your ISP, this process may differ; it may be necessary to send a letter stating the request, in order to receive the useful information required in return.

Step 3: Assemble a file


Using the information obtained by your ISP, as well as your own: personal and private information (identity, postal address, etc.) relating to the connection targeted, the circumstances in which the attack took place, possible material damage caused etc., and in general terms, anything that you think may be useful and necessary as evidence.
 

Step 4: Lodge a complaint


Visit your local police station and ask for the details of a specialist in cybercrime and new technologies, so they can register your complaint. Please note: these specialized services are very few, and have reduced staff at their disposal. Also, it may be necessary to travel a long distance, and it may happen that your request cannot be dealt with quickly.

From there, your file will be passed on to the appropriate authorities, who will decide whether or not to conduct an investigation.

This is a very laborious procedure, and without proper assurances of a positive outcome, they have to be mindful. But it's also the only way to see the DoS perpetrators be punished under criminal law.
 
Category: Community