DDOSing in runescape

[Kaida23]

A "while we can never garantuee that any of our staff members give out confidential information, we are doing everything we can do to prevent this and select our staff very carefully, re-assessing them whenever they climb up a rank" would have suited more IMHO.

This is Tip.It, not Jagex.

[X3EN]

Regardless of everyone's suggestions, there is no way to combat DDoS.

 

Sure, you can have a router the prevents known special types of attacks or which would ignore ICMP, but days of handcrafted exploits are long gone.

 

Yes, that's what I said. No more handcrafted exploits. No way you can protect your IP.

 

The typical DDoS attack nowadays (and yes, DDoSing is something that a 6 year old could easily manage to pull off) is....

 

Sending perfectly valid packets to exhaust your bandwidth.

That's right. VALID packets. Not some packets that contain fake/null header info. Relatively small packets, not maxed payload.

 

If we had a DoS, then you could either call your ISP and ask to filter off the DoSers packets, as they originate from a single IP and the ISP can easily validate the excessive volume of incoming packets. You could also mail a complaint at abuse@attackersISP, but typically THAT DOESN'T WORK.

 

However, a typical failmaster will have 20+ (most likely a few hundreds) bots of various capabilities. So you are getting a large volume of packets from many hosts.

Yeah, you can configure your router just to drop all those packets, but if they send faster than you can receive, nothing will change. You will be dropping all (with rare exceptions that manage to reach you from RS or other normal services) packets you receive and that's it.

 

Yes. That's it. You will not be able to play/browse the internet/whatever.

 

tl;dr Create an account noone knows about for staking.

[I_am_Not]

saw something about RSC on here..do you an account there #####pure?

IPs haven't been safe there for ages, I'd suggest not posting there again lol

[stonewall337]

A "while we can never garantuee that any of our staff members give out confidential information, we are doing everything we can do to prevent this and select our staff very carefully, re-assessing them whenever they climb up a rank" would have suited more IMHO.

 

Was there really any need for this post? Why are people being overly critical of the Admins responses? People on the first page WERE pretty much saying that it was "probably a leak from a corrupt tif mod."

 

No they weren't. NO ONE ever blamed the admin staff. It was simply stated as a possibility, not as a likelyhood or something that happened.

[Jonanananas]

A "while we can never garantuee that any of our staff members give out confidential information, we are doing everything we can do to prevent this and select our staff very carefully, re-assessing them whenever they climb up a rank" would have suited more IMHO.

 

Was there really any need for this post? Why are people being overly critical of the Admins responses? People on the first page WERE pretty much saying that it was "probably a leak from a corrupt tif mod."

 

No they weren't. NO ONE ever blamed the admin staff. It was simply stated as a possibility, not as a likelyhood or something that happened.

 

"In your case most likely situations are corrupted tif mods, and imageshack or any other picture host service someone had rented to grab ip's."

 

Not a likelyhood at all, eh?

[stonewall337]

A "while we can never garantuee that any of our staff members give out confidential information, we are doing everything we can do to prevent this and select our staff very carefully, re-assessing them whenever they climb up a rank" would have suited more IMHO.

 

Was there really any need for this post? Why are people being overly critical of the Admins responses? People on the first page WERE pretty much saying that it was "probably a leak from a corrupt tif mod."

 

No they weren't. NO ONE ever blamed the admin staff. It was simply stated as a possibility, not as a likelyhood or something that happened.

 

"In your case most likely situations are corrupted tif mods, and imageshack or any other picture host service someone had rented to grab ip's."

 

Not a likelyhood at all, eh?

 

Yup you are wrong once again, you need to read in context, and not just quote the part that supports your (incorrect) stance.

 

"Tif database leak, ip from links you've been to. Social engineering from your name. Corrupted tif mods (People pay like £30 for a single ip leak).

 

Ofc they wouldnt apply if you had a dynamic ip."

 

These are listed as POSSIBILITIES not Accusations. BIG DIFFERENCE.

 

The point. Try not to keep missing it.

[Naraku893]

Staking was safer before the original removal of the wilderness and free trade. Who stakes anymore anyway?

[Jonanananas]

A "while we can never garantuee that any of our staff members give out confidential information, we are doing everything we can do to prevent this and select our staff very carefully, re-assessing them whenever they climb up a rank" would have suited more IMHO.

 

Was there really any need for this post? Why are people being overly critical of the Admins responses? People on the first page WERE pretty much saying that it was "probably a leak from a corrupt tif mod."

 

No they weren't. NO ONE ever blamed the admin staff. It was simply stated as a possibility, not as a likelyhood or something that happened.

 

"In your case most likely situations are corrupted tif mods, and imageshack or any other picture host service someone had rented to grab ip's."

 

Not a likelyhood at all, eh?

 

Yup you are wrong once again, you need to read in context, and not just quote the part that supports your (incorrect) stance.

 

"Tif database leak, ip from links you've been to. Social engineering from your name. Corrupted tif mods (People pay like £30 for a single ip leak).

 

Ofc they wouldnt apply if you had a dynamic ip."

 

These are listed as POSSIBILITIES not Accusations. BIG DIFFERENCE.

 

The point. Try not to keep missing it.

 

Nope once again. Here is the full quote:

 

In your case most likely situations are corrupted tif mods, and imageshack or any other picture host service someone had rented to grab ip's.

 

Not much you can do about it unless you have dynamic ip

 

You know, maybe you should stop attacking me for "missing the point" at every occasion. It's really getting ridiculous. I don't think I've done anything to provoke that so I have to say I'm a bit baffled why you keep calling me out on it.

[Deletion]

I don't even know what Stone's argument is. Stone said that nobody said it was a likelihood the leak came from the Admin Staff, Jonan showed a full quote of somebody stating that it was likely it came from the Admin Staff. Stone said Jonan is missing the point? I'm a little confused as to what Stone's point is now.

[Omali]

I get DDoS'ed whenever I wrote about the lawsuit between Jagex and bot makers, by bot users. It has become the internet version of the guy who tells you to fight him because he isn't intelligent enough to carry on a debate.

[wolfmon56]

Seeing this come up above brings forward a very good question. Does Tip.it have embedding blocked from image uploaders other than EXTREMELY common ones (imgur, photobucket, etc). If not, it's very easy to go onto a thread and post pictures from uncommon/slightly changed image hosts (such as one you created yourself) in which everyone who loads the page that picture is on (even if it's just the forum thread) "viewed" it so their IP shows up if the picture is tracking ips of those who viewed it.

 

I know a lot of clan sites have upgraded their forums to only allow certain hosts, but does tif do that?

[Piu]

I don't even know what Stone's argument is. Stone said that nobody said it was a likelihood the leak came from the Admin Staff, Jonan showed a full quote of somebody stating that it was likely it came from the Admin Staff. Stone said Jonan is missing the point? I'm a little confused as to what Stone's point is now.

 

He said that people said it was a possibility. That is COMPLETELY different than plain saying "Oh hey, I'm sure was the Super Mods who did it lol, they sold your IP."

 

Whiles yes, I believe the TIF staff are honest to their word and I respect them for that, as half the people here would jump at the free 100M or $30. But people were just saying it was a possibility that corrupted TIF admins might've caused it.

 

People need to open their minds a little.

[hatebringer]

There is always ways to get an acutal localhost IP from a game, probably some 3rd party software most likely but even sql injection and data retrieval could get your ip, and then any DDoS client could be used to just ping the internet out of you. Just change packet size and target your ip and your as good as crashed.

A good rule of thub to know is that your "IP addres" is just a dynamicly assigned IP through you ISP, so just actually getting your IP doesnt exactly do anything (Common IPs from Routers are 192.168.1.1 -192.168.1.256) so going to the CMD and typing in ipconfig /all will not exactly give you any useful information.

 

I'm not exactly how all this could be done, but conceptually sounds about right.

 

 

Few tips to always remember to ward off future attacks:

Proxies/SSH Tunneling

Check for open Ports in your Router/Firewall that allow for easier DDoS or Bruteforce

Just be safe about giving out information

[Arceus]

The only conclusion I will draw from this is that I will continue my practice of telling no one (read: NO ONE!) an answer when they ask "How much money do you have?" <_<

[stonewall337]

A "while we can never garantuee that any of our staff members give out confidential information, we are doing everything we can do to prevent this and select our staff very carefully, re-assessing them whenever they climb up a rank" would have suited more IMHO.

 

Was there really any need for this post? Why are people being overly critical of the Admins responses? People on the first page WERE pretty much saying that it was "probably a leak from a corrupt tif mod."

 

No they weren't. NO ONE ever blamed the admin staff. It was simply stated as a possibility, not as a likelyhood or something that happened.

 

"In your case most likely situations are corrupted tif mods, and imageshack or any other picture host service someone had rented to grab ip's."

 

Not a likelyhood at all, eh?

 

Yup you are wrong once again, you need to read in context, and not just quote the part that supports your (incorrect) stance.

 

"Tif database leak, ip from links you've been to. Social engineering from your name. Corrupted tif mods (People pay like £30 for a single ip leak).

 

Ofc they wouldnt apply if you had a dynamic ip."

 

These are listed as POSSIBILITIES not Accusations. BIG DIFFERENCE.

 

The point. Try not to keep missing it.

 

Nope once again. Here is the full quote:

 

In your case most likely situations are corrupted tif mods, and imageshack or any other picture host service someone had rented to grab ip's.

 

Not much you can do about it unless you have dynamic ip

 

You know, maybe you should stop attacking me for "missing the point" at every occasion. It's really getting ridiculous. I don't think I've done anything to provoke that so I have to say I'm a bit baffled why you keep calling me out on it.

I call you out not because of anything personal but because you keep on doing it. He said it was a possibility, not that it happened. A potential is not an occurance. Heck, even saying it was likely is not an accusation. An accusation is SAYING someone did it. Saying someone COULD have done it or even LIKELY did it is still not an accusation.

[Riptide Mage]

There is always ways to get an acutal localhost IP from a game

No there is not, all interactions between the client and the game go straight to Jagex's server, and from that server to otehr players, nothing is sent directly to another player's IP from your IP

, probably some 3rd party software most likely but even sql injection and data retrieval could get your ip,

What are you talking about?

and then any DDoS client could be used to just ping the internet out of you.

This is so factually inaccurate its laughable

Just change packet size and target your ip and your as good as crashed.

Also wrong

A good rule of thub to know is that your "IP addres" is just a dynamicly assigned IP through you ISP,

Incorrect, many ISP's use static IP's for customers, specifically DSL providers

so just actually getting your IP doesnt exactly do anything (Common IPs from Routers are 192.168.1.1 -192.168.1.256) so going to the CMD and typing in ipconfig /all will not exactly give you any useful information.

Private block IP's cover far more than just 192.168.1.*

10.0.0.0-10.255.255.255

172.16.0.0-172.31.255.255

192.168.0.0-192.168.255.255

are all reserved for private networks.

 

I'm not exactly how all this could be done, but conceptually sounds about right.

Conceptually everything you wrote is incorrect

 

Few tips to always remember to ward off future attacks:

Proxies/SSH Tunneling

This only protects you from people in the future finding your IP, it does no good for you if someone already has it

Check for open Ports in your Router/Firewall that allow for easier DDoS or Bruteforce

Open or closed ports make no difference in a DDOS attack, if you have 15 mbit/s downstream and someone is sending 500 mbit/s towards you nothing you can do is going to stop the attack, even changing your IP, the attacker can just attack the node you are connected to instead of you personally, knocking your neighborhood offline

Just be safe about giving out information

Please actually know what you are talking about before giving it out as "information"

[Stev]

There are a large number of ways of obtaining someone's IP address. As there is no proof of which method was used, bickering back and forth will do nothing to help the situation; even if it's simply stated as a possibility. We are all for you educating people on ways to protect themselves by posting methods which could have been used, but please be sure not to point fingers. As far as the possibility of it being handed over by a TIF staff, Tripsis and MageUK were nice enough to correct and assure users that this wasn't the case. Although yes it could, even to the slightest degree, be considered a possibility.

 

Thanks!

[n_odie]

Too add onto this:

 

There are a large number of ways of obtaining someone's IP address. As there is no proof of which method was used, bickering back and forth will do nothing to help the situation; even if it's simply stated as a possibility. We are all for you educating people on ways to protect themselves by posting methods which could have been used, but please be sure not to point fingers. As far as the possibility of it being handed over by a TIF staff, Tripsis and MageUK were nice enough to correct and assure users that this wasn't the case. Although yes it could, even to the slightest degree, be considered a possibility.

 

Thanks!

 

The discussion/accusations/possibility of a corrupt mod/s is leading no where and, as the previous posts will show you, will only make things worse. If you ever feel that a mod/admin is doing otherwise, please pm an admin or admins of your choice.

 

 

 

So, can we please move on and try to get back to:

Discussion value, what does this show about the state of runescape these days, recently I was also scammed for 2b while staking, but this is far worse and there seems to be little I can do to protect myself.

[Bxpprod]

It's not a matter of the state of runescape. It's - as I believe was previously stated - about the players. We have put such a value on items, to the point where people forking out hundreds and hundreds of dollars/pounds/currencyhere for in game items that, in actuality, are worth nothing except for an intangible amount of epeen that, for the most part, noone gives a shit about it.

 

That makes thigns even MORE sought after, not necessarily by your standard, rule abiding gamer who just wants to look like a boss in his party hat, but by those who engage in RWTing for hefty sums of money (and given the rediculous amounts of money people are willing to fork out for it, one might understand why people sell).

 

You aren't going to change that culture. The only way - and god forbid that I say this with the inevitable uproar that is going to follow - to stamp it out, is to either make the untradable or do a legit Party Hat (here guys, have a PeaHat trollololol) drop to flood out the market and turn them into everyday items. NO ONE will want them anymore, because [everyone] has them. Yes, it'll destroy the market. Yes, it'll leave people screwed, but to stamp out things like this, takes some serious measures. At the end of the day, you aren't going to stop little Jimmy trying to scam you out for a PHat or Joe the Plumber buying a PHat for thousands of dollars, unless they are seen to be less prestigious.

 

But that, will never happen. Because lets face it, "it'll ruin the game", "it'll screw the economy" and god forbid, the rich stakers will just [bleep] and moan EVEN MORE about, what is, at the end of the day, a bunch of pixels in a game.

[Fallstar]

It's not a matter of the state of runescape. It's - as I believe was previously stated - about the players. We have put such a value on items, to the point where people forking out hundreds and hundreds of dollars/pounds/currencyhere for in game items that, in actuality, are worth nothing except for an intangible amount of epeen that, for the most part, noone gives a shit about it.

 

That makes thigns even MORE sought after, not necessarily by your standard, rule abiding gamer who just wants to look like a boss in his party hat, but by those who engage in RWTing for hefty sums of money (and given the rediculous amounts of money people are willing to fork out for it, one might understand why people sell).

 

You aren't going to change that culture. The only way - and god forbid that I say this with the inevitable uproar that is going to follow - to stamp it out, is to either make the untradable or do a legit Party Hat (here guys, have a PeaHat trollololol) drop to flood out the market and turn them into everyday items. NO ONE will want them anymore, because [everyone] has them. Yes, it'll destroy the market. Yes, it'll leave people screwed, but to stamp out things like this, takes some serious measures. At the end of the day, you aren't going to stop little Jimmy trying to scam you out for a PHat or Joe the Plumber buying a PHat for thousands of dollars, unless they are seen to be less prestigious.

 

But that, will never happen. Because lets face it, "it'll ruin the game", "it'll screw the economy" and god forbid, the rich stakers will just [bleep] and moan EVEN MORE about, what is, at the end of the day, a bunch of pixels in a game.

 

You don't seem to get it. They aren't just "a bunch of pixels in a game". People can convert those pixels into thousands of pounds or vice versa in a matter of minutes.

 

And ruining party hats wont affect the 'rich stakers' etc who keep upwards of a hundred billion in shard stacks (most wealthy players keep their wealth in shards spread across multiple accounts rather than investing in rares, especially after last year); it'll affect the people who worked hard at merchanting or PVM to make that one or two bill for their rares. Thats one of the reasons Jagex would never do that; rather than affecting the ultra rich, destroying rares will affect your average hardworking and successful player far more.

[stonewall337]

Too add onto this:

 

There are a large number of ways of obtaining someone's IP address. As there is no proof of which method was used, bickering back and forth will do nothing to help the situation; even if it's simply stated as a possibility. We are all for you educating people on ways to protect themselves by posting methods which could have been used, but please be sure not to point fingers. As far as the possibility of it being handed over by a TIF staff, Tripsis and MageUK were nice enough to correct and assure users that this wasn't the case. Although yes it could, even to the slightest degree, be considered a possibility.

 

Thanks!

 

The discussion/accusations/possibility of a corrupt mod/s is leading no where and, as the previous posts will show you, will only make things worse. If you ever feel that a mod/admin is doing otherwise, please pm an admin or admins of your choice.

 

 

 

So, can we please move on and try to get back to:

Discussion value, what does this show about the state of runescape these days, recently I was also scammed for 2b while staking, but this is far worse and there seems to be little I can do to protect myself.

Are you HONESTLY going to set the precedent of ONLY allowing discussion which is EXACTLY germane to the original topic? No deviation? That's pretty extreme.

[SwreeTak]

This is just further making RS unsafe. DDOSing when staking...I never saw that coming to be honest. People really go to great lengths just to get their hands on some pixels. Scams, luring and now DDOSing, all for a few green and yellow pixels. Sad. Really.

[n_odie]

Are you HONESTLY going to set the precedent of ONLY allowing discussion which is EXACTLY germane to the original topic? No deviation? That's pretty extreme.

 

I mean to say that saying a mod released ip information is highly unlikely. The last page of the topic was about that though. Less than 10 people have Ip access via staff.

 

This is an awesome topic. Account safety is something that we should all be very serious about. As Peter mentioned, we are going to be making some addition security changes from this discussion.

 

I didn't mean to say, discuss EXACTLY, simply, accusing mods of releasing information is almost harassment of staff. We take the promotion of these staff members very seriously, and only give them this ability to better ban ad bots and those who are avoiding bans.

[stonewall337]

Are you HONESTLY going to set the precedent of ONLY allowing discussion which is EXACTLY germane to the original topic? No deviation? That's pretty extreme.

 

I mean to say that saying a mod released ip information is highly unlikely. The last page of the topic was about that though. Less than 10 people have Ip access via staff.

 

This is an awesome topic. Account safety is something that we should all be very serious about. As Peter mentioned, we are going to be making some addition security changes from this discussion.

 

I didn't mean to say, discuss EXACTLY, simply, accusing mods of releasing information is almost harassment of staff. We take the promotion of these staff members very seriously, and only give them this ability to better ban ad bots and those who are avoiding bans.

Ya, I understand. But doesn't anyone understand that saying there is the POTENTIAL for something to go wrong is not SAYING something did go wrong? Being precise is important, and that's why I've been sticking to the issue. Because I'm right.

[Deletion]

I don't even know what Stone's argument is. Stone said that nobody said it was a likelihood the leak came from the Admin Staff, Jonan showed a full quote of somebody stating that it was likely it came from the Admin Staff. Stone said Jonan is missing the point? I'm a little confused as to what Stone's point is now.

 

He said that people said it was a possibility. That is COMPLETELY different than plain saying "Oh hey, I'm sure was the Super Mods who did it lol, they sold your IP."

 

Whiles yes, I believe the TIF staff are honest to their word and I respect them for that, as half the people here would jump at the free 100M or $30. But people were just saying it was a possibility that corrupted TIF admins might've caused it.

 

People need to open their minds a little.

 

The guy they are referring to said "In your case most likely situations are corrupted tif mods, and imageshack or any other picture host service". He listed two things and said that it is likely one of those two things was responsible for the IP leak. That, to me, means he thinks both things are likely causes of said leak and more than possibilities.

 

Nowhere in my post did I say "He said it WAS the Super Mods who did it!!!1". I think it's you who needs to open your mind.