Become a fan of Slashdot on Facebook


Forgot your password?
Security XBox (Games) Entertainment Games

Xbox Live Players Targeted In Denial-of-Service Attacks 77

The BBC reports on a growing trend where some Xbox Live players are launching denial-of-service attacks against those who beat them or otherwise irritate them in games. Quoting: "'The smart thing about these Xbox tools is that they do not attack the Xbox Live network itself,' [Chris Boyd, director of malware research at Facetime Communications said.] He said the tools work by exploiting the way that the Xbox Live network is set up. Game consoles connecting to the Xbox network send data via the net, and for that it needs an IP address. Even better, said Mr Boyd, games played via Xbox Live are not hosted on private servers. The tools mean anyone with a few dollars can boot rivals off Xbox Live. 'Instead,' he said, 'a lot of games on Xbox Live are hosted by players.' ... For $20 (£13) some Xbox Live hackers will remotely access a customer's PC and set up the whole system so it can be run any time they need it. Some offer low rates to add compromised machines to a botnet and increase the amount of data flooding a particular IP address."
This discussion has been archived. No new comments can be posted.

Xbox Live Players Targeted In Denial-of-Service Attacks

Comments Filter:
  • by the_raptor ( 652941 ) on Saturday February 21, 2009 @02:49AM (#26938971)

    When I beat someone so badly that they have to resort to those sorts of tactics, I feel like the winner. If that happened to me I would brag for years how I had beaten 1337d00d94 so badly that he had to DDOS me.

    • Re: (Score:1, Troll)

      ...beaten 1337d00d94 so badly...

      Yep, I'd say that sounds about right [].

      ...What? I get bored too!

      • I don't get it. What the hell does that have to do with anything?

        • Re: (Score:2, Informative)

          by Anonymous Coward

          He's commenting on the fact that so many morons use names that either have:

          A reference to being "elite" or "leet", to use the script kiddie parlance.

          A reference to some sort of mind altering substance, probably put in place as a pathetic show of how "cool" or "mature" the person thinks they are.

          A reference to genitalia or sexual practices, used either for "shock" value or, like the above, as a sad little show of how "cool" or "mature" the person thinks they are.

          A reference to a character, title, group or pl

    • I rather take the real victory than an imaginary moral victory.
    • That would be great if you could determine who was DDoSing you.

    • I wouldn't, because after awhile it gets irritating as hell. That is why I quiet playing online games, as i would stomp some asshat who thought his "Elite" Shadowcat couldn't lose in Mechwarrior and when i moped the floor with my Atlas I would end up with either a DDOS or him and his little buddies "suicide running" me every time I got on. Remember that if some of these guys get pissy at you they can make it their life's work to fuck with you. I would go for a week or more at a time unable to do anything in

      • Just a thought... but wouldn't it be relatively easy to prosecute the offending twerp? If they aren't using a botnet then finding their own IP address should be pretty trivial.

        If my internet went out for 2 days and I could attribute it to a DDOS attack and I could determine the IP address I would happily sue the little asshat's parents into grounding his sorry ass for a few years.

    • by Lumpy ( 12016 )

      There are so many little ankle biters on XboxLive that if you intimidate them with your gamerscore they boot you from their public games. Or drop their server when they lose, etc...

      It does not surprise me that some of these losers are such bad sports they do this crap. It's why I stopped playing any public games and only play private games with friends I know. Smaller pool of opponents but less of the losers.

    • Dude, I totally owned so many people at Warcraft III. After months of win after win after win, I suddenly found my email address signed up to several thousand newsletters.

      It taught me two things:
      1) I rock.
      2) Don't match your username to your email address.

  • by SupremoMan ( 912191 ) on Saturday February 21, 2009 @02:53AM (#26938981)
    Just submit a story full of buzzwords to Slashdot, and instead of linking article link your victims IP address. The editors won't check the link, and your victim will be slashdoted for a while.
    • Re: (Score:3, Funny)

      by Rip Dick ( 1207150 )
      An ingenious evil plan, I admit. But, your one flaw was assuming people will actually RTFA...
  • by Anthony_Cargile ( 1336739 ) on Saturday February 21, 2009 @02:59AM (#26939003) Homepage
    I was just playing Halo 3 today on Xbox Live(hey, I get bored too), and I'd say 92% of the people I played were what sounded like 10-12 year-olds. One pronounced another person's gamertag, XdamnedsoldierX, "ecks damm-ed soul-digger"[sic], and after reading TFA I could only think: "So, the new conductors of DDoS attacks these days are no longer the smart, possibly disgruntled computer engineering majors of the 80's and 90's, but prepubescent kids who can't even pronounce words like 'damned' (despite using it online since mommy's not home) and 'soldier".

    But from what this says, they can still be considered "script kiddies", since they still seem to be relying on the work of others to accomplish these misdeeds. Whatever happened to the good 'ole 80's and 90's when you had to actually know something about the trade in order to accomplish something like this? I'm not justifying it, but come on, whatever happened to working towards something? I don't remember the movie "WarGames"'s plot including the act of downloading some program to do his work.
    • by Renraku ( 518261 )

      Ever play World of Warcraft on a PvP server? Often times someone will attack you and either kill you and move on, or if you kill them, they'll go and get their lv80 and stand on your corpse for a half-hour.

      It would be like someone challenging you to a wrestling match and upon you winning, they'd go get their 30 year old brother to step in for them.

    • by Cheapy ( 809643 )

      You must be getting all the wrong players. Most of the people I hear talking on Halo 3 online sound much older than 10-12.

    • by Reapy ( 688651 )

      Nothing new here. Playing on Kali servers I remember when "winnuke" got discovered and passed around. We all had fun for a week or two nailing each other with it. There will always be script kiddies! :)

  • Most gamers wouldn't kick out someone for beating them

    It defeats the purpose of the game

    However this could come in handy for suspected bots and cheaters

    • Most gamers wouldn't kick out someone for beating them

      You have obviously not played Halo 3.

    • by KDR_11k ( 778916 )

      Only for people who play the game to challenge themselves, not to boost their e-peen

    • If you're handing a trouncing out to someone, they can decide that you're not allowed to play. And alot of matchmaking/ranking systems have started taking 'incomplete' games into account, some making them worse than losing. So that kid effectively didn't lose, you did when he DDoS'd you right out of the game. It's the win-by-forfeit thing.

      More likely, they're just griefers getting their kicks off pissing you off.

      If you don't think XBL is full of asshats who would do this, just look up blocking in Lef
  • "Even better, said Mr Boyd, games played via Xbox Live are not hosted on private servers."

    Say what? The way I understood it, Xbox Live Gold is a subscription service because Microsoft owns and operates the game servers.

    • Re: (Score:3, Informative)

      by Exawatt ( 1463719 )
      The servers allowing you to find each player are Microsoft's. The servers you play on are the player's own Xboxes (or is it Xboxs?). Some games may not use this method, but many games (e.g. Halo 3) do. Proof would be when the game host leaves, and everyone has to wait while the game says "selecting new host." Microsoft servers determine the game host as the one with the best connection to the other players, but from that point the game is played directly between the involved players.

      It should be noted th
      • Re: (Score:3, Funny)

        by Rip Dick ( 1207150 )

        Xboxes (or is it Xboxs?)


      • I have a feeling that MS helps with the voice too. In halo games, for example, I think that the talking player sends data to MS who essentially multicasts it to the other players. Just a hunch.
    • Microsoft again elects to go with the cheap and insecure way of doing things. My belief is that if you pay for a service you should fully understand what you are getting. In this case I believe all you are paying for is matchmaking. This is the reason I switched from Xbox to PS3, I know Xbox Live is a better service but it is not worth the monthly fees without having private servers. Now we know why Microsoft's stock is finally tanking. Simple solution you pay for a service with private hosting don't pay fo
      • Slashdot didn't include the "less than" symbol I had for the "PC Game Cost Game Console Cost" string.
      • Erm, it has nothing to do with "cheapness".

        Hosting in this manner has two advantages:

        1. It's far more scalable than using Microsoft servers. Microsoft just need to add an new login server to increase capacity. If they were to be 'host' for everything, they'd have to upgrade far sooner. Result would be far more downtime on Live around the holidays.

        2. With smart player matching, it can also be much faster. If all players are from the same region, but the servers from Microsoft are in an different region,

        • by Ash-Fox ( 726320 )

          2. With smart player matching, it can also be much faster. If all players are from the same region, but the servers from Microsoft are in an different region, then there'll be far less lag.

          I get less latency from a colocation facility in the States with a dedicated server using a tier 1 connection than someone on the same ISP I'm on, in the UK hosting 6 people.

          Of course, we're ignoring the fact that Microsoft's xbox content distribution network has servers in every region.

          • by Allador ( 537449 )

            The challenge isnt MS (or any company with the volume of XBL) having enough capacity at any one time, its in how fast they can grow their capacity.

            Look at last christmas, when they couldnt keep up in capacity growth when CoD4 came out and everyone was home playing on the holidays.

            That was just them hosting the login servers.

            Imagine how bad it would have been if they not only hosted the login & matchmaking servers, but had to host reflectors/multicasters to host 2-12x the amount of traffic of every xbox

            • by Ash-Fox ( 726320 )

              Look at last christmas, when they couldnt keep up in capacity growth when CoD4 came out and everyone was home playing on the holidays.

              Obviously their design and capacity arrangements were flawed, despite getting paid by all those users - the users got nothing.

              They should of had the methods that PC users use, since they can't do it right.

    • The games (usually) use a peer-to-peer system for matches, designating one of the players as the match host. The systems run on Live's network (using Live's Authentication and procotols, etc), which is what you pay the subscription fee to access.
  • by Detaer ( 562863 ) on Saturday February 21, 2009 @05:53AM (#26939571)
    XBL has now just caught up to PC gaming in 1995.
  • by David Gerard ( 12369 ) <slashdot&davidgerard,co,uk> on Saturday February 21, 2009 @06:52AM (#26939715) Homepage
    You'll know it happens to you when your box's logo turns to one of these []. Instantly recognisable!
  • Not that DOS isn't already an obvious trademark of Microsoft....

    If it's flaky and broken do you really need to look outside? I am smelling something fishy here and I think it's Red Herring.

  • Even better, said Mr Boyd, games played via Xbox Live are not hosted on private servers. ... 'Instead,' he said, 'a lot of games on Xbox Live are hosted by players.' ...

    Then what the FUCK are those players PAYING for, then? I thought there could not be another reason I consider the Xbox and everything that it brought with it was the toxic bane of gaming as we once knew it. There is no fairness in that at all. Silver service included. you're still giving away part of your oneline identity, as seen here by

    • Re: (Score:2, Informative)

      by Shrike82 ( 1471633 )
      I'm risking being modded down here, but to hell with it. Blatant and foundless attacks on Microsoft are getting a bit tiresome really.

      A lot of games use this model for organising online matches. Someone above made some great points about why this can be a positive, rather than a negative, way of doing things. Clearly you haven't RTFA as your online identity is no more at risk than if you were using a PC to browse the web. IP address is about the extent of it.

      The players are paying for the rights to us
      • A lot of games use that model? Such as what?

        Warcraft III? Starcraft?

        Any MMOs have central game servers. Any recent FPS games have hosted servers.

        As stated in another post, Xbox Live is basically catching up to 1995 PC gaming.

      • I would agree if not for what the previous poster said about most current tech games hosting games on private servers. That's the #1 best way to prevent cheating, after-all, to host all sensitive content serverside. Also, I would agree if not for the fact that the PS3 has FREE online network. It is free and it still manages to provide all the features of Live. the PS2 had a FREE network in Japan as well, but most companies hosted their own servers for games and simply removed those features from the US port
      • by Reapy ( 688651 )

        One of the reasons I don't subscribe to xbox live gold is that in the pc gaming world, the precident has already been set. Starting early on with ipx --> tpc emulators like kali, and most notably arriving on the scene, just about every major game has FREE online play. No reason you should need an xbox live subscription.

        Even games like battlefield where you have "official servers" it is still someone paying a fee to EA to be "official" hosting on their own machines. The cost of the player is no

  • I bitch that Nintendo's friend code policy is far too draconic, yet I see shit like this and I get powerful pangs of doubt...

<< WAIT >>