digg

Facebook Connect Join Digg About
See the original image at techradar.com

Microsoft investigating Xbox Live hackers

techradar.com Microsoft investigating Xbox Live hackers Xbox 360 gamers suffer from abuse of data flooding tools

Who dugg this? Made popular Feb 21, 2009

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

91 Comments

show profanity settings
expand all
  • OwdenBowden, on 02/20/2009, -7/+60One of the best parts of live (like it or not) is the fact that Microsoft does all in its power to keep it a MS controlled environment - eliminating the possibility of Viruses, Exploits and cheating via scripting and code. Yes I have not idea how they are going to stop this because it is outside of the network. What I would suggest is that they "Ban for Life" anyone who is using this tool and also seek true legal action against the script kiddies. In the end they really need to kill this a.s.a.p. as it will have an effect on future live subscriptions.I for one am sick of the "under the map" and other bull ***** exploits within games (mostly out of our control) but if I have to contend with this crap I will just go offline and reevaluate my subscription to live.
  • NeoTechni, on 02/20/2009, -2/+29"How is MS supposed to fix this?"

    Monitor flood attacks, when your 360 goes down it records the IP the flood originated from. As well as the IP addresses of everyone in the same game as you (at max, 15 people) and if it matches one of them, ban hammer
  • CaptObvious, on 02/21/2009, -2/+25I still don't get why the Live servers don't host the games instead of the clients.
  • Cruelapollo, on 02/21/2009, -2/+21You would walking right back towards them.
  • thenativeraver, on 02/21/2009, -0/+17You're an idiot. If someone wanted they could do the same thing to your pc.
  • shadowmoose, on 02/21/2009, -1/+17God dammit people, it's a ***** game, stop cheating or do something better with your life then pissing off other people you ignoble sons'a bitches.
  • kd420, on 02/20/2009, -2/+18Ok, so apparently these people just find out your IP and flood the Xbox port so you effectively can't use it. How is MS supposed to fix this? Essentially the traffic can come from anywhere on the internet to your IP so MS would some how have to get between your connection and the hackers. This seems like a very hard problem to solve IMO unless they have a way of tracing where the packets are actually coming from, they can't be sure. This would be possible with a PC or a router, but if you have an Xbox connected directly to a modem, I don't see how MS can help. Any ideas?
  • octodd, on 02/21/2009, -1/+14until xbox live has its servers be the host and not the users this will always happen. It gets old real fast playing gow2 or any other online game when the host team is cheating, or the host quits and your sent to the menu screen.
  • ballsanya, on 02/21/2009, -5/+17............................................________
    ....................................,.-‘”...................``~.,
    .............................,.-”...................................“-.,
    .........................,/...............................................”:,
    .....................,?......................................................,
    .................../...........................................................,}
    ................./......................................................,:`^`..}
    .............../...................................................,:”........./
    ..............?.....__.........................................:`.........../
    ............./__.(.....“~-,_..............................,:`........../
    .........../(_....”~,_........“~,_....................,:`........_/
    ..........{.._$;_......”=,_.......“-,_.......,.-~-,},.~”;/....}
    ...........((.....*~_.......”=-._......“;,,./`..../”............../
    ...,,,___.`~,......“~.,....................`.....}............../
    ............(....`=-,,.......`........................(......;_,,-”
    ............/.`~,......`-...................................../
    .............`~.*-,.....................................|,./.....,__
    ,,_..........}.>-._...................................|..............`=~-,
    .....`=~-,__......`,.................................
    ...................`=~-,,.,...............................
    ................................`:,,...........................`..............__
    .....................................`=-,...................,%`>--==``
    ........................................_..........._,-%.......`
    ...................................,
  • louiebaur, on 02/20/2009, -11/+21Dugg for Original Submission.
  • Godlike, on 02/20/2009, -1/+10Sounds like they could just set live up to switch ports randomly every few seconds. If they aren't running an entire denial of service on you there IS a way around this.

    In fact you could stop them yourself with a router and some knowhow. If you don't have a router on your internet you are 1992 anyway.
  • reyoo30309, on 02/20/2009, -1/+10Not sure how but blizzard solved this. They had virtually the same hack for StarCraft a while back.
  • Torrec37, on 02/21/2009, -2/+11YOU FAIL, PC gaming is full of cheaters; apps that let you see, shoot, and go through walls, not to mention aim bots.
  • inactive, on 02/21/2009, -2/+11Because that would cost them money. Oh, you're paying for the privilege of peer to peer multiplayer? Are you in the market for a bridge?
  • NipGrip, on 02/21/2009, -1/+8The problem is, it's going to be hard to detect who is causing the attack as the spamming packets come from zombie machines, or machines not attached to the IP of the spammers XBOX in question. He runs Program X on his computer which tells the other computers (with different IP's than his) to attack the target's XBOX ports. The best solution would be to create a good defense against said attacks by limiting the # of incoming connections to the # of max players in whichever game you are playing. MS could also figure out the machines these attacks are coming from and take legal action. Problem with that is international companies offering this "service" and the legal issues dealing with that.
  • Irlande, on 02/21/2009, -2/+9Hackers? Well, that explains why I wasn't racking up as many kills the other night!
  • LiquidSpark, on 02/20/2009, -5/+12Or... How about not letting them see your IP address.
  • Frumbler, on 02/21/2009, -3/+9Seems mandatory jail time for flooding someone's IP on purpose would stop most kiddies.
  • Licurgo, on 02/21/2009, -1/+7those with turbo controllers should be banned
  • CaptObvious, on 02/21/2009, -1/+6^ Exactly. Math is fun!
  • Oea420, on 02/21/2009, -3/+7Because a router connects directly to the internet which then directs traffic to your desired device. Since it's in this position, you can configure it to protect your device from attacks such as this.

    It's generally considered a good idea to have a properly configured router installed as opposed to a direct connection for this very reason, and unpatched windows boxes will get malware within seconds without a router...
  • jo21, on 02/21/2009, -2/+6they should investigate a way to fix the rrod also because jasper is not enough.
  • Tcasey0478, on 02/21/2009, -1/+5If you are a victim of this I would suggest doing one of the following
    1. go into your router's firmware and check under advanced options for DoS protection (that's where i found it) I have a 1 year old DLink router and it has built in DoS protection that is active all the time.
    or if your router doesn't support DoS protection
    2. I would suggest buying a new router, most of the time if you have an old router (3 years+) buying a new one may increase your connection speed.
    Or if you don't really care because you think you won't ever need it
    3. Welcome to the internetz
  • Schwa142, on 02/21/2009, -2/+6well, it is a federal offense...
  • NipGrip, on 02/21/2009, -3/+7That does give me one other idea, MS could log your IP everytime you log into Live and only allow that IP to connect to other 360's. So as you start a game and others join, the IP's of everyone would be validated as authentic IP's used by a 360. Your 360 could deny any IP's not coming from a 360 attached IP.

    There would no reason to allow attack machine IP's access to your 360 and if MS could narrow the allowable connections to only those IP's tied to a 360, it would be a start. If someone is dumb enough (and has the machines) to launch an attack from the same IP their 360 is on, that would be easy to deal with and track.

    Does that even make sense?
  • PasteEater, on 02/21/2009, -2/+6It would be trivial to figure out the IP address of any gamer you connect to if your XBox is hooked up to a router (read the logs). Or, you could packet sniff your network and read the IP addresses in plain text (tcpdump in OS X or Linux would do the trick nicely).
  • EmperorPsiblade, on 02/21/2009, -1/+4How about you actually understand this method of attack and not just spout idiotic rhetoric?
  • Ajajadude, on 02/21/2009, -0/+3Would having Live host the games rather than the users help?
  • AmazingSteve, on 02/21/2009, -1/+4Ooooh there's gonna be some kiddies whining in the forums soon about their bans and zero'd gamerscores.
  • NeoTechni, on 02/20/2009, -7/+9You're the same ***** who posted this http://digg.com/playstation/WTF_is_going_on_with_P ...

    Why don't you give Sony the same chance to fix things?
    It wasn't even a problem you posted about, but an alternate reality game.
  • inactive, on 02/21/2009, -1/+3He has a point. If the games weren't peer to peer, this would be far less of an issue.
  • Qumahlin, on 02/22/2009, -1/+3Yes, that makes perfect sense if your not familiar with networking. The 360 doesn't have to accept the connections in order for them to be an issue. Your flooding the users entire connection, not just their 360. Regardless of if the port is open or not it's going to increase their latency significantly.

    Thats why when a website is getting DDOS'ed they can't simply turn off the site and make the traffic go away, the traffic just chokes up another point higher in the route.
  • NeoTechni, on 02/22/2009, -0/+2"compared to what? PSN? "

    Yes.
  • spoon088, on 02/21/2009, -3/+5Paying for inferior online service.
  • FFXIfrohike, on 02/21/2009, -1/+3If this is the "rent-a-zombie" scheme I've heard about, I wish them luck in shutting it down. In the meantime, if your ports get flooded, simply acquiring a new IP address is sufficient. Unless you're paying extra for a static IP address, getting a lease on a new IP is pretty simple. Most network connection control panels, either on your router or your machine (if you're not using a router for some reason), have a "release IP" button. Release, reboot/disconnect, reconnect, and you have a new IP address. That ... should do it >.>
  • inactive, on 02/23/2009, -0/+1***** people use controller mods and they have done nothing.
  • bigbangbuddha, on 02/21/2009, -2/+3some games are hosted centrally but its very fiew, and as philhatesyou said, its expensive. The company has to run a pc for every few games that are being hosted. And if its a popular game like L4D or GoW, that adds up fast. One game that I know that runs servers is D.I.C.E.s BF-BC, the biggest advantage is the host doesn't lag the other players if his network is screwy, the game is always a decent sim as long as your connection is solid; and with all the vehicles in that game its pretty much a must . Not to mention, the other players can't get your IP either, small bonus of client->server games.

  • Frumbler, on 02/21/2009, -1/+2That's good to know Schwa142, MIcrosoft should report them to the FBI instead of just banning them from Xbox Live. If there were a couple of high profile convictions it would dry up real quick.

    I think the feds don't have the resources and don't care about policing a "game" site.
  • Azerael, on 02/21/2009, -1/+2Wouldn't it make sense to just somehow hide or spoof the IP's of all LIVE players to prevent this happening in the first place?
  • monkeyfugitive, on 09/10/2009, -0/+1lol at all the voices of the ppl who where abused by hackers on xbox live
  • jaundiced, on 02/21/2009, -1/+2it's not all that difficult actually.

    what they'll do is take a look at common players in lobbies or sessions that players who have been affected were in at the time of the packet flooding. all it takes is someone using it a few times for a pattern to emerge - and apparently they have logs of all games that occur through XBL. they don't need to link IPs, just repeated incidents where say 'l33tn00bslay3r' was in lobbies when this happened to an opponent.

    the most difficult thing will be setting a reasonable occurrence rate they can act on - i.e. how many times with someone in a lobby with this happening to someone else before coincidence can be ruled out.
  • adeelarshad82, on 02/25/2009, -0/+1so what does that mean for an average xbox 360 gamer. Is everyone at risk?
  • RajputSmurf, on 02/21/2009, -1/+2I don't know if this is the cause of my problems with the Texas Hold'em game or not but I have regularly found myself booted over the last few months and other players I've chatted with have said that it looked like I dropped out and I've seen the same with other players. Could be a connection issue but this stinks. Hang the bastards.
  • EmperorPsiblade, on 02/21/2009, -1/+2Peer to peer has both disadvantages and advantages over a server/client model.

    Would you rather have your game lag or outright crash every time the Live servers get overloaded, or be trivially exposed to a DoS attack that you could just as easily get by insulting morons on IRC?
  • Spider27, on 03/11/2009, -0/+1a simple program called nettools, i have used it, its very easy to gain the ips of incoming xbox connections.
  • Twag86, on 02/23/2009, -0/+1It will stop attacks because there is nobody laying it online to flood you.

    That was a cheap shot, Im sorry. But seriously, xbox live is more fun online.
  • Slash0, on 02/22/2009, -0/+1You lose
  • Twag86, on 02/23/2009, -0/+1Also, with client based hosting, you dont have to worry about support for a game to dry up. If me and my friends are the only people who still play some old game we dont have to worry about the servers for it being down.
  • Optiks, on 02/22/2009, -0/+1Jason Kidd? Is that you? Send me your GT, we'll hook up.
  • Qumahlin, on 02/22/2009, -1/+2Easy, you use a router that allows traffic capture, or you simply hook your 360 up to the internet using ICS from your PC which then allows you to run any packet capture tools you would like. Obviously since your connected to the host your going to be able to see the IP.
  • Fetching more discussions...
    Show 51 - 92 of 92 discussions

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...


© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.