DDoS attacks. What are they? Why do they happen, and why would they happen to you, an innocent gamer? How can you stop them?
I’ve been gaming for most of my life, and writing about tech for nearly half of it at this point. I’ve picked up a few useful bits of knowledge, including the whys and wherefores of DDoS attacks. No one should have to deal with that, so I’m going to tell you all how you can stop them.
I’ll provide you with a range of tips, some of which are actually cheap and easy. These will actually solve many, if not all of your DDoS-related problems.
What Is a DDoS Attack in Gaming and How Does It Work?
There are three main kinds of Distributed Denial of Service attacks, and they all require the use of a botnet. This is usually a massive network of devices (computers, phones, maybe even consoles) that have been infected with malware. This malware directs the multitude of devices to all attack your network at once, overwhelming it and making it basically non-functional.
So, the three varieties are:
This is the one you most likely need to worry about. The attack itself is simple: all of the devices on the botnet will “ping” your network at once. A ping is a normal process designed to basically contact another device and say, “Hey, you there?”
The devices exchange information, and they’re done. But a botnet will hit your network with so many pings, that it will overload your connection and your modem. This will leave your internet “connected,” but you won’t actually be able to do anything.
As an example, the botnet will initiate a “TCP handshake” procedure, which is a normal thing. What’s not normal is that it won’t actually end the procedure; it will bombard your network with requests. Basically, it doesn’t let the “handshake” go, and it makes everything awkward.
Application Layer Attacks
You probably won’t have to deal with this unless you’re running a publicly available web application on your router or gaming device somehow. Don’t worry about it.
How Can a DDoS Attack Affect Your Game?
So what happens if you draw the ire of an enemy gamer, or someone who doesn’t like your stream? In short, the attack will congest your local network, and won’t let you do anything at all online, much less game.
It won’t just be lag, it’ll be an effective cessation of all internet-based activity.
And it can last a while, too – from a few hours to a few days. Most random gamers don’t have access to a botnet of their own, and so may have to contract the services of someone who does, and that’ll put a time limit on the attack. However, [insert deity here] help you if you get on the wrong side of someone who does run their own botnet.
9 Ways to Prevent DDoS Attacks While Gaming
Here are several methods to prevent and mitigate DDoS attacks on your home network. As mentioned before, some of these methods are, strictly speaking, not practical for most home users. They have been listed here because I’m thorough like that. You’re welcome.
Let’s start with the methods that are easy and cheap:
1. Don’t Give Out Your IP Address, Ever
This is the most obvious tip, but still. If anyone asks for your IP for some reason, don’t give it to them. Just don’t. It’s never worth it.
(Also, ALT-F4 doesn’t give your character a special buff during raids, “/quit” won’t revive your character, and your online friends can be jerks sometimes. Hilarious, but also jerks.)
2. Contact Your ISP for Help
Your internet service provider is good for two things in this instance: one, they can confirm for certain that you are, in fact, getting DDoSed. That’s useful information.
Secondly, they can put measures in place to make sure that it doesn’t happen again, at least not for a while. Well, the good ISPs can do that… some might actually not be so helpful. Your mileage may vary by a lot.
3. Use a VPN
This is not free, but it’s honestly your best option most of the time, if you get the right VPN. You see, a VPN does two things: first, it encrypts all of the traffic that goes between your computer or console, and the VPN server to which you connect. This makes it harder for third parties to see what you do online.
The second and most relevant thing it does is change your IP address. With your data routed through a VPN server, anyone who’s trying to find your IP address from the other end will only see the VPN server’s IP, not yours.
This means that if they launch a DDoS attack, they’ll hit the VPN server, not your home network. Good VPN servers have DDoS mitigation built in, and will essentially stop the attack before you notice any real lag in your game.
4. Keep Your OS Up To Date
Remember, not every DDoS attack is made equal, and they don’t all attack your computer or network in the same way. A lot of previously serious DDoS attack vectors have been all but eliminated by security updates to modern operating systems.
So whatever you’re gaming on: a PC, a console, your phone, one of those interactive fridge computers for some reason… keep it up to date. Yes it’s annoying. Do it anyway.
5. Keep Your Router Up To Date
Yes, this is basically the same as the last tip, but a lot of people forget this sort of thing. Log in to your router or modem’s settings page, and make sure the firmware on it is up to date.
If you have a very old router/modem, you might also consider upgrading to a newer model if you can. Not every ISP allows for this, though.
6. Don’t Use a Static IP for Your Home Network Unless You Have To
A static IP is when you reboot your router, and you get the same IP address as before. Nowadays, you usually have to pay extra for these from your ISP. Unless you have a very good reason to use the same IP every time, don’t.
When you get a new IP address every time you restart your router, it will stop ongoing DDoS attacks, and delay the next one. It’s a good stopgap measure while you implement other strategies.
7. Don’t Open Just Open Ports at Random
“Ports” are basically what the name says. They’re like a digital version of the ethernet and USB ports in your computer, and all kings of different programs use them to do different things.
Now, your device’s firewall should have most of them just closed and blocked off at all times by default. That’s good and normal. Leave it that way.
8. Use DDoS Protection Software, on a Central Device
This one is complicated, and takes some knowhow, but many have used it to great effect. Basically you’ll have to get a cheap computing device, like a Raspberry Pi, and install one of the following on it:
These are all free and open source software options that can be used to either manually or automatically block DDoS attacks. Your gaming device will need to connect to the internet through the server or PC running this software.
9. Use DDoS Protection Hardware
This is very expensive, and not practical for most. It’s basically the same thing as above, but you would basically be buying hardware specifically designed for blocking DDoS attacks, usually with some proprietary software on top. And again, these are mega expensive.
How to Protect a Game Server from DDoS Attacks
Most of the tips are frankly the same as above. However, the DDoS protection software does become more important at this point, because constantly changing your IP isn’t very practical for game servers.
If you’re managing the servers yourself, your best bet is to learn how to configure NGINX. And… if you’re managing your own servers, you probably don’t need me to tell you how to do it. The most you’ll need is a good tutorial.
For everyone else, by far the easiest way to get a strong, protected game server is to rent your server from a third-party service. It’s more expensive, yes, but it’s a lot easier than attempting to manage all the security yourself. A good third-party game server host will have a network built for dealing with DDoS attacks, and people trained to handle these situations.
Preventing and mitigating DDoS attacks is often frustrating. Heck, even checking to see that you have been attacked can take some work, but it is by no means impossible. Even if you only follow the free advice above, not counting the complicated stuff, you can save yourself a whole ton of headaches.
And remember, the easiest way to keep DDoS attacks away from your network is to route your internet traffic through a VPN. Download PIA VPN and get the peace of mind you need to focus on beating your opponents fair and square.
Yes, sort of. They can’t be “stopped from happening at all,” not in any practical sense – not unless you’re willing to try and negotiate with every single person who might try to hit you with a DDoS attack. But they can be mitigated, or rendered effectively harmless to you and your network.
Most of the methods for that usually involve just not handing out your IP address, keeping all of your software and hardware up to date, keeping your ISP apprised of any attacks, and using a VPN to hide your IP address in the first place, which helps a lot.
Sort of. The DDoS attacks don’t usually go through the game’s own network, or servers. What usually happens is that the attackers will use the game to find your IP address through the game, and then attack your IP address directly.
The good news is that most games don’t expose your IP address to other players these days, especially if you’re playing on central game servers. However, if the game uses peer-to-peer connections, or if their general security isn’t very good, you are still at risk. This is especially true for some older games. It’s always a good idea to use a VPN to hide your IP address.
Essentially yes… temporarily, at least. Changing your IP address is like moving a target around the range. Without direct “line of sight” to your computer, the attackers won’t be able to hit you. At least, not for a while.
If your computer comes in contact with the attacker again, if they find your new IP address, the attacks will probably resume. This might happen if the attacker plays the same game as you a lot, or if you’re in the same peer-to-peer voice chat app, or other situations like that.
That depends entirely on the attacker. Most DDoS attacks require the use of a botnet. That’s basically a whole ton of computers, phones, and other devices that have most likely been infected with an app that controls them in small ways. It’s something that takes planning and coordination.
It will depend on their budget. In general, they can last a few hours to a day, with one in five attacks lasting days or weeks. Don’t try to wait it out, find a way to stop it.
Yes and no. While your router is off, the attacks will certainly stop. But when you turn it back on? Well, that depends. If your ISP is giving you a dedicated IP address (which is certainly useful for business and things like that), then the attacks will most likely resume the moment you connect again.
If you have a dynamic IP, which changes every time you reboot your modem or router, then restarting your router will stop the attack.
This is a tough one, especially for non-technical users. A DDoS attack can look a lot like a normal internet failure, especially if it’s normal for your internet to just suddenly get slow for a while. But, if your internet says it’s connected, and you can’t do anything with it for hours at a time? Then you might be getting hit with a DDoS attack.
The quickest way to check: restart your modem. If your internet suddenly works again, for everything, you might have been hit. You can also call your ISP to check for you; they’ll know for sure.