The internet is becoming a dangerous place everyday. It has become so important in our lives that we cannot avoid the internet nor can we avoid the increasing dangers of being connected to it. These dangers can damage us in big ways and cyber-attacks have become a fact of life. We live in an online environment where hackers, script kiddies, and really anybody can be a real threat. While there is a lot of information you expose on the internet without even thinking about it we are going to focus on the IP address and how to protect yourself from a DDoS attack.
What is an IP Address?
An IP Address is not the address to an internet party nor is it related to intellectual property. An IP address also known as Internet Protocol address is a numerical label assigned to each device (computer, phone, etc), that participates on a network using Internet Protocol to communicate with other devices. An IP address is like a house address it is for identification and location. An IP address can be used by hackers and others to gain user’s information and prevent information from being access by the user. An IP address commonly looks like XXX.XX.X.XXX (it’s not 192.168.1.1) where the X is replaced with a number.
What is a DDoS Attack?
A common type of cyber-thread is a Denial of Service (DoS) attack. As implied by the name this type of attack renders websites and other online resources unavailable to users. While other cyber-attacks aim at hi-jacking sensitive information like you password, credit card number, etc, DoS attacks do not attempt that. Simply, they just deny your ability to either go online or prevent users from accessing a specific resource. A DoS attack has become the choice of weapon among many and can last from seconds to days. Denial of Service attacks come in many different flavors and sizes but we are going to look at whats known as a DDoS attack also known as a Distributed Denial of Service attack (there is a difference between DoS and DDoS). A DDoS attack is launched from multiple connected devices from all over the internet. These multiple devices are hard to deflect and detect (depending on who you are of course), due to the sheer volume of devices involved.
How easy is it to DDoS?
Unfortunately, it is very easy nowadays and although I won’t teach you the process, it takes about 10 minutes on google to figure out how. Hell, you don’t even need to learn how nowadays since you can just buy booters instead of creating a botnet. Anybody, can send a DDoS attack to any persons computer or website. The problem with a DoS attack is it’s sent from one location and can generally be blocked fairly easily. A DDoS attack as explained before comes from multiple locations and can be a lot harder to block. It has become an increasingly common thing in the video game scene. Players often hit off another player for a competitive advantage. People may DDoS others just because they don’t like you or because they think it’s fun.
Am I Under a DoS Attack?
A lot of the times I see people blaming a DoS attack for any type of lag they experience. If you are lagging, having slow load times, or disconnecting every once in a while but being able to connect again, you most likely are NOT being DDoS’d. A DDoS attack does start with packet loss, lag, and other latency issues until it gets to a point where you just cannot access the internet whatsoever for the remainder of the attack. If you are using skype you will basically connect and disconnect until you can no longer connect. There are a few things we can do to figure out if we are under a DDoS attack:
- First, you are going to open command prompt
- We are then going to attempt to ping a website
I would recommend adding “-n” and a number after to specify how many ping requests you would like to make. By default its 4 but sending say 10 might give you a better pool of data.
What we are looking for in this data is the time= and the percent of packets lost in the ping stats. What time represents is your ping which is the time it takes for your data to travel to the server you are pinging and return back to you so in this case 12 millisecond average and 0 packet loss. In the early stages of a DoS attack the time will increase until you only see “Request timed out”. The first thing you should do is always ping a website to determine if you are connected. Just because you lag doesn’t mean you are being hit offline even if you disconnect every once in awhile.
How Does Someone Get My IP?
Obtaining a target’s IP can be extremely simple to extremely difficult depending on the target. Below we are going to discuss a few common methods to determine a targets IP. Also a note that if somebody already has your IP unless you change it there is nothing you can really do to protect it.
Method 1: Ping
Ping is the easiest way to steal an IP address. It’s the same method we talked about before to determine if you are under an attack. As you see above we ping’d creativehive.com and we got a reply from an IP address. In just a few seconds we have gotten the IP address of a target. This method is commonly used for finding the IP address of a website and is less effective for acquiring the IP of a person unless they host a website from home. All somebody has to do is open up a CMD prompt and type in “ping somewebsite.com”. Upon doing so you will see a reply with their IP address. We won’t be discussing how to protect a website from it’s IP being captured.
Method 2: Skype
Your skype name can reveal more than just the information to your profile. From a users skype name you can determine their IP address without even adding them. Nowadays, this method is done easily on various websites:
Above are the first two sites that come up from google along with the pages to blacklist your ip from them. However, I wouldn’t recommend paying any site to blacklist your ip because that only blocks it from that specific site and there are thousands of sites that can be used otherwise. Because skype is a peer-to-peer software your last known IP can be acquired with great ease.
Method 3: VoIP Clients
VoIP Clients also known as Voice over IP is a piece of software that allows users to speak on a chat and voice channel with fellow users much like a phone call. We are going to specifically look at the TeamSpeak Client. When using the teamspeak client users connect to a teamspeak server of their choice, from there they can join voice channels. When your connection is sent to a teamspeak server, by default anybody can view your IP address.
Because you cannot view a specific teamspeak server’s permissions before joining you need to be very careful when joining a new server with friends or strangers. The administrator of the teamspeak can disable a users ability to view other client addresses or restrict it to certain groups. I would recommend restricting the ability to view client addresses from everybody even yourself. To verify that at least your IP is hidden from users of your group right click another user and view their client address.
If you see “Hidden” that means people of your group cannot view client addresses. THIS DOES NOT MEAN SOMEONE OF A HIGHER GROUP CAN’T SEE IPS SO BE VERY CAREFUL. A lot of random teamspeaks may steal your ip and sell it or expose it. We will discuss further down how to protect your IP in teamspeak. But I would recommend you just do not join ANY teamspeak servers that you are not familiar with.
Method 4: Game Servers
We all play a variety of games that don’t always have servers hosted by the game developers. If’s very common to see servers hosted by players either at home or from rented dedicated servers. We see this in games like Battlefield, Minecraft, etc. We are going to look at Minecraft servers specifically but this will apply to any server that’s hosted by a player not the game developers. When a user sets up a Minecraft server players connect to it via a IP (which one can also DDoS as it’s just like a domain). When a user connects to the minecraft server unlike teamspeak not every user can view your IP easily. Generally, what you have to be careful about is joining servers that might have been created for the sole purpose of stealing your IP. Let’s say you and your buddies hop on this random guys server and grief it. Well, now you’ve pissed this guy off and he has your IP’s. Certain servers allow certain ranks to view your IP in game as well so if a mod or someone doesn’t like you he might view your IP and give it to someone else or attack it himself and there is no way to track that really. There are also games where you can run something called a sniffer that captures the IP addresses of the connected players.
Method 5: IP Grabbers
This next method is commonly used by an anonymous user to trick the target into exposing his/her IP address. This is commonly done through a url that links to a website that logs the IP address of the visitor. Basically, the user would create a link and run it through say a link modifier and send it to a target. So, you might receive a tweet saying “OMG LOOK AT THIS PICTURE OF YOU!” or something that would trick the target into clicking the link. Once the target has clicked the link the user now has their ip and whatever other information they could capture. A user can even take a link from say a news article website and mask it to look like another news website but in reality it just steals a targets IP address.
Method 6: Email Header
I actually am not very sure if this works for many email services anymore but I know it used to work and still does work on a lot of services. You are able to trace an ip through an email address. Each email you receive has a header which contains information about the routing of the message and the originating destination of the message. You most likely cannot do this with many email services anymore. AFAIK I couldn’t do this in gmail anymore which I tested at the time of writing this. If you do use a email service that is vulnerable to this the email header will display the origination IP and the computer name that sent the email.
Method 7: Database Leaks
When you register on a website your IP address is usually logged and tied to your account. If a database is leaked a user can search your username and look for IP’s tied to your say username or email. Although i’m not going to talk about this too much because this requires a lot of effort and most people will probably give up if they can’t get your IP through skype.
Who is Targeting Me?
This is going to depend upon whether a user is being hit with a DoS or DDoS attack. Most attacks are usually part of a DDoS attack which again is done via botnets that are spaced out from multiple IP’s. However, if you are being hit offline by some teenager who just downloaded a “low-orbit ion cannon” or some other tool from the internet to make himself a “l33t h@x0r” so without thinking he/she just gets an ip and starts hitting it, this is a DoS attack. If this is the case, he/she most likely hasn’t spoofed his IP. This means you can find out where the DoS attack is coming from. There are programs you can use to display all the current connections to your computer and it should be fairly clear where the attack is originating from (it’s the one that is appearing a ton of times). You now have his/her IP address and you can do what you please. I would recommend taking the legal route and contacting his/her ISP by looking up information about his/her IP. As for DDoS attacks those are a lot harder to trace and we aren’t going to get into that as this is a prevention not a tracing guide.
How Do I Protect Myself?
While there is no 100% way to protect yourself I am going to go over a few suggestions and methods that can decrease the average un-educated person from being able to easily steal your IP address. It’s worth noting that there are two types of IP addresses; static and dynamic. The difference between the two is if you have a static IP, it does NOT change. The device always has the same IP and for a lot of ISP’s they assign static IPs. Which means if someone steals your IP anything you do after won’t matter because they already have your IP. If you have a dynamic IP address you can refresh your IP meaning if someone gets your IP you can change it and protect yourself. If you have a static IP I would recommend calling your ISP and seeing if they can change your ip. Although, from my experience most of the customer support people don’t even know what a DoS attack is and recommend I restart my modem and router. /facepalm
Method 1: Skype Specific Protection
When it comes to skype I am going to give you a suggestion and then a method to help you keep your IP safe and secure. My suggestion is when you are creating your skype DO NOT MAKE THE SKYPE NAME THE SAME AS YOUR ALIAS. If your online alias is John Cena and your skype is JohnCena this is a bad idea. Seriously. If your skype name is randomskypecena but your display name is still John Cena people in the skype search can search your skype. If you used say your public email firstname.lastname@example.org to register your skype and someone searches this email in skype then your skype will be compromised. When making your skype pick a random username, a profile name that isn’t completely obvious, and use an email that isn’t publicly known. Aside from these suggestions let’s talk about some methods that can help you protect your IP address. First off go to: Skype > Tools > Options > Advanced > Connection > Enable “Allow direct connections to your contacts only.” This will prevent random users from grabbing your ip by only allowing people in your contacts to directly connect to you.
After this you can also setup a proxy for skype which is used to hide the users ip. If you aren’t looking to spend any money I would recommend going to the following website: http://proxylist.hidemyass.com/. Search for https or socks5 proxies with high anonymity, speed, and speed (in your country unless you want high af ping). Once you’ve grabbed an IP and a port you can add it to your skype in the fields you see above. (note what I have in there right now is not a proxy). Once you are finished you hit save and boom. If your skype randomly disconnects and doesn’t reconnect it means they hit your proxy offline. You can also not use skype and use a service like Discord which offers free and secure voice and text communication. We will talk about discord further down.
Method 2: VoIP Client Specific Protection
When it comes to teamspeak there are things you can do as the server owner and things you can do as a regular user to protect ip addresses. I am going to first give you suggestions again and then talk about some methods. I would suggest that users do NOT join random teamspeak servers. Again, you don’t know if they are protecting you from others seeing your client address. I personally, only go on ts servers owned by major networks / groups or ones that I have personally setup myself. My suggestion for server owners disable the ability to view client addresses for everybody even yourself if you can will yourself to do it. But, let’s talk about some methods. Unfortunately, teamspeak has no proxy support because it needs UDP/TCP for voice communications. What you can do is use a VPN to tunnel every kind of network traffic to the outside. Basically, you route your data to a server which then sends that data to say the teamspeak server you are connecting to aka a middleman. But, the downside of that is a VPN routes all your information through the server unless configured otherwise. We will talk about VPN’s later. My last method for protecting your IP is instead of using teamspeak use a service like I mentioned above (discord). Discord allows you to create voice channels with high audio quality for free and without the worries of your ip being stolen.
Method 3: IP Grabber Specific Protection
This is fairly simple to protect yourself against and I don’t honestly even need to list a method but you can basically run your browser through a proxy or use a VPN or use something like Tor Browser. Anyways, my suggestion don’t click on links from strangers or any links that seem weird. If I ever feel a link is weird even if its from a friend I run it through a link preview site on a website that loads the site before connecting me to it.
Method 4: Game Server Specific Protection
tl;dr don’t connect to servers that seem shady or untrustworthy. Use a VPN if you are really concerned but sometimes playing games through a VPN isn’t a very smooth experience.
Method 5: VPN
If you really want to stay safe from DDoS attacks then I am going to have to recommend that you use a VPN as it provides the best of everything. From what i’ve read the best VPN service out there right now is called… Private Internet Access (0 points for name creativity but it’s straight to the point). The link will bring you to a PC magazine article about the VPN service that will also give you a guide on how VPN services work, how to install them, etc. Again, these don’t have the best speeds so gaming and what not might be fairly hard on that. Though some VPN programs allow you to exclude specific applications from being routed through it. Otherwise, when you are connected to a VPN you may notice higher ping, lower download and upload speeds. You can google VPN services though that specialize in providing high speeds.
My overall thoughts on using a VPN though is that you don’t need one if you are careful about what you do. If you protect your skype, don’t log into random teamspeaks, or just don’t use ts and skype, and just think about things with care then you should be fine with just a proxy etc. I very rarely even use a proxy and the only time somebody snagged my IP was through a teamspeak server.
Method 6: Discord
This is actually a fairly new service that I learned about while at a convention called Twitchcon. Discord is a free and quality alternative to Skype and Teamspeak. It’s an all-in-one voice and text chat that’s free (did I mention free?), secure, and works on desktop and phone. You now don’t need to pay for teamspeak servers or worry about someone stealing your IP address through skype or ts. The website lists this comparison:
In addition to all of that they offer quite a bit more and it’s being actively worked on. However, the MAJOR disadvantage right now is that unlike skype there is no friends system at the time of writing this (although I know it’s almost done). What that means is you don’t add a user they have to join your server and then you can talk to them in private messages. However, if that user leaves the server or the server is disbanded you lose all the communication. But, again, i’ve been told friends will be a feature soon. Anways, you can checkout their website here: https://discordapp.com/
Method 7: Blocking a DoS Attack
While this really won’t work for a DDoS attack due to the amount of IP’s most likely hitting you let’s talk about what you can try to do for a DDoS attack but can do for a DoS attack. Let’s say you are currently under an attack and are completely offline. If you have a dynamic IP you can try unplugging your modem and router and waiting for 2–5minutes (depending on the ISP the time can take even longer and it doesn’t necessarily mean your ip will change every time you restart your modem). If you have a static ip well, you need to call your ISP and see what you can do or if you can be changed to dynamic. Another method that i’ve seen work sometimes is going into CMD and doing the following:
- ipconfig /release
- ipconfig /renew
You can also do “ipconfig /all” and enter then go to the default gateway and it should bring you to your routers admin page where you can release / renew your IP. Also inside your admin page you can sometimes block certain IP’s so if you found the range of IP’s or one IP that is hitting you then you can block it there. But since I am at college I can’t show you this through a router since well I don’t have one here.
This guide was compiled and written through a lot of my own experiences and through the advice of many guides I also read combined into one. If you have any questions or comments please do let me know and I will do my best to address them. Hopefully, this gives you a basic understanding of how you can protect your own IP.