XBox Live players targeted in DoS attacks

If you're an online gamer, you're probably intimately familiar with the term "griefing" (to play a game with the sole intention of ruining other people's fun). Griefers are the bottom-feeders of online gaming society, the cyber equivalent of the bully that deliberately knocks a kid's ice cream cone out of his hands.

But until now, griefing has remained inside the game, and dealing with griefers was as simple as avoiding them. But today the BBC ran an article about a new problem cropping up on Microsoft's XBox Live gaming service: professional griefers who work outside the game. These individuals will, for a fee, knock an XBox 360 off the internet so the owner can't connect to the XBox Live service to play.

This works because XBox Live games generally use a peer-to-peer system of multiplayer gaming. Instead of all players going through a central server, one player hosts a game on his XBox 360, and others connect to his system as clients. If hackers can ascertain a user's IP address via packet sniffing or social engineering, it becomes a fairly trivial matter to launch a DoS attack against that user.

Microsoft says it is looking into the problems, but since the attacks don't touch the XBox Live servers (which generally just handle logging in and out of the service and other administrivia, rather than handling the actual game data packets), it's hard to imagine how much they can do about it.

At this point, the only practical defense against these attacks is requesting a new IP address from your ISP. A better plan is probably to avoid being attacked in the first place. If someone is getting to the point where they're willing to pay money to knock you of the network, they're probably going to communicate this anger verbally before they get to that point. The XBox Live community, with its ubiquitous voice chat, isn't known for its restraint. Remember that you can report bad behavior anonymously. The best bet, as always, is to develop a good Friends list and play with people you know.

ITWorld DealPost: The best in tech deals and discounts.