Update on DDoS Issues

First Riot Post
Comment below rating threshold, click here to show it.

only zhule

Member

05-05-2014

Can we at least get some lose forgiveness on stuff like this. just got done with a game where everyone got booted for like 3-4 mins and 2 members of my team never reconnected (probably because the game refused to let them for such a long period of time)


Comment below rating threshold, click here to show it.

inb4Ikillu

Junior Member

05-05-2014

hi, i play on OCE ..

http://puu.sh/8zXBl.jpg
http://puu.sh/8zXyj.jpg
http://puu.sh/8zXA3.jpg

oce riot doesnt really do much, i dont know if posting this here will help, but OCE diamond/chall is so small that u vs the same people every other game and this guy ddosed me constantly


Comment below rating threshold, click here to show it.

K4tarina

Junior Member

05-05-2014

so annoying... Fix it plz


Comment below rating threshold, click here to show it.

XXXccc

Member

05-06-2014

http://www.reddit.com/r/leagueoflege...the_drophacks/

Quote:
"They are dealing with a very difficult problem. Give them time, they're working as fast as they can."
Posted 1 year ago

Quote:
"Hi,

we all recently found out that Drophacking seems to appear more and more often within the last couple of days. A friend I'm often skyping with has given me some insight of what's happening behind the scenes as he was publishing a tutorial earlier the day to compile your own DH and execute it.

In fact, some days ago, a very shiny and easy-to-use Drophack tool was released. It's $10/m and due to a spam of advertisment it made itself a name in several forums. It does work and drop the game, yes - I was convinced by showing several live-games drop. It is, however, a paid service and it didn't take long before one guy decompiled the source of this hack and published it in a different forum. A lot of insults and threatening was going on in these threads as, obviously, the original developer was pretty pissed.

Anyways, suddenly a lot of people were having a valid source to work with. It's actually a fairly easy code, I myself could compile it and then, lastly, all I need is a VPS to execute it. A VPS is easy to get and the sources for a working drophack are now spreading as well as more and more Skypenames are shared of people who are offering to set it up for you for $5.

My friend sent me a link to one hilarious discussion, though - where several developers were ranting about how stupid people are to use their hacks so obvious. Like, with a countdown just before the drop starts or even naming the tool they were using. Some ridciulous stories were told.

I was sending Riot a mail earlier with links and names of these hacks so they might get interested in fixing it somewhen.. and I thought of sharing this little story with you."
http://www.reddit.com/r/leagueoflege...ed_these_guys/

Posted 25 days ago.

I just thought you guys would like to know.


Comment below rating threshold, click here to show it.

Webmage806

Junior Member

05-06-2014

Personally I hope they continue fun watching Riot try their hardest on something for a change.


Comment below rating threshold, click here to show it.

awsomergamer

Junior Member

05-06-2014

Hey thanks for the support on this, I've had this happen to me several times (in which I didn't report) but there was just last night when it happened to me, so I can't reconnect back to a game that was only like 8-10 mins in (in which my team was winning) I can't log back in for about 20 mins and keep getting the firewall error message, eventually I log back in and all my teams turrets are destroyed and there is bot lane farming and stuff. In the end, my team reconnects and the 2 bot laners surrender. So I try to go to stats screen but it's taking too long, so I skip waiting for stats to start another ranked game. But when I try to start a new game it says I'm still in my previous game. I log out and log back in, and it goes to the screen where you have to reconnect to a game. So I try to reconnect and it gives me the firewall error message. That is where I currently am, not sure if 8 hours and I'll still be trying to reconnect or something but out of ignorance, was that a DDOS drop hack?


Comment below rating threshold, click here to show it.

Ryios

Senior Member

05-06-2014

Why can't you guys just disable pinging and add logic to the TCP Listener code to reject connections without an encrypted access header? Then close every port on the server accept the port the game accepts connections through.

If someone attempts to connect to the server on the game port without immediately sending the valid access header, instantly close the connection and block the ip until the current game has concluded.

E.g. have people log into a the server with said access header which establishes the 2 way connection. Which is then used for the game client and server to talk to each other.

You could go so far as to make it so a player logging into the game client is issued a token, and that token is used in the header to talk to the server.

As such you could only flood the server with data if it was using the access header with the users token in it (or someone's token from the active game "which they wouldn't have without keyloggers/trojans etc") And in the event that does happen, you would know Immediately that PlayerA did a DDoS, insta ban them for 24 hours -> 1 week -> 1 month -> perma or something like that, and drop that game and give the affected players a msg like "PlayerA ddos'd your game and has been temporarily banned, the match did not count as a loss".


Comment below rating threshold, click here to show it.

Gold Buddha

Member

05-06-2014

funny how they say small number of players are effected.
if it is so small, why can't you guys get it fixed or ban whoever is using it?, all players are "helping you" by reporting, yet this problem has been around for 4 month now.
really riot?


Comment below rating threshold, click here to show it.

plumbst

Member

05-06-2014

This is getting out of hand. I'm pretty much getting at least one drop hacked game a day (in ranked) and it's almost always happening when my team's about to win.. like seriously what can I do? Any updates Riot???


Comment below rating threshold, click here to show it.

RiotGradius

Associate Information Security Engineer

05-06-2014
4 of 5 Riot Posts

Hey everyone! I just wanted to update this thread with a "we haven't forgotten about the problem" update.

There are a few different solutions that we're taking to this problem, and we're testing them in various ways. It's a hard thing to see so many games still being attacked, and we believe that every player has the right to a stable game without other's being able to affect the outcome by any form of denial of service.

Right now we're running various prevention methods through tests to ensure that when we add these protections all around the world, that we don't harm the stability of the servers. The last thing we want to do is rush a solution out the door and find that it does more harm than good.

Also, those of you that are reporting drop hackers in this post, I'd like to request that you turn those posts into support tickets. This is much easier to track and take action on, and helps prevent the chance of player's accounts being called out on the forums.

If there are any questions, I'll be monitoring this thread throughout the night, and I'll answer everything I can!