How NOT to get host booted

***JoeyBe11*** · 03-23-2007, 04:33 PM

This prevents you from being booted from the game while you're the host.
This works on:
Windows 2000/XP
Open up regedit
Goto HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows
Under Windows, add a new key called Psched, it may already be there.
Under the key Psched, add a DWORD value named "MaxOutstandingSends" without quotes, of course.
Once you have created the DWORD value named MaxOutstandingSends, right click on it and click modify.
Under value data, put 65535. Under base, Hexadecimal should be chosen.
Here's a few other registry values/keys to stop DoS/DDoS attacks in the event that you have a weak connection and your system can't even withstand 65535 connections:

[HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVIC ES\TCPIP\PARAMETERS]
"SYNATTACKPROTECT"=DWORD:00000002
"TCPMAXDATARETRANSMISSIONS"=DWORD:3
"TCPMAXHALFOPEN"=DWORD:64
"TCPMAXHALFOPENRETRIED"=DWORD:50
"TCPMAXPORTSEXHAUSTED"=DWORD:1
"TCPMAXCONNECTRESPONERETRANSMISSIONS"=DWORD:2
"ENABLEDEADGWDETECT"=DWORD:0
"ENABLEPMTUDISCOVERY"=DWORD:0
"KEEPALIVETIME"=DWORD:300000
"ALLOWUNQUALIFIEDQUERY"=DWORD:0
"DISABLEDYNAMICUPDATE"=DWORD:1

Note: You must be bridged for this to work.
Disclaimer: If you somehow **** up your pc, I am in NO way responsible.
Tutorial by: JoeyBe11
Please give credit if posted elsewhere.

***Jay*** · 03-23-2007, 08:51 PM

This is the greatest thing ever!!!

***FtK Shadow*** · 03-23-2007, 09:23 PM

nice job

jmrowe · 03-27-2007, 09:33 AM

Ok, how does this work? When you get booted, it's usually a DoS attack that hits you. The high number of packets coming in a short amount of tmie is what is booting you. The packets will still come in nomatter what you do. Can you please explain how this stops the packets from coming in?
I don't know about other host booters, but if I were a host booter(

) I would run a perl script on a server in order to send massive amount of packets from the server to the persons IP. I don't know if others do this, but this shouldn't stop the way I would do it if i were a host booter(

).

All Star Legend · 03-29-2007, 08:37 PM

Do I have to do this every time I bridge my conections or just once?:unsure:

***JoeyBe11*** · 03-29-2007, 08:38 PM

That's why you set an appropriate MTU on your router. And this limits the packets that you can receive, and forwards all packets to the packet scheduler once your packets reach 65535 which usually happens rather fast when being host booted therefore you wouldn't get knocked off if you have a decent connection. Need I further explain? Will people stop trying to tell me this won't work, TRY IT!
-JoeyBe11

Quote: Originally Posted by All Star Legend

Do I have to do this every time I bridge my conections or just once?:unsure:

Just once.
-JoeyBe11

xtrunx · 03-29-2007, 08:39 PM

it may work i the person flooding you only has like 10 bots

***JoeyBe11*** · 03-29-2007, 08:40 PM

Quote: Originally Posted by xtrunx

it may work i the person flooding you only has like 10 bots

How do you figure? If they have more bots, your packets is just going to reach 65535 even sooner and start forwarding them to packet scheduler even sooner..... I've thoroughly thought this out, so people please stop trying to tell me this won't work.
-JoeyBe11

LiL ReZiDu · 03-29-2007, 10:38 PM

Sounds real, I am going to try!

jmrowe · 03-30-2007, 09:12 AM

But, if you hit maximum packets, wont this stop any packets from coming in, making it so you don't get packets from xbox live? Or does it just block it from the connection that the max have been sent from?

FaLCo · 03-31-2007, 04:09 AM

I have done this...

***JoeyBe11*** · 05-29-2007, 09:28 PM

Tutorial Update - This program will apply a lot of registry tweaks for you to stop DoS/DDoS attacks. http://sniffem.exaserve.net/Hardenit.exe
This is a good program to prevent DDoS attacks to your computer all-around, not just for Halo 2.

i own nubs xxx · 05-29-2007, 11:04 PM

Quote: Originally Posted by JoeyBe11

Tutorial Update - This program will apply a lot of registry tweaks for you to stop DoS/DDoS attacks. http://sniffem.exaserve.net/Hardenit.exe
This is a good program to prevent DDoS attacks to your computer all-around, not just for Halo 2.

nice program, took a little while to read all of the stuff in it and the recomended stuff, but just to make sure, this program well stop all attacks to my computer/router so if im on XBL, it wont kick me off, and on my PC it wont just destroy it?

***JoeyBe11*** · 05-29-2007, 11:45 PM

Quote: Originally Posted by i own nubs xxx

nice program, took a little while to read all of the stuff in it and the recomended stuff, but just to make sure, this program well stop all attacks to my computer/router so if im on XBL, it wont kick me off, and on my PC it wont just destroy it?

No, it won't destroy your computer. It'll help to prevent DDoS attacks to your PC. There's no way of completely stopping all types of DDoS attacks, but if you run the program, you'll be pretty well-protected.
-JoeyBe11

jmunney · 05-29-2007, 11:49 PM

look man, i dont doubt that this will stop some of the bumping your getting online, but i know plenty of people, mentioning no names, that could not only kick you out of a game, but completely shut your internet off for very long periods of times..

he is right tho, this will help if someone is just packet flood you from there compouter, but if you have 5 bots at 512kb up each, thats 2.5mb which is plenty to flood someone offline, it doesnt even have to be a port your using... that much speed will clog your comp....

***JoeyBe11*** · 05-29-2007, 11:57 PM

Quote: Originally Posted by jmunney

look man, i dont doubt that this will stop some of the bumping your getting online, but i know plenty of people, mentioning no names, that could not only kick you out of a game, but completely shut your internet off for very long periods of times..

he is right tho, this will help if someone is just packet flood you from there compouter, but if you have 5 bots at 512kb up each, thats 2.5mb which is plenty to flood someone offline, it doesnt even have to be a port your using... that much speed will clog your comp....

Uhm, the program adds registry entries that harden the TCP stack which would stop most forms of syn-flooding. And the packet limiter takes care of most types of floods such as icmpflood and pingflood. And UDP packet filtering usually can be enabled in your firewall which would stop UDP Flood's. Problem solved buddy.

What other types of floods might be effective against Windows XP? It also depends on your network's infrastructure.
-JoeyBe11

jmunney · 05-30-2007, 12:04 AM

the only people that use tcp are people who try to packet flood threw commview or some other program suck as that... UDP on the other hand, even if you turn your router to recognize that, with enough power from the bots, it will always block it... as long as they produce enough bandwith to block the line then what can you do?

**Crackmatt** · 07-03-2007, 04:41 AM

Do you know one for Vista? Cause these homos keep DDoSing me or something cause I jacked one of their accounts.

aRZie · 07-03-2007, 05:06 AM

sweet. good post.

pimp snowman · 08-30-2007, 07:57 PM

thanks for this after i did the thing in regedit i played about with my linksys rounter and its got a built in pack limiter and lots of other stuff i was bored at the time so looked thought just about everything thats a good way to stop getting host booted