[Torseq Tech.]

For the server-side "boots" craig is describing what's called an amplification attack. It works by amplifying the traffic load while only having to send a small amount of traffic to make it happen. It's also called the snowball effect. These server-side d/c packets are basically a Yahoo!-specific SMURF attack using Yahoo!'s own protocol to abuse their server's traffic routing rules. I know of a couple ways to stop them from working but there's only a couple tricks you can use to stop one of these attacks if it uses chat invitations or PMs *deliverable in all scenarios regardless of whether you're using Chat 2 or YMSG, cloaked on YMSG or not*. If the packets can be delivered to you it's a potential avenue for flooding to boot you.

Cloaking in YMSG aids in preventing most of these attacks but can't cover all of them. To combat against strong PM bombing even if the PM bomb is using an amplified packet structure to force lots of traffic on you (booters call these "looped" packets) something can be done about it. What you can do is log your ID into YMSG/HTTP and then use a chat client to log that same ID into Chat 2 to join a room. You'll be able to chat regularly on the Chat 2 connection, use voice etc. while all of the chat invites that you receive as well as all of the PMs you'll receive will all be sent to your YMSG/HTTP connection. It's impossible to flood off a user that's signed into YMSG/HTTP even if they're on dial-up due to the nature of how HTTP operates and how the servers deal with the excess traffic that's buffered or built up. The excess is simply discarded while using this protocol. There are other "tricks" you can use but this is the cleanest and would truly make anyone regardless of their connection "unbootable" as far as the flooding goes unless that flood is generated inside the chat room (on the Chat 2 connection). Cookie exploits and other disconnect exploitation methods that don't involve flooding you would still be susceptible to.