These forums have been archived and are now read-only.

The new forums are live and can be found at https://forums.eveonline.com/

EVE General Discussion

Forum Index

EVE Forums » EVE Communication Center » EVE General Discussion » So... Who's Responsible?

Topic is locked indefinitely.

So... Who's Responsible?
Author

Previous Topic Next Topic

silens vesica

Corsair Cartel

Likes received: 3,128

#41 - 2013-06-03 15:57:44 UTC

THC Trader wrote:

CCP took the servers offline to ensure no further vulnerabilities had been found/exploited. This is precautionary, and a smart move on their part. It doesn't mean the attacker actually gained any access though.

Pretty sure no one here is claiming unauthorized access was gained...
Indeed, the lack of foaming panic in this thread is remarkable.

We're just speculating on who, and why.

Tell someone you love them today, because life is short. But scream it at them in Esperanto, because life is also terrifying and confusing.

Didn't vote? Then you voted for NulBloc

Evei Shard

Shard Industries

Likes received: 477

#42 - 2013-06-03 15:58:36 UTC

Vincent Athena wrote:

Evei Shard wrote:

A thread titled "So.. Who's Responsible?" and after two pages no-one has blamed the Goons yet?

I'm on the Eve Online forums right?

Did we lose the tin-foil rolls in the attack or something?

If the new expansion included content that was massively hurting the Goons, I could see them trying something like this to extort CCP.

But there is nothing in the expansion like that. You may say "Tech!" except the goons have said many times that although they are exploiting the current Tech situation, that situation should not exist.

'twas tongue-in-cheek.

Profit favors the prepared

Yazatas. 180
mama guru Yazatas. Likes received: 180	#43 - 2013-06-03 16:22:20 UTC 1 Atleast we can't blame sirmolle this time. EVE online is the fishermans friend of MMO's. If it's too hard you are too weak.

Photosynth 4,043
Vincent Athena Photosynth Likes received: 4,043	#44 - 2013-06-03 16:31:44 UTC 1 There is the possibility it was just an attempt to get credit card numbers, or identity theft of some sort, or to get account details so assets could be drained for RMT. Know a Frozen fan? Check this out Frozen fanfiction

Jenn aSide

Soul Machines

The Initiative.

Likes received: 16,192

#45 - 2013-06-03 16:35:36 UTC | Edited by: Jenn aSide

Vincent Athena wrote:

There is the possibility it was just an attempt to get credit card numbers, or identity theft of some sort, or to get account details so assets could be drained for RMT.

I hope so and I hope they get my credit info. My credit score is in negative numbers now, anyone who tries to identity theft me will just be hurting themselves.

It's like Chris Tucker once said: I'm so broke that if a dude tries to rob me, he'll just be practicing Big smile

silens vesica

Corsair Cartel

Likes received: 3,128

#46 - 2013-06-03 16:38:29 UTC

Vincent Athena wrote:

There is the possibility it was just an attempt to get credit card numbers, or identity theft of some sort, or to get account details so assets could be drained for RMT.

Most plausible, I suppose. I still like the idea of someone trying to use CCP to attack some government, to control a multi-national, so he can get free t-shirts or maybe an autographed mouse pad, or something silly and contrived like that.

I want this to have been a proper super-villain attack!

Tell someone you love them today, because life is short. But scream it at them in Esperanto, because life is also terrifying and confusing.

Didn't vote? Then you voted for NulBloc

Klingon55

Royal Amarr Institute

Amarr Empire

Likes received: 5

#47 - 2013-06-03 16:51:02 UTC

Brooks Puuntai wrote:

Ronix Aideron wrote:

http://community.eveonline.com/news/news-channels/eve-online-news/tranquility-downtime-on-sunday-june-2-and-monday-june-3/

It was not a DDoS attack but someone or a group that was able to exploit a vulnerability to some back-end services.

It states in the first sentence it was a DDoS. The whole point of DDoS is to exploit a vulnerability to gain access.

Do you even know what DDoS is?

Throktar

Deep Core Mining Inc.

Likes received: 38

#48 - 2013-06-03 16:59:07 UTC

THC Trader wrote:

There seem to be a lot of misconceptions. Let me clear this up, considering I know how a DDoS works, and understand what CCP said in their post.

Someone found a vulnerability in CCP's servers. This doesn't mean they were able to gain access, or compromise the system. Vulnerabilities like that are pretty rare when you have a development team that knows what they're doing. Instead, what this most likely means, is they found a way to make CCP's servers do excessive amounts of work. They then either used a single computer, or multiple computers, to repeatedly send the data to CCP's servers that would make them do excessive amounts of work. This resulted in a Denial of Service.

Think of it in terms of a website, as it's a bit easier that way. Imagine you found a page on a website that took forever to load, and while loading slowed the entire website down. Now imagine if you had control of thousands of computers, and commanded all of those computers to request that page over and over again. The effect would be that the website would go offline under the load while trying to process all of those requests.

CCP took the servers offline to ensure no further vulnerabilities had been found/exploited. This is precautionary, and a smart move on their part. It doesn't mean the attacker actually gained any access though.

Thank you for explaining what a DDoS was to a non IT person.

Brooks Puuntai

Solar Nexus.

Likes received: 2,030

#49 - 2013-06-03 17:17:54 UTC

Klingon55 wrote:

Brooks Puuntai wrote:

Ronix Aideron wrote:

It states in the first sentence it was a DDoS. The whole point of DDoS is to exploit a vulnerability to gain access.

Do you even know what DDoS is?

Yes I do. As stated the whole idea behind a DDOS is to flood a server with "white noise" exploiting a vulnerability in a servers ability to process incoming traffic. Which then is almost always followed with a attempt to access information within a server. This is why anytime time a DDOS attack occurs the servers are taken down, to prevent access as well as do a sweep of the system to see if anything has been compromised.

DOS attacks are rarely used nowadays just to deny service, pretty much anytime a DOS attack occurs you can assume they are doing so to try and gain access.

They are distinct, but almost always used in conjunction with one another.

CCP's Motto: If it isn't broken, break it. If it is broken, ignore it. Improving NPE / Dynamic New Eden

Korah Arnelle

University of Caille

Gallente Federation

Likes received: 11

#50 - 2013-06-03 17:40:40 UTC

Brooks Puuntai wrote:

Klingon55 wrote:

Brooks Puuntai wrote:

Ronix Aideron wrote:

It states in the first sentence it was a DDoS. The whole point of DDoS is to exploit a vulnerability to gain access.

Do you even know what DDoS is?

Well I would say yes and no. It really depends. If they're trying to spam the API key system, maybe... But that's a stretch since you can't push data to it. But stuff like the DBMS itself, sure that's likely. They were probably hoping they could sneak in a SQL query like select * from users where user=1 or some silly ass injection attack. But anything else is pretty iffy stuff because most socket programming is pretty simple these days (Has to be since the core use of a socket is to offer IO only, any business logic or whatever is handled by another layer like transport or application layers).

Frankly, my bet is on some ******* Rusky trying to find a backdoor to use CCP's services as a spambot network. Don't believe me, look at the latest spats about Spamhaus and cyberbunker. Seriously, this spam crap is getting out of hand. I'm just waiting for a botnet to Skynet'd the whole Internet.

Wodensun

Caldari Provisions

Caldari State

Likes received: 168

#51 - 2013-06-03 18:12:19 UTC

Ronix Aideron wrote:

Reading is hard no?

CCP wrote:

At 02:05 UTC June 2nd, CCP became aware of a significant and sustained distributed denial-of-service attack (DDoS) against the Tranquility cluster (which houses EVE Online and DUST 514) and web servers.

Our policy in such cases is to mobilize a taskforce of internal and external experts to evaluate the situation. At 03:07 UTC, that group concluded that our best course of action was to go completely offline while we put in place mitigation plans.

Do not give me likes them 101 likes arent a accident...

Wodensun

Caldari Provisions

Caldari State

Likes received: 168

#52 - 2013-06-03 18:14:37 UTC | Edited by: Wodensun

Brooks Puuntai wrote:

Klingon55 wrote:

Brooks Puuntai wrote:

Ronix Aideron wrote:

It states in the first sentence it was a DDoS. The whole point of DDoS is to exploit a vulnerability to gain access.

Do you even know what DDoS is?

This is utter BS

Its not the server they are exploiting they are simply flooding the route to the server and your pretty damn stupid trying to exploit a server you just nuked offline yourself... let me ask you this.. how do you intent to connect to the server when your DDoS causes it to go **** up... you cant...

Do not give me likes them 101 likes arent a accident...


Korah Arnelle University of Caille Gallente Federation Likes received: 11	#53 - 2013-06-03 18:25:29 UTC Certain network protocols operate based on packet number sequence, so it's not entirely BS. So, you can throw some routers for a loop by literally switching packets out of sequence. Fun times to be had. :)

Free-lances 18
Aldebaran Aubaris Free-lances Likes received: 18	#54 - 2013-06-03 19:13:27 UTC Let's explore "who profits". WoT did splashingly well during the DT. Conclusion: Its the Russkies!

University of Caille Gallente Federation 3,423
ElQuirko University of Caille Gallente Federation Likes received: 3,423	#55 - 2013-06-03 19:23:48 UTC I blame the Dutch. Dodixie > Hek

Aliastra Gallente Federation 76
Giuseppe R Raimondo Aliastra Gallente Federation Likes received: 76	#56 - 2013-06-03 20:00:21 UTC The jove empire nplugged every capsulear so they can move in a army and hide it

No Regard. 217
ian papabear No Regard. Likes received: 217	#57 - 2013-06-03 20:04:03 UTC ElQuirko wrote: Anonymous: "We r leejunz. We haf haqd ur spaecships. Resstnc is futiel k? Xpect uz." i would laugh really hard if someone put in a request to them to eff with your computer. .


ian papabear No Regard. Likes received: 217	#58 - 2013-06-03 20:04:43 UTC It was test alliance , they hired some DDOS guys to mess with the server so that they prolong delve being taken from them. .

Sebiestor Tribe Minmatar Republic 122
Patrakele Sebiestor Tribe Minmatar Republic Likes received: 122	#59 - 2013-06-03 20:29:45 UTC Throw everyone in jail, that way we will be sure the guilty have been punished.


ian papabear No Regard. Likes received: 217	#60 - 2013-06-03 20:33:10 UTC Patrakele wrote: Throw everyone in jail, that way we will be sure the guilty have been punished. this is totally unrelevant but you have about the ugliest avatar i have ever seen cheers .

Previous page1234Next page

EVE General Discussion

Corsair Cartel

Shard Industries

Yazatas.

Photosynth

Soul Machines

The Initiative.

Royal Amarr Institute

Amarr Empire

Deep Core Mining Inc.

Solar Nexus.

University of Caille

Gallente Federation

Caldari Provisions

Caldari State

Free-lances

University of Caille

Gallente Federation

Aliastra

Gallente Federation

No Regard.

Sebiestor Tribe

Minmatar Republic