These forums have been archived and are now read-only.

The new forums are live and can be found at https://forums.eveonline.com/

EVE General Discussion

 
  • Topic is locked indefinitely.
 

The low-down on DDoS

First post
Author
Previous Topic Next Topic
Glathull
Warlock Assassins
#1 - 2014-08-22 07:28:58 UTC
I'm just going to put this here for all the people who seem confused.

The point of DDoS is that the attack traffic looks like it's coming from legit sources.

If it were obvious and focused and coming from a single source, it would be DoS, and that would be relatively preventable.

DDoS comes from real people's machines who have every reason to be trusted as IP traffic. Those people's machines have been compromised, and are therefore able to be commanded to perform DoS attacks.

Can you make absolutely sure that you can't be DDoS'd? Yes. You can. You can unplug your network cables and just let your servers go to town. But, oh wait, that means that no one can get to your servers. No one. Not even you.

Are there companies who promise to protect you from these attacks? Yes. There are. They are mostly the same companies who promise to protect you from malware and adware on your personal machines and fail miserably at it unless you let their software basically cripple your network interactions--which, again, isn't something CCP or any other company hosting a web application can allow.

You don't want CCP to be overzealous about blocking network traffic. You really don't. Many real players would get blocked if CCP did what it would take to block all possible DDoS attack vectors.

Network security for this kind of application is a balancing act. Sometimes things fall over. That's part of the gig.

Major companies with a hundred times the resources CCP has get knocked over by these kinds of shenanigans. Sony got blasted a couple of years ago. Hell, in 2011 right after lulzsec hacked playstation network--covering with a DDoS --and stole millions of credit cards, CCP got hit by them as well.

So before you go off on your CCP sucks at everything bull****, remember that they have dealt with this in the past, and they knew enough to know when they were getting several types of attacks from different vectors at once and knew when to shut down and when to stick it out.

This is not an ideal situation for anyone. Duh. No one likes it when EvE is going down like a hooker.

But this is not incompetence, and it's not because CCP doesn't know what it's doing. In my experience, CCP is damn good at handling these situations. I've never had credit card info stolen from CCP.

Can't say the same about Sony or Target or Apple or Microsoft.




I honestly feel like I just read fifty shades of dumb. --CCP Falcon
Foodpimp
The Scope
Gallente Federation
#2 - 2014-08-22 07:32:13 UTC
Glathull wrote:
I'm just going to put this here for all the people who seem confused.

The point of DDoS is that the attack traffic looks like it's coming from legit sources.

If it were obvious and focused and coming from a single source, it would be DoS, and that would be relatively preventable.

DDoS comes from real people's machines who have every reason to be trusted as IP traffic. Those people's machines have been compromised, and are therefore able to be commanded to perform DoS attacks.

Can you make absolutely sure that you can't be DDoS'd? Yes. You can. You can unplug your network cables and just let your servers go to town. But, oh wait, that means that no one can get to your servers. No one. Not even you.

Are there companies who promise to protect you from these attacks? Yes. There are. They are mostly the same companies who promise to protect you from malware and adware on your personal machines and fail miserably at it unless you let their software basically cripple your network interactions--which, again, isn't something CCP or any other company hosting a web application can allow.

You don't want CCP to be overzealous about blocking network traffic. You really don't. Many real players would get blocked if CCP did what it would take to block all possible DDoS attack vectors.

Network security for this kind of application is a balancing act. Sometimes things fall over. That's part of the gig.

Major companies with a hundred times the resources CCP has get knocked over by these kinds of shenanigans. Sony got blasted a couple of years ago. Hell, in 2011 right after lulzsec hacked playstation network--covering with a DDoS --and stole millions of credit cards, CCP got hit by them as well.

So before you go off on your CCP sucks at everything bull****, remember that they have dealt with this in the past, and they knew enough to know when they were getting several types of attacks from different vectors at once and knew when to shut down and when to stick it out.

This is not an ideal situation for anyone. Duh. No one likes it when EvE is going down like a hooker.

But this is not incompetence, and it's not because CCP doesn't know what it's doing. In my experience, CCP is damn good at handling these situations. I've never had credit card info stolen from CCP.

Can't say the same about Sony or Target or Apple or Microsoft.






Posting in a White Knight thread.
Pok Nibin
Doomheim
#3 - 2014-08-22 07:34:25 UTC  |  Edited by: Pok Nibin
Hey. It's the price we pay for being so cool. Thousands of games don't get the attention of the dweebs who pull this stunt. We do 'cause we're in the top five. (Top ONE if you ask me.) Some things you just have to endure, like when herds of wild females would tear off the Beatles' clothes. It just comes with the territory.

It would help if those among us would NOT idolize and lionize the punks who think they're hackers,
when they're just common vandals. They're certainly not digital rebels and could never be heroes.
Foodpimp wrote:
Posting in a White Knight thread.
And, whose side did you say you're on?

The right to free speech doesn't automatically carry with it the right to be taken seriously.
Victor Andall
#4 - 2014-08-22 07:36:43 UTC
CCP bans Somer.
Servers get DDoS'd.

I'M JUST STATING SOME FACTS. JUST ASKING QUESTIONS. I THOUGHT THIS WAS AMERICA

I just undocked for the first time and someone challenged me to a duel. Wat do?

19.08.2014 - Dinsdale gets slammed by CCP Falcon. Never forget.
Foodpimp
The Scope
Gallente Federation
#5 - 2014-08-22 07:38:08 UTC
Victor Andall wrote:
CCP bans Somer.
Servers get DDoS'd.

I'M JUST STATING SOME FACTS. JUST ASKING QUESTIONS. I THOUGHT THIS WAS AMERICA


Did we annex iceland?

Why?
Pok Nibin
Doomheim
#6 - 2014-08-22 07:38:41 UTC
Victor Andall wrote:
CCP bans Somer.
Servers get DDoS'd.
I'M JUST STATING SOME FACTS. JUST ASKING QUESTIONS. I THOUGHT THIS WAS AMERICA
So, with no evidence you'd start a rumor to impune the honor of the good folks at Somer? I'm sure they appreciate your mention....geez.

This thread is going to turn into a magnet for the "smart" ones we have with us these days?

The right to free speech doesn't automatically carry with it the right to be taken seriously.
Victor Andall
#7 - 2014-08-22 07:39:04 UTC
To harness volcanic power once the oil runs out.

I just undocked for the first time and someone challenged me to a duel. Wat do?

19.08.2014 - Dinsdale gets slammed by CCP Falcon. Never forget.
CCP Falcon
#8 - 2014-08-22 07:39:14 UTC
Please use the appropriate thread to discuss the current server issues.

CCP Falcon || EVE Universe Community Manager || @CCP_Falcon

Happy Birthday To FAWLTY7! <3