This is not a DDOS, Tell the truth SE.

[hydralus]

Funny thing WoW got hit with DDoS attacks constantly a few months ago and the forums were exactly like this.

[shaiel]

Has it been fixed? TBH we’ve been having the ddos problems for a long time. I remember disconnecting during prog & reclears on the first and second raid tier too.

[PaulH]

Funny thing WoW got hit with DDoS attacks constantly a few months ago and the forums were exactly like this.

DDoS has been going for a while and has been more of an issue since DT launched it does seemed to have been endured for a longtime by the community with not much of a response via an update. Though I may have missed it tbf.

[Vrankyl]

Funny thing WoW got hit with DDoS attacks constantly a few months ago and the forums were exactly like this.

Those were a bit more targeted. They only hit the Hardcore Classic servers and it was done intentionally to mess with a specific guild on those servers. The perpetrators did succeed in making the guild break up, at least initially but then Blizzard came in after they added additional protections by allowing hardcore characters that died to be brought back. Which is why people were so upset there. It was a short time, but it cause characters to essentially be permanently lost. Meanwhile, there was a day of DDoS on the WoW servers recently, they restarted the servers and all was good again. The last time there was anything of this length aimed at WoW was the LizardSquad.

[whiskeybravo]

I wouldn't be surprised if it's really not ddos at all, but rather that % of the playerbase that's botting their f'n minds out 24/7. Endless stacks of 99 on the market board. RPer's standing around for hours like mannequins showing off their "not glamours". The game has never had such stability issues over this a long period of time. Yoshi-P's comment about it potentially being caused by over use or retainer access could've been a subtle hint at this. And if this was the case it's not like the modders running rampant would ever get close to assuming culpability. In all reality players using such mod systems could be "ddos"-ing themselves without even realizing it. Does anybody really know, or even care about what's going on under the hood? Probably not.

Of course, I have no evidence to prove such a claim, it's just my bias-confirming speculation.

[RedLolly]

A fix for that could be to just stop allowing us to multibox on one account. Might ruin the fun for players like Weeb Police and some bard bands, but it's an experiment worth pursuing.

[Fawkes]

SE's servers haven't been going down. Apparently if you use a VPN you can stay connected while everyone else DCs, the server is up the whole time. I've always been able to log right back in, if the server was being DDoSed it would go down and be unavailable for more than a minute. It's some node or something outside of SE's control between you and the server, and even that's not going 'down' it just has the hiccups.

Probably a bunch of AI datacenters sending traffic though that same node, and it can't quite handle the increased load.

[whiskeybravo]

Probably a bunch of AI datacenters sending traffic though that same node, and it can't quite handle the increased load.

That's certainly not an outlandish conclusion

[Jeeqbit]

Probably a bunch of AI datacenters sending traffic though that same node, and it can't quite handle the increased load.

Thing is, I contacted NTT and they didn't mention anything about issues at those nodes, and you would think that they would if asked about them and shown a full network trace to the server. They kept their focus to my query about DDoS and that they have DDoS mitigation services that can be purchased and seemed confident they were actually good. Upon investigation, I saw they had several tiers of DDoS mitigation services, depending on how deep you need to customize the countermeasures.

I've been thinking about it though. If someone sends you TCP ping packets, what can you do? If you rate-limit them to stop the DDoS, you potentially block out players' ping packets.

A lot of games use UDP, which involves having their own customized packet structure including for ping, so they would be more easily able to filter out packets that don't resemble the games' or that don't match the IP/connection ID combo.

So my guess is using TCP just makes it all the more harder to distinguish DDoS traffic from game traffic, making countermeasures a lot harder.

All of which means changes to the server itself could improve the ability for countermeasures to actually be effective. But it would really surprise me if SE ever put in effort like that.

[KihyiFelhede]

We've literally tracked the issue in real-time, the NTT node is getting attacked, not SE servers. People routed through other connections not getting kicked is consistent with a DDoS.