Is there a Ddos attack right now?

[Shurrikhan]

Southern California, a mere couple hundred miles from the server. Intermittent lag spikes, experience at the same time as the 3 to 23 other people, causing loss of combos, skipped oGCDs, etc. Spikes upwards of 500 ping, from a norm of 25.

[Xeon]

I really didn't think about DDoS attacks on the ISP themselves, however, I still do believe it's ISP related. You can try to use a manual google dns number or something to try to ride on something besides your ISP's backbone.

[Hestzhyen]

https://na.finalfantasyxiv.com/lodes...a1b8fa37bd1bdc

There's a DDoS attack against NA ISPs and backbone connections that started last night and it's been going on until now, yes. I don't know about the EU servers though.

I was lagging a bit in O3S last night, but not as bad as the people who were pokeballing and getting 90k'd. I'm on Verizon and the people who were d/cing were using Comcast. Give it another day or so to settle while the ISPs work to mitigate the issue.

[ElonMuskForPrez]

https://na.finalfantasyxiv.com/lodes...a1b8fa37bd1bdc

There's a DDoS attack against NA ISPs and backbone connections that started last night and it's been going on until now, yes. I don't know about the EU servers though.

I was lagging a bit in O3S last night, but not as bad as the people who were pokeballing and getting 90k'd. I'm on Verizon and the people who were d/cing were using Comcast. Give it another day or so to settle while the ISPs work to mitigate the issue.

What SE wrote:
"...we have coordinated with the upper ISPs to reinforce defensive measures."

How is it possible big companies like FF and major ISPs comcast/ATT/NTT/etc become vulnerable to these kinds of attacks multiple times within months? They have money to hire the creamest of the crop multiple layer IT protection services but still succumb to ye olde ddos attack?

I guess it's possible if the ddoser are top notch hackers, but why would top notch hackers ddos ISPs hosting games like these, it's not even political and do not give them $$ right? (unlike ransomware I guess) so what's their purpose?

[Lucke]

What SE wrote:
"...we have coordinated with the upper ISPs to reinforce defensive measures."

How is it possible big companies like FF and major ISPs comcast/ATT/NTT/etc become vulnerable to these kinds of attacks multiple times within months? They have money to hire the creamest of the crop multiple layer IT protection services but still succumb to ye olde ddos attack?

I guess it's possible if the ddoser are top notch hackers, but why would top notch hackers ddos ISPs hosting games like these, it's not even political and do not give them $$ right? (unlike ransomware I guess) so what's their purpose?

My guess is they're a business. Businesses DO NOT like to do anything that affects the company's bottom line. They aren't going to take any measures because that costs them money to fix a temporary problem. That's my guess.

[reiichi]

What SE wrote:
"...we have coordinated with the upper ISPs to reinforce defensive measures."

How is it possible big companies like FF and major ISPs comcast/ATT/NTT/etc become vulnerable to these kinds of attacks multiple times within months? They have money to hire the creamest of the crop multiple layer IT protection services but still succumb to ye olde ddos attack?

I guess it's possible if the ddoser are top notch hackers, but why would top notch hackers ddos ISPs hosting games like these, it's not even political and do not give them $$ right? (unlike ransomware I guess) so what's their purpose?

Because a DDoS by design "looks" like normal traffic. And even if they put up an Access Control List to block one botnet of machines spamming bogus network connections to the servers, another one can replace it pretty quickly. Imagine a lot of people rushing into a store to buy something. It doesn't even matter if they want the same thing, but problems occur once the parking lot is full or all the cash registers have lines or there are so many people in the store you can't even push a cart without knocking into someone.

DDoS attacks generally aren't a "hack" or even a security breach. They're actually one of the easier things to do to bring down a network because you don't need to have any of the security details or vulnerabilities to do a DDoS. (Granted, if you do have those, you can do far more damage.)

[pkminer30]

+ you forgot to mention that for example i gave you a "torrent" for a file for argument sake. This file contains a botnet code in it meaning your pc becomes potentially 1 of these "slave" machines and then you would end up on the block list so they can't block like this. However what they can do is filter down their protocols by restricting packets for each ip and port also known a rate limiting. This is a way of reducing the impact of a ddos however it doesn't stop it if say you have 33 million people hooked up. Now in order to do this they need a highly sophisticated setup. Its not always a vulnerability at fault either.

I personally run a small hosting company and ive found that over my 5 years experience you get people running "booters" etc that sell out their services and target specific ips and port which a specific attack type to flood it out and reject other connections. Now these methods are INEXPENSIVE to operate and are fairly easy to acquire norm less than $10/month however the defensive option is more like $10,000 for a third party mitigation service. Or you can look at doing your own hardware solution via a cisco or juniper box but the problem with this on say for example ffxiv you would need a physical box for every server up this comes at a cost. Especially when your handling loads on patch or expansion release day of peak player numbers which stress the servers alone let alone a secondary system thats gotta analyse all that traffic.

The attacks they are doing atm if i understand correctly are targeting ISPs which means that for the most part Square Enix might not be the "Direct" target but on the same Node or Access Point/Exchange as the target meaning that this part just goes down even for a brief time. However the mitigation is working to an extent or else it would ALL be down rather than lag. For the most part i presume the lag experienced is this mitigation system scanning, filtering and analysing your packets in the long list to ban the ones that are problematic sometimes causing a "time out".

[MarsAttacks]

The lag has started again. Half of my alliance dropped, the other 1/4 red dotted and came back. I saw a lag burst but was okay on my end.

We had to cancel raid on Tuesday because of rubber band lag and 2 people (Diff timezone and ISP) kept dropping.. and we are all hoping very much the server cooperates with us tonight. 3 of us seemed to be OK while the other 5 stopped seeing their abilities go off. We gave it 4 attempts each foiled by lag, another hour wasted.

I have a difficult time believing this is ISP or DDOS related when most of the time I am personally staying connected fine. I play on a laptop connected wirelessly to my router and get excellent pings in raids. My wife is wired in on PS4 and is about had it with this game..

.. we just don't understand what's taking so long to fix this? If this was free to play that's one thing, but it really has gotten bad enough NOW that it needs some serious attention. 60% of the people I encounter have issues, 40% do not.

I do not see the lag as much as others but it is starting to affect my game play, like I said half of my alliance just disconnected. I have joined a few in progresses now where it has been destroyed by server dropping all but two players.

Again, I thought servers were upgraded to support Stormblood, but others are telling me no.. they were just moved. Well whatever the case, I feel like the game ran better at expansion launch, aside from lining up at NPCs for a couple days .. at least we could raid and the instance was smooth.

SE please put more resources toward this and update the community on any progress.
Cherry on top.

[hynaku]

Lag is so bad now when use skills they don't activate. Unless they fix these ddos attacks game is unplayable. Yesterday had no problems today can't even run a dungeon without dyeing from severe lag.

[Kiupolo]

Is there anything we can do, or do we just have to try and wait it out?