The recent DDoS attack on FFXIV servers.

[Androir]

If there is no way to stop them. Why there are so many companys which say that they can stop them?

[Aerlana]

There is nothing you can do to prevent a DDoS attack. There are measures to take to prevent it from being catastrophic, which they have stated they are doing, but you cannot prevent nor stop a DDoS attack. Especially since these attacks aren't always directed at SE servers but the ISPs routing into those servers which SE can do nothing at all about.

In regards to WoW in 2010 a man consistently launched DDoS attacks against WoW servers from February until March. There were also the Lizard Squad attacks that have hit Blizzard multiple times for weeks on end. Hell just in 2016 from August to September Battle.net itself was constantly being struck with DDoS taking multiple games down at a time. This also does not include the DDoS issues that World of Warcraft by itself suffered from November to December of 2014. It really just takes a simple google search. Though it's not common for these issues to be so prolonged, because the people behind them usually get bored or get caught for long term ones, they do happen. The SB launch was a huge mess for a number of reasons, not just DDoS, and that can be held against SE. This no so much.

did those things avoided people to play with decent latency? for 2014 i was on FFXIV so cant say, but i dont remember in WOTLK (2010) thing that make me unable to play... except with a matter with some ISP (free/SFR) that was part of blizzard fault.
2016 , i did play all along, and again, no matter to play... not half of raid logging out each evening...

This is this i speak about... Is the game playable or should i have to forget most things i do everyday...
Else, thing like you point, there is also numerous on steam servers, LoL, and many others... i remember because i did saw the message about "sorry, we have a matter" but each time, i was able to play...

I really dont care if i was able to play because riot, valve, blizzard or anyelse did do a thing or another, it is not MY matter but THEIR matter. like SE matter is to have a service avaible for his customers.

And there was recently a big ddos focusing overwatch, but touching all game (because bnet is one block) and there cant say if overwatch stayed at least playable (probably wiht 100ms latency)...

And again, the first week we had matters (early october) i didnt mind, (angry yes... but not raging there, juste was patient) because a ddos cant be avoided... but then, you can fight against it, enough to make the game... playable...



Also i dont think we need a month free compensation (for now... ...) because it is "many" for what we have (for now) and i know compensation are not a thing they legally have to give us.
BUT fun fact : a company does not only have to do thing because it is "legally forced" ... but maybe i am the only one hoping some morality from SE... But why people are saying they are far better than EA so? dont understand...

[Raven2014]

If there is no way to stop them. Why there are so many companys which say that they can stop them?

One simply word: infrastructure. I can tell you there is one example of a company that will never suffer from DDOS attack: Amazon. They have a HUGE capacity. I think it's said that during holiday every 1 min they're down the company stands to lose 5mil or something crazy like that, so they always have more than enough to handle even Christmas traffic. They also have their own subsidize of cloud service, so they can rent out excess capacity to off set the cost. Amazon does get DDOS time to time, but it just shrug it all off. The last time there was a concert effort to ram up a sustained attack on Amazon for 48h ... and its server was just like "lol scrubs!"

And ... how big is Amazon again? Because that's the kind of companies that can be considered safe from DDOS attack. I don't know what you mean by "many", because there certainly isn't that many. Either they're mega coporation, or some kind of back-end service provider with large enough capacity to spare, no one else is safe. In the end DDOS is brute force, and there is only so much efficient routing and coding can do, in the end it's simply a matter of outmuscle the attackers.

[whiskeybravo]

If there is no way to stop them. Why there are so many companys which say that they can stop them?

Because companies have a tendency to over-promise and under-deliver

[Nestama]

A little something Yoshi-P said back on the 10th.

A DDoS (Distributed Denial of Service) attack overwhelms the target with an irregular amount of data, which causes servers and networks to become overloaded and cease to function properly. Because the irregular amounts of data are being sent from various sources all over the world, it is extremely difficult to trace or defend against an attacker.

For instance, imagine if an enormous number of people with fake tickets lined up for a concert. This would disrupt the workflow of the concert staff and prevent them from doing their actual tasks. Because a large number of people are coming from various locations at the same time, it would prove difficult to locate the person distributing the fake tickets or to prevent people with fake tickets from lining up beforehand.

[reiichi]

One simply word: infrastructure. I can tell you there is one example of a company that will never suffer from DDOS attack: Amazon. They have a HUGE capacity. I think it's said that during holiday every 1 min they're down the company stands to lose 5mil or something crazy like that, so they always have more than enough to handle even Christmas traffic. They also have their own subsidize of cloud service, so they can rent out excess capacity to off set the cost. Amazon does get DDOS time to time, but it just shrug it all off. The last time there was a concert effort to ram up a sustained attack on Amazon for 48h ... and its server was just like "lol scrubs!"

And ... how big is Amazon again? Because that's the kind of companies that can be considered safe from DDOS attack. I don't know what you mean by "many", because there certainly isn't that many. Either they're mega coporation, or some kind of back-end service provider with large enough capacity to spare, no one else is safe. In the end DDOS is brute force, and there is only so much efficient routing and coding can do, in the end it's simply a matter of outmuscle the attackers.

Amazon does get hit with DDoSes though. As does Google Compute. And most other hosting companies. Their mitigations are different though. Amazon has multiple datacenters with mirrored content for static files like images, video, scripts, etc. That's not often the case for a game server because the database overhead to duplicate content in different physical locations would have some pretty hefty overhead. Something like the Lodestone likely uses a CDN though.

[Ramesses]

A little something Yoshi-P said back on the 10th.

Very well said, and that was a great analogy.

[Maero]

A sub division in the eighth circle of hell reserved for script kitties and hackers where there is never any wifi.

Exactly this ^