2) DDoS is rarely about using up bandwidth. It’s not feasible, really. I’m not sure how the mods would like me discussing specific techniques here, even though it’s all academic and easily viewable on Wikipedia. However, common techniques usually revolve around filling up the RAM on devices like routers with what amounts to nonsense data because no one actually cares to have their requests handled. “Packet loss,” a term fairly commonly known, occurs when the router is so overburdened that it is physically incapable of storing your packet in a queue to handle when it gets time. It drops it instead because there’s nothing it can do to get to you no matter how much time you give it.

The defense to these attacks is partially more/more powerful hardware, but primarily programming the networking devices with some smarts to recognize garbage data and throw it out.

Incidentally, and I should really write a post about this sometime, because it’s BS that SE said “we’re splitting servers sorry not sorry” and then dropped the mic, leaving the players to defend the indefensible: the very same hardware that handles load balancing properly (read as: by network design, not by praying players will spread out the way you want them to) handles DDoS protection!

The go-to device is a Big-IP F5 LTM and it can eat several million requests per day (more than every player Aether has in total logging in every single hour) for breakfast. It’s also highly programmable to thwart practically any type of DoS attack without typically requiring a patch from the manufacturer. It’s not easy to quote a cost since the things are highly modular and it depends on exactly how a given network is set up, but you’re in the ballpark of $200-$400k for the level of traffic Aether sees, plus training your network engineers to administer the thing. How many whale sales is that?