DDOS attack

**Themarvin** · 05-13-2024 06:58 PM

Originally Posted by Yeol

Expecting an apology on Thursday live letter. Also, free game time when?

There is NOTHIGN SE CAN DO ABOUT IT.... its very difficult to ward against DDoS, no company who needs net based services to be online including Apple, Microsoft and any government can fully ward against this, if anyone needs to apoligize it would be you for making that statement.

It is very hard to do anything about it when there is more layers onto as well, other than possible making more password protected doors to be able to access the servers which means a nuisance for player when you have to have 5 different passwords to jump from one login server to another which also would make it even easier for the DDoS losers to do something... like totally blocking off the first gate.

**AriannaStormwake** · 05-13-2024 04:30 PM

agreed also keep getting error 90002
getting annoying back in queue with 61 others

**Rueby** · 05-13-2024 04:54 PM

Originally Posted by UkcsAlias

For ddos attacks the prices differ massively, and prices arent linear. The heavier the attack, the faster the price goes up. And especialy when they become very heavy, its exponential. The price betweeen the strongest attack and one at half of that is a diffirence of like 500x here. Maintaining large botnets is very expensive.

This is why IPS systems are problematic for ddos attacks long term. Initialy the ddos is cheaper than the defense, but once they scale up, pricing here is quite linear. As long as you can buy a server, you already require a ddos to be significantly stronger to compensate.

Also, if its detected which sources are known to be part, they can be blocked well ahead of the target. It only needs to pass through 1 of the datacenters that are part of a global system to avoid big ddos attacks, and suddenly your attack becomes crippled. And yes, large datacenters do these things because they otherwise would also risk hardware damage when a target is near one of their DCs.

This is really interesting! I only heard that it becomes/is expensive but I never imagined something like 500x! Using common sense, it does in a way make sense that maintaining a large amount of compromised devices can also be costly, to my not-tech-savvy brain, I'm guessing it's all about staying one step ahead is that it?

I guess if I had to break it down to my example, a small restaurant (not too many staff/resources) and a large restauranted (well staffed, plenty of resources)...The large one can probably handle the customer rush, but I imagine if this example could be parallel server upgrades, let's say your restaurant/game is functioning quite well as medium and you only expect a 'rush' during expansion releases. I can see why the decision to 'just buy more servers' just to counter DDoS may not be feasible for a business to make? I'm going into this with the assumption that 'just buying new servers' could be considered a waste I guess.

Is that true on the technical side? I'm kinda looking into it from a general business-y standpoint I guess.

I'd like to think if SE would have made some gametime compensations? (I'm personally indifferent, but I think it'd be a nice gesture), paused auto demo (for the time being maybe?), maybe extended the length of certain events, I'd like to think people would be happy? I think some good will might be gained from decisions like this. I don't blame SE for being attacked, it's a good thing that people WANT to play the game and with the expansion approaching I'd think people may be resubbing to catch up and/or prepare for DT.

Also ShB and EW just got a 60% off discount.... Lodestone Sauce for the PC/Mac version.

**Taliriah** · 05-13-2024 05:13 PM

Originally Posted by Rueby

This is really interesting! I only heard that it becomes/is expensive but I never imagined something like 500x! Using common sense, it does in a way make sense that maintaining a large amount of compromised devices can also be costly, to my not-tech-savvy brain, I'm guessing it's all about staying one step ahead is that it?

I guess if I had to break it down to my example, a small restaurant (not too many staff/resources) and a large restauranted (well staffed, plenty of resources)...The large one can probably handle the customer rush, but I imagine if this example could be parallel server upgrades, let's say your restaurant/game is functioning quite well as medium and you only expect a 'rush' during expansion releases. I can see why the decision to 'just buy more servers' just to counter DDoS may not be feasible for a business to make? I'm going into this with the assumption that 'just buying new servers' could be considered a waste I guess.

Is that true on the technical side? I'm kinda looking into it from a general business-y standpoint I guess.

That's a flawed analogy for a ddos: the attackers aren't customers, they are just in the way. A better analogy would be: a bunch of people show up in your restaurant but are just standing around, not ordering anything. More staff wouldn't help, because the problem is all those non-customers hindering the staff. And you can't just kick them out, because you first have to talk with them to know if they're an actual customer or just here to be annoying.

**Rueby** · 05-13-2024 07:14 PM

Originally Posted by Taliriah

That's a flawed analogy for a ddos: the attackers aren't customers, they are just in the way. A better analogy would be: a bunch of people show up in your restaurant but are just standing around, not ordering anything. More staff wouldn't help, because the problem is all those non-customers hindering the staff. And you can't just kick them out, because you first have to talk with them to know if they're an actual customer or just here to be annoying.

Hmm I actually thought of them just standing around doing nothing but it felt like it didn't fit? I guess to me the making orders bit helped translate the overloaded servers and how the service is getting affected. But I think you're right in a way! If I imagine a restaurant that can serve let's say 40 people and has a capacity to fit 60 people. Then you suddenly had an influx of 300 people, standing around and disrupting the staff from serving the restaurant's actual customers. Hmm I think maybe that's a better analogy? Maybe?

Hmm I guess I equated the server resources to staff which made more sense to me? But now that I think of it I think your correction makes more sense. To me I'm guessing a combination of 'make the restaurant bigger, hire more chefs/staff' would make them slightly less affected but I think the best way is to stop these 'I'm gonna enter and chill' at the door. I guess this boils down to my limited understanding! Thank you so much for clarifying. It's a really interesting thing, but I'm not tech savvy at all so I need to kinda break things down for my unwrinkly brain.

**RulerKelso** · 05-13-2024 05:08 PM

Looks like it continues today, was afk for a few mins and returned to disconnect error.
I guess any serious content requiring stable connection is out of order today too
Which is bad, because 90 percent of end game content requires dodging things and quick reactions

**RulerKelso** · 05-13-2024 05:17 PM

10:16 CET chaos - omega, disconnect again, after a big lagspike (Error 90001)
Internet connection is stable

**Shikiseki** · 05-13-2024 08:56 PM

This got me thinking though that they might need a better and faster log in process in the future. While the attacks are somewhat annoying by getting booted in the game is ok now, imagine what's gonna happen when you not only have like 400 players in front of you but 4000 or even higher like EW release.

They better think of something quickly before dawntrail cause hell will break loose if this happens again during expansion release creating another negative bad press that potentially could have been avoided

**Taliriah** · 05-13-2024 09:05 PM

Originally Posted by Rueby

Hmm I actually thought of them just standing around doing nothing but it felt like it didn't fit? I guess to me the making orders bit helped translate the overloaded servers and how the service is getting affected. But I think you're right in a way! If I imagine a restaurant that can serve let's say 40 people and has a capacity to fit 60 people. Then you suddenly had an influx of 300 people, standing around and disrupting the staff from serving the restaurant's actual customers. Hmm I think maybe that's a better analogy? Maybe?

Hmm I guess I equated the server resources to staff which made more sense to me? But now that I think of it I think your correction makes more sense. To me I'm guessing a combination of 'make the restaurant bigger, hire more chefs/staff' would make them slightly less affected but I think the best way is to stop these 'I'm gonna enter and chill' at the door. I guess this boils down to my limited understanding! Thank you so much for clarifying. It's a really interesting thing, but I'm not tech savvy at all so I need to kinda break things down for my unwrinkly brain.

Yes, that's kinda the idea. From a purely technical standpoint, you can consider an internet connection as a pipe, and you have data packets coming one after another. You need to read a packet before you can get to the next one. And after reading a packet, you need to see what's in it before you can know if it's a packet from an actual player or some bogus crap sent by a ddoser.

There are ways to mitigate it by detecting and rejecting bogus packets earlier, things like that. But you can never completely fully prevent it. The very properties of the internet that made it so successful (in short: reliability is ensured at the end points and intermediary nodes need only to make a best effort of carrying packets around) means that anyone can send data to anyone else, and it's up to the recipient to sort it out.

Perhaps the best analogy, in the end, would be someone ordering a bunch of pizzas to be delivered at your address.

**Rueby** · 05-13-2024 09:17 PM

Originally Posted by Taliriah

Yes, that's kinda the idea. From a purely technical standpoint, you can consider an internet connection as a pipe, and you have data packets coming one after another. You need to read a packet before you can get to the next one. And after reading a packet, you need to see what's in it before you can know if it's a packet from an actual player or some bogus crap sent by a ddoser.

There are ways to mitigate it by detecting and rejecting bogus packets earlier, things like that. But you can never completely fully prevent it. The very properties of the internet that made it so successful (in short: reliability is ensured at the end points and intermediary nodes need only to make a best effort of carrying packets around) means that anyone can send data to anyone else, and it's up to the recipient to sort it out.

Perhaps the best analogy, in the end, would be someone ordering a bunch of pizzas to be delivered at your address.

Ooooo, this makes alot more sense, the pipe thing that is...

Thank you so much for taking the time to respond to me! I think the analogy of someone ordering a bunch of pizzas to be delivered to your address is much easier and maybe I made it abit hard on myself that I tried to break it down in a maybe round about way. I feel like trying to learn more about the issue can help temper expectations abit, so I really appreciate this.

Thread: DDOS attack

Thread Tools

Search Thread

Display

Hybrid View

Tags for this Thread