Lag is back. DDoS

Discussion in 'Player Support' started by Zeklia, Jun 13, 2016.

Thread Status:
Not open for further replies.
  1. Crabbus New Member

    The servers are up, hence the attack, you just can't access them
  2. Mazeron New Member

    That utilized DDoS mitigation tactics, against a few of the styles of DDoS attacks. It is not a guarantee, nor foolproof. (just mentioning before all the "see it is that easy!" folks show up. No, it aint that easy)
    Mysteweave likes this.
  3. Eriadoc Elder

    When a homeowner gets their house broken into, it's not their fault. When they get their house broken into for the 17th time and they still haven't gotten an alarm system, it's kind of their fault.
    Adaarye, GiantGnome and Paytonotplay like this.
  4. Mazeron New Member

    So what is it you want them to do exactly?
  5. Crabbus New Member

    how long was server down last night?
  6. Laronk Augur

    I like how people try to make it sound so easy. When you start to get into bigger attacks like 30gbps + it actually effects the upstream provider, the ISP or even the ISP's backhaul provider.
    Smokezz likes this.
  7. EnchFWO Augur

    2ish+ hours if by "down" you mean unplayable during primetime. Then it stabilized for a bit. Then not.
  8. Thorak1234 Lorekeeper

    They probably can't afford the cost of the software.
  9. GiantGnome New Member

    Just give this kid what he wants. I mean when lizard squad wanted Smedley gone they made it happen and then what? That's right our servers went back to normal.
  10. Pieson Icestrike New Member

    So many armchair software engineers on this thread with all the answers. EQ is fortunate to have all of you experienced with DDoS throwing in their qualified 2 cents to resolve this issue.

    Sarcasm aside, mitigating a DDoS attack isn't easy, and often times isn't due to a fault in the software (AKA the EQ servers).

    Think of it this way, if someone decided to hit your home internet connection with a DDoS attack, what are your options? There's not much you can to do stop it since your cable / dsl modem is the weak link. You don't own the firmware on it, and even if you did the hardware can't handle the sheer volume of traffic being sent to it. It's the proverbial trying to drink from a fire hose. In the rare case that your connection to the internet can handle the volume of traffic it would be possible to install some hardware between your modem and the rest of your house to mitigate the attack and filter out the garbage traffic, but I most of us would not be in this situation.

    This leaves you the only choice of heading upstream and working with your ISP. Have you ever tried to get <insert your notoriously unreliable ISP here> to fix a problem with your internet? It won't be easy or quick to fix things. There's a reason we still hear about DDoS attacks, because they work.

    Meanwhile, everyone who depends on the internet connection (AKA your parents, since we all live in their basement still) is going to be yelling at you until things are fixed. And it's going to be all your fault that you can't just make the internet work.

    I have no doubt that Daybreak is doing whatever they can to clear up the connection we have to their servers. I'm as upset as the next guy that I can't log in and grind out some more AAs, but let's all just pretend we're adults for a minute and realize that and moaning won't get things fixed quicker. If you'll feel that much better go ahead and add your "OMG my grouping experience was ruined last night!!!11!" comment to the thread, just like the guy before you and the guy after you, and then shut up and wait like the rest of us are. Nothing you say or do will result in the DDoS attack being resolved and quicker.

    I'm sure that Daybreak will find a way to compensate everyone for the lost time once this is resolved (bonus exp week? Some sort of /claim?). I too wish I hadn't lost out on *nearly* $1 worth of my monthly all access fee, but let's give Daybreak time to fix the problem first and then they'll address the cost to us paying customers and make things right.
  11. Albumin New Member

    Someone needs to counter-threaten a DDoS attack if they DO remove the shotgun from H1Z1 Skirmish.... :D
  12. Kieel Pureblade Journeyman

    Let's all go play skirmish with shotguns. One of us is bound to wreck the kid responsible.
    Adaarye likes this.
  13. Corwyhn Lionheart Augur

    I suspect a lot of companies have policies to not acknowledge DDOS attacks. This is a two year old article but it clamis 40% of companies were hit with DDOS attacks and I suspect that number has only gone up since then

    And the fact we don't hear about many attacks probably means most companies have a policy of not confirming or announcing them. Probably because this just plays into the hands of the attackers.

    That being said all the companies are left with doing is giving vague messages about netowork issues. So hard to blame Daybreak about not providing more details in THIS issue. Sure there are lots of other Everquest related things we could get more info on but they do seem to be getting a bit better with more detailed explanations on some things like major game system changes. Not always but sometimes.

    People ask for compensation for the network issues. This is a hard one too because if a company makes it a policy to compensate people in some way that could encourage even more DDOS attacks. So damned if you do and damned if you don't.

    Just my opinion.
  14. Rarthin New Member

    So very well said. Hard to believe how many people don't understand what DDoS attacks are and why they are difficult to get under control.
  15. Trafthek Journeyman

    It would only seem fair to make the shotgun from H1Z1 which apparently caused all this ruckus available in Everquest for a weekend. I promise to only use it on undead!
    Adaarye, Albumin and Pelrond like this.
  16. DerangedRanger Elder

    Are the attacks still on going? Really hoping to play here in a couple of hours.
  17. Weverley Augur

    game is good atm but that doesn't mean that the kiddie won't be back later
  18. Aghinem Augur


    Going to explain a couple of things to many of those who want to blame Daybreak for lack of security measures or lack of DDoS mitigation software, and I will explain it in a way that will make sense and not be overly complicated. I think if some folks had a deeper understanding of what is happening, I would think they would be more considerate of the situation.

    1. If you are not entirely educated in the nature of DDoS and how its performed, then you won't understand that DDoS attacks are tremendously difficult to defend against and responding to the attacks appropriately is a terrible challenge. A lot of perimeter security technologies such as firewalls and intrusion detection systems provide decent network protection, but is not enough to provide comprehensive DDoS protection.

    2. Understanding how a DDoS works is important for customers of any online-based company. DDoS attacks typically directs thousands of compromised zombie hosts against a single target. Unfortunately, these zombie hosts are unknowingly recruited from the tens of millions of unprotected computers accessing the Internet through high-bandwidth connections, which are connections that are generally uninterrupted. Hackers plant what I call "sleeper cell" codes in these unprotected machines to build a legion of zombie hosts, all waiting for that special command for the DDoS attack to commence. What does this mean? This means that there is a high likelihood that anyone on EQ can be part of the DDoS and not even know it! So I suggest people run malware & anti-virus scans to find anything that may be unwanted on your machine.

    3. There are 12 types of DDoS attacks used by attackers, but the common type of attack is the bandwidth attack. Bandwidth attacks consume your network resources such as the network bandwidth itself, even the equipment by overwhelming one or the other (even both) with a massive volume of internet delivering data-packets through what is called "packet flooding". When a packet flood attack occurs, a massive number of what looks to be legitimate TCP, ICMP (Internet Control Message Protocol), or UDP (User Datagram Protocol) are directed to a specific targeted location. What makes the detection increasingly difficult is the attacks also tend to misrepresent the IP address that supposedly generated the request to prevent being identified.

    In closing, what makes the attacks so complicated to prevent is that illegitimate data-packets are indistinguishable from legitimate data-packets which makes the detection difficult if not almost impossible. Moreover, the signature pattern matching performed by the intrusion detection systems do not work effectively simply because these attacks make use of spoofed / fake / misrepresented source IP addresses, successfully evading source identification by network monitoring tools looking for unusually high volumes of traffic coming from specific origins.

    I hope this sheds some light for those brandishing pitchforks and torches!
  19. Grasamo Journeyman

    So... I guess we have about 45 minutes to an hour and 45 minutes before the butthole pissed off about a shotgun in H1Z1 skirmishes ruins our fun again for a couple of hours. DBG has yet to impress me. EQ was my first mmorpg "love". It sickens me that it's in the hands of DBG.
  20. Grasamo Journeyman

    So you're saying some butthole who is pissed because he died in PvP can continue to ruin thousands of players' fun and there is nothing DBG can do about it. He can effectively shut down access to the servers any time he wants.

    Thanks for the pep talk. I feel a lot better now.

    For all you would be server moderators (i.e. Players acting holier than thou) criticizing people who want to play but can't because of these DDoS attacks, just stop. No one wants to hear your white knight defense. We want to play. You're only irritating people who need to vent because they can't play. Saying DDoS attacks are hard to defend against does nothing at all to make people feel better.
Thread Status:
Not open for further replies.

Share This Page