Author Topic: Yet Another DDoS  (Read 2958 times)

September 28, 2013, 09:41:33 PM

Offline Kyn

  • Hero Member
  • *****
  • Posts: 534
  • Karma: +232/-35
UPDATE: 11:45pm -7:00 GMT (Mountain Time)

We have been hit again from a new address. I am currently working to resolve the network issue. continued connection loss should last no more than 5 minutes. I appreciate everyone's patience in this matter.


I've attached a sampling graph below to show the loss of connectivity. Lasts roughly 15-30 seconds before we are able to blacklist the needed IP's and maintain stability. (for those of you interested)
-------------------

Yet again we have received a massive DDoS attack on our shard. We assume that people conducting these attacks are former (possibly banned) players who are unhappy with the existence of our shard. I want to let you all know that these attacks are fruitless as we report ALL DDoS attacks to the proper authorities, not only are the IP's logged but a full null trace route is conducted to provide as much information to the authorities as possible.


We are taking new preventative measures to stop these attacks. You can all rest assured that attacks on our shard will not go unpunished and I am usually able to mitigate them within a matter of minutes allowing you to continue playing unhindered.

Below is some information posted by our ISP/Dedicated Server Host right after the DDoS attack happened:
Quote
DDoS against a customer in Chicago
Sep 28 2013 07:16:47 PM PT   A customer in Chicago was hit with an extremely large DDoS attack at approximately 9pm CDT tonight. This attack overwhelmed Internap's infrastructure in Chicago and caused heavy packet loss. The customer being hit has now been null-routed.

We ordered an upgrade in Chicago early this month to add another 10 Gbps circuit there, which should help with attacks like this one by spreading out the load among more Internap routers. We've been anxiously awaiting its installation and hope they complete it soon.


What is DDoS? (Distributed Denial of Service)

In computing, a denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a machine or network resource unavailable to its intended users. Although the means to carry out, motives for, and targets of a DoS attack may vary, it generally consists of efforts to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet.


Perpetrators of DoS attacks typically target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root nameservers. This technique has now seen extensive use in certain games, used by server owners, or disgruntled competitors on games. Increasingly, DoS attacks have also been used as a form of resistance. DoS they say is a tool for registering dissent. Richard Stallman has stated that DoS is a form of 'Internet Street Protests’.The term is generally used relating to computer networks, but is not limited to this field; for example, it is also used in reference to CPU resource management.
« Last Edit: September 29, 2013, 01:09:35 AM by Kyn »

September 29, 2013, 12:26:38 AM
Reply #1

Offline Keldon

  • Full Member
  • ***
  • Posts: 235
  • Karma: +26/-0
Good job and Thank you for limiting the effects of these attacks Kyn.


Stuff like this pisses me off.  People are so immature that when they break the rules and get caught they feel the need to lash out at those who took actions against them.  Maybe if the people who did these attacks learned that there are consequences for their actions they would not do this type of stuff.  Sadly cyber crime is fairly new and the law makers do not understand it well enough to enact legislation to prosecute these weak individuals who hide behind a screen thinking they can do anything because of the anonymous nature of the internet.


Would love to see some of these people tossed into general population of a hard core prison for a few weeks.
Just a ghost

September 29, 2013, 12:32:30 AM
Reply #2

Offline Kyn

  • Hero Member
  • *****
  • Posts: 534
  • Karma: +232/-35
Good job and Thank you for limiting the effects of these attacks Kyn.


Stuff like this pisses me off.  People are so immature that when they break the rules and get caught they feel the need to lash out at those who took actions against them.  Maybe if the people who did these attacks learned that there are consequences for their actions they would not do this type of stuff.  Sadly cyber crime is fairly new and the law makers do not understand it well enough to enact legislation to prosecute these weak individuals who hide behind a screen thinking they can do anything because of the anonymous nature of the internet.


Would love to see some of these people tossed into general population of a hard core prison for a few weeks.


We have seen people prosecuted for attacks like this in the past. It is a minor annoyance at best. I am working on a system that will recognize attacks like this and black list the IP the packets are streaming from. Obviously nothing is fool proof but right now I'm pretty happy with our level of security and stability.

September 29, 2013, 06:33:07 PM
Reply #3

Offline Domino

  • Global Moderator
  • Full Member
  • *****
  • Posts: 143
  • Karma: +13/-5
Fantastic job Staff! Few little ole disconnects are to be expected...when something is so fantastic as Evolution....haters are gonna hate. We can wait till they get bored, tired...or caught!

September 29, 2013, 10:09:43 PM
Reply #4

Offline Kyn

  • Hero Member
  • *****
  • Posts: 534
  • Karma: +232/-35
Fantastic job Staff! Few little ole disconnects are to be expected...when something is so fantastic as Evolution....haters are gonna hate. We can wait till they get bored, tired...or caught!


New switch has been installed to help protect our shard. We've white listed all our usual traffic. Packets over 5mb will be ignored. :) Shard is safe to play once again.