DoS Attack Forces EVE Online Offline

Resorting to the out-of-band messaging that is Facebook, CCP Games has announced that "At 02:05 GMT June 2nd, CCP became aware of a significant and sustained distributed denial-of-service attack (DDoS) against the Tranquility cluster (which houses EVE Online and DUST 514) and web servers."

Wow, finally a timely Slashdot story!

[GodfatherofSoul]

I was just wondering why I couldn't log in! I criticize you guys a lot, gotta give you props this time.

Re:Wow, finally a timely Slashdot story!

[MtHuurne]

Now we know what Slashdot editors do all day ;)

Re:Wow, finally a timely Slashdot story!

[conspirator23]

All it means is that a Bitcoin angle to this story will be revealed later.

Re:Wow, finally a timely Slashdot story!

[fuzzyfuzzyfungus]

All it means is that a Bitcoin angle to this story will be revealed later.

The raspberry Pi is working as fast as it can; but the angle isn't quite finished yet...

Re:Wow, finally a timely Slashdot story!

[ducomputergeek]

Really? I thought they used the immense power of the cluster that powers this site to mine bitcoins.

Re:Wow, finally a timely Slashdot story!

[Impy+the+Impiuos+Imp]

It was Eve Online, not My Little Pony Online.

Re:Wow, finally a timely Slashdot story!

[powerlord]

and what do they do with the Bitcoins? Trade them for PLEX obviously.

Re:Wow, finally a timely Slashdot story!

[Dahamma]

That would explain why the site itself loads so slowly...

Re:Wow, finally a timely Slashdot story!

[foniksonik]

Don't you mean the 3D printer...

Re:Wow, finally a timely Slashdot story!

Horsefucking is en vogue on Slashdot I see. EXCELLENT.

This isn't /mlp/.

EVE Offline

That is all.

Re:EVE Offline

[ThePeices]

EVE Offline. That is all.

Hey, I see what you did there! Ive spent the last 6 minutes rolling on the floor laughing my ass off, and only now have the breath left to sit down and write this, such is the sheer power of your mastery of wit.

You put comedians the world over to shame, your stand above us mere mortals, and we all bow to thee; God of Comedy.

Re:Eve Offline

[Bengie]

Their entire network is down.

Re:Eve Offline

3) get a life.

Re:Eve Offline

[fazig]

You expect me to run missions in a gallentean shuttle?
I'd rather watch grass grow, which is almost as entertaining as mining is in EVE Online.

I suggest: Go for a walk, take a shower, get some sleep. Do things that can't done sufficiently during the daily downtime of about 15 minutes. Or if it has to be EVE related map out the skills you are going to learn on your characters for the next few years in EVEmon or create a whole fleet setup for PvP in your EFT or Pyfa.

When the servers are back on CCP might reimburse you some skillpoints, who knows.

Re:EVE Offline

Aww, somebody didn't get his McRaise and his McManager put him on fries again tonight.

Seriously though, anyone in the slightest way observant can tell you are living in a hell on earth, and it gives us pleasure :)

Re:EVE Offline

But replying with a disparaging comment doesn't make it funny to begin with, since it never was.

Re:EVE Offline

What do you guys have to say about a third party spend time to write a comment to two douche bags having a troll off. Yes slashdot spell check accepts douche as correctly spelled but not slashdot nice! See that I double trolled in one comment.

Re:EVE Offline

That is all.

EvE Never.

Re:EVE Offline

Slashdot has a spell checker?!

Re:EVE Offline

[Ash-Fox]

Mocking it doesn't make it less funny. It just makes you look weak.

u mad?

Re:EVE Offline

[AmiMoJo]

I laughed off my ass once, it was a quite nasty fall.

Re:EVE Offline

[stackOVFL]

Yeah, well now we know why /. is so slow: all those spelling mistakes.

Re:Eve Offline

[TheNastyInThePasty]

3) Go to drive.google.com. Click Create. Choose Spreadsheet. Enjoy!

So that's how it is!

Stories are late all the time because editors play EVE and can't be arsed to edit or publish!

I wonder how worldwide productivity would jump if WoW went offline.

Internet Spaceships

[Airdorn]

They need to get this sorted ASAP. I have important Internet spaceship business to tend to and it really can't wait any longer.

Re:Internet Spaceships

The Russians are pissed How will they ever pay for those Moscow Penthouses now?

Re:Internet Spaceships

[Pino+Grigio]

Yea me too. My manufacturing jobs have finished cooking! (Although obviously with the cluster offline I've got nobody to sell them to).

Re:Internet Spaceships

[joelleo]

I was in the process of joining a new corporation :/ Approximately 50b in assets just sitting in space in null sec at the moment while I get all my chars moved over and able to dock. Awesome.

Re: Internet Spaceships

I'll keep you safe. Please post system and nearest celestial and I'd be happy to provide escort once the server is back online

The wives of EVE

Will rejoice

Re:The wives of EVE

[powerlord]

Will rejoice

All the countless Wives, Girlfriends, significant others, etc. ... wait ... I think I know who might be behind this. ...

Re:The wives of EVE

This wife of EvE is pissed that she can't login and shoot shit. The last time EvE went down like this lulzsec claimed credit.

Re:The wives of EVE

[Corbets]

Wives? Girlfriends? Obviously, you've never met anyone who plays EVE Online.

Re:The wives of EVE

[Vrekais]

Myself and almost everyone I play with has a girlfriend, or boyfriend so have you actually met any one who plays EVE?

Re:The wives of EVE

[Bengie]

Many even have kids in the background. I get "brb, gotta put the kids to sleep" and other stuff.

So...

[fuzzyfuzzyfungus]

What kind of intricate in-game machinations will this turn out to be connected to?

Re:So...

[GreenTom]

Nice thought! Have you read Surface Detail?

Re:So...

[Pino+Grigio]

Some people are speculating it's to do with TEST Alliance, as they're under a bit of pressure at the moment. It wouldn't surprise me if Eve played host to the kind of idiots who'd be able to do something like this. Certain aspects of the game are attractive to sociopaths. Then again I'm not a conspiracy theorist, so I'm thinking it's just a re-run of the last one, given that some of Lulzsec guys were jailed a few weeks ago for doing it some time ago.

Re:So...

Only the kind that like small rooms and armed guards. If the attack originated in the US, the Feds get involved, and they treat it as a precursor to a terror event until they have evidence to prove otherwise.

Re:So...

[OverlordQ]

> Some people are speculating it's to do with TEST Alliance

Aahahahahahah, is there nothing TEST isn't blamed for? In Planetscape 2, TEST has been accused of working with SOE to arrange for the servers to crash to help them out.

Why

Why would anyone launch a DoS attack on EVE online servers?!"
Nerds should not attack other nerds. :P

Re:Why

[Sperbels]

To extort money from them?

Re:Why

[osu-neko]

Nerds should not attack other nerds. :P

Um... you haven't actually played EVE Online, have you? xD

Re:Why

[meerling]

I'm surprised it hasn't happened earlier.
Or perhaps that it wasn't noticed earlier.

Re:Why

It has.

Re:Why

[Bobfrankly1]

I'm surprised it hasn't happened earlier. Or perhaps that it wasn't noticed earlier.

Apparently you've never been mining in high sec...

Re:How can you DDoS an MMO?

[fuzzyfuzzyfungus]

Why do the gaming servers respond to requests from non-players?

I assume that there is, at very least, some sort of authentication service that has to evaluate a request to determine whether or not it comes from a player...

Eve Offline

For those hopelessly addicted, there are two solutions:

1) practice on the singularity server (aka test server)
2) play the flash version.

Re:How can you DDoS an MMO?

[ThePeices]

Why do the gaming servers respond to requests from non-players?

Ahhh, this question is unanswerable as it is one of the few true mysteries of the universe, like magnets ( wtf, how do they work!), velcro, and the location of the proverbial "other sock".

Why do gaming servers respond to requests from non-players? Well dude, the answer might as well be 42, nobody knows.

Re:How can you DDoS an MMO?

*sigh*

You need to log in to the game at some point.

CCP recently changed the login method

[evanh]

Presumably they left a gaping whole in it.

It's standard practice to test critical code, make that all new code, in live deployments ... only after a failure do they appear to look at the test server bug reports.

Re:CCP recently changed the login method

Standard-issue post from an internet computer "expert". Desperately find a tangential change (new login method), then get a biiiiiiiiig running start so you can not only jump but make a wicked sick flying leap to a conclusion, the quality of which would make bringing up the old "correlation is not causation" meme a waste of time and energy (yup, must've been a whole[sic] in that thar login method! It's a witch! Burn it!). Then, assert this conclusion is a fact (*ahem* presume it's a fact, apparently that's the in-vogue weasel word for it now) and start assigning blame for it. Build off your previous delusion by making new ones and all that.

Have you considered working for a 24-hour news channel? You'd fit in perfectly.

Re:CCP recently changed the login method

If presume is a weasel word... do you hate when people use words like preclude? :P

Not, mind you, that i'm disagreeing with your sentiment.

Re:How can you DDoS an MMO?

[fuzzyfuzzyfungus]

*sigh*

You need to log in to the game at some point.

But only once, unless you are the sort of coward who logs out!

Re:In other news: EVE Offline

[rrhal]

Are we sure it was DDoS and wasn't the Goons all trying to log on en masse.

Correction

[girlintraining]

It's not Facebook that they're updating from; It's Twitter. Their Facebook account is linked to Twitter.

Anyway, this isn't the first time the servers have been DDoS'd; This happens about every 4 months or so on average. And unfortunately, they've handled it about as well each time as you're seeing now: They tend not to announce the DDoS until hours after the news is all over the forums that people are experiencing mass disconnects and instability. And once the problem has been identified (late), their response is usually to kill all the servers, remove the BGP routing table entry for their network, and wait it out.

They don't have the capability of weathering DDoS attacks; Though they claim otherwise, history tells another story. It has to do with the fact that their game depends on a cluster architecture that is not adaptable to something like Amazon cloud, or any kind of scalability. I don't really want to get into details here because it gets really technical, but basically it comes down to data syncronization within the cluster requiring very low latency between nodes. And that means you can't locate the nodes off-site, and proxying is only of limited utility.

They tried proxying the front-end for accepting connections and authenticating users, because that's what has been targetted in the past and is one of the few components that can be moved. The current DDoS attack though is generating large numbers of connections that look the same as legitimate connections, so the proxies are allowing them. Rather than just throwing as much bandwidth as they can at the network as in the past, they're now crafting their traffic.

I suspect the reason the attack is being launched now is because in a few days they're releasing a new patch of the game which will change the network protocols used by the client... their hack might not work then, so they probably decided to launch it now before it becomes useless. They are hitting people on the weekend because it's when the most users are on... so it's most likely to be noticed.

Re:Correction

[Dachannien]

I don't really want to get into details here because it gets really technical,

This is Slashdot. What else is Slashdot good for, if not "really technical"?

Re:Correction

[xtracto]

I don't really want to get into details here because it gets really technical,

This is Slashdot. What else is Slashdot good for, if not "really technical"?

You are 10 years late to that slashdot who liked to discuss technical stories such as deCSS, Sony Rootkit and Fyodor's nmap.

Re:Correction

Random opinions rated insightful.

Re:Correction

I don't really want to get into details here because it gets really technical,

This is Slashdot. What else is Slashdot good for, if not "really technical"?

You are 10 years late to that slashdot who liked to discuss technical stories such as deCSS, Sony Rootkit and Fyodor's nmap.

But don't worry! You're just in time for the old fogies of Slashdot who like to discuss the "good ol' days" of deCSS, nmap, and the Sony Rootkit (wait, we discussed technical details of that? Wasn't it all just "grrr grrr rage rage hate Sony here's a Sharpie"?)!

Re:Correction

[Anachragnome]

"They don't have the capability of weathering DDoS attacks;..."

I play a private WoW server called Molten-WoW. This weekend they held a couple of PvP tournaments--they've been under constant DDoS attack since Friday night, right up to.......now. It is still occurring. Interestingly, their DDoS protection software keeps the servers up--the problem is that one in five people cannot connect as a result of false-positives on the part of the software. It is also common for attacks to happen for no obvious reason--the operators of these private servers wage war against each other trying to force players to leave, hopefully to their own server. There has also been evidence of extortion attempts directed against the operators of these private servers as they have little legal recourse. Most rely on renting servers from companies that will provide the DDoS protection. They can weather DDoS attacks, just not very well. It effects their customers the most and that is probably the goal.

My point is that these attacks are common. They just haven't been targeting large corporations, until now.

There has been considerable debate regarding Blizzard being behind the attacks against the private WoW servers. Who knows, it could be. It could also be any competitor. It could be the Chinese (think about how many Chinese MMOs there are out there now). It could be some kid with LOIC and a bunch of friends.

Welcome to the Wild West.

Re:Correction

The current DDoS attack though is generating large numbers of connections that look the same as legitimate connections, so the proxies are allowing them. Rather than just throwing as much bandwidth as they can at the network as in the past, they're now crafting their traffic.

I'm curious how you have such specific information about what is going on, or are you just guessing?

Also, if the proxies job is to authenticate the user before allowing the traffic to actually reach the game server, how would the zoodles of computers involved in the attack appear to be actual proper users without having the client running and login information?

Lastly, would a dongle solve the issue?

Re:Correction

[xtracto]

uuuh no, the story was an actual technical story with technical details (from Mark Russinovich) ( http://it.slashdot.org/story/05/10/31/2016223/sony-drm-installs-a-rootkit ), and there is actually insightful and interesting technical and political discussion in the thread.

Re:Correction

Let's not throw the towel in yet, shall we?

Watch for the technical stories and you will see technical comments. Of course the politics / military porn / Your Rights Online stuff will always get faff, not much you can do about that.

Re:Correction

[aaronb1138]

My bets would be most of the DDoS in the independent WoW server community is sponsored by Blizzard or Blizzard employees in an attempt to stop piracy (under corporate software developer's default assumption that anything they don't control is piracy).

Sure, most of the attacks come from Russia and southeast Asia, but the money that pays them comes from someone else. The accusation that other server runners are part of the DDoSing is just good propaganda to keep people looking in the wrong direction.

Face it, DDoS requires Smurfs, and most of the Smurfs in this world are dedicated to tasks that make money, like SPAM, tweaking stock prices, and taking down corporate websites, "at just the right time." I would love to do an in-depth comparison of companies and related entities which get hit hard with DDoS and are heavily algo-traded on the markets.

Re:Correction

[Pino+Grigio]

No, more likely it's because the idiots who DDOS'd them last time went to jail a few weeks ago.

Re:Correction

[Phrogman]

Increasingly /. is all about pointless uninformative one line comments. In that its very much like reddit. I used to come here for interesting stories and responses, but now I have to wade through 100 pointless quips to get to one informative one.

Re:Correction

Issues related to the internal cluster structure are irrelevant; the way to deal with DDoS attacks is to intercept them before they even reach the cluster, and keep moving the interception point higher (first through the backbone and then contacting individual ISPs).

I have a feeling this DDoS attack was only possible due to CCP's moronic new "single login" architecture (that keeps logging people off while managing their account, submitting petitions through the website, etc.), introduced a week or two ago.

The fact that their website is on the same cluster as their game server also shows an amazing level of cluelessness.

In other words, the problem isn't the game architecture or how the cluster works internally, it's their network architecture and the way it talks to the outside world.

Re:Correction

As there have been complaints about the non-technical nature of posts, I'll take this opportunity to state that instead of saying "remove the BGP routing table entry for their network" it would be more accurate to state that they withdrew their announced prefix(es).

Re:Correction

Sorry, but no. Blizzard would not be caught dead trying to dDoS something. It would be stupid beyond comprehension, and even beyond the level of ineptitude large corporations sometimes display.

The "debate" is without any proof or facts. It's a rumor designed to suit the preconceptions of many of these players on so-called "private" WoW-servers. For some reason the majority of these people abhor Blizzard (the company whose game they so much enjoy playing on sub-par, reverse engineered servers) and will make anything bad that happens stick to them in some idiot way.

Blizzard has no need to resort to dDoS to "attempt to stop piracy". "Private" WoW-servers are a small nuisance. A nuisance, sure, but any that get too big can be cut off at their funding easily, and it really is not hard to send DMCA notices. The rest is the cost of doing business. You ignore it and make more games. That'll bring in actual money instead of wasting it on ... uh ... illegally blowing some network out of the water.

dDoS have been targeting "large" corporations for many, many years. They aren't publicized as much anymore. But even 10 years back you would hear of massive (and successful) dDoS attacks on Amazon, eBay, etc. -- whereas today there are countless dDoS-"protection"-services that have a market for a reason. It's ridiculously easy to pull the trigger on a server or ten, and only moderately harder to kill larger networks (given the sizes of botnets out there). It is exceptionally easy to kill off a rogue WoW shard, and people operating these kinds of servers tend to be f***wits who enjoy dDoSing "the competition" out of the water -- the same caliber of people who enjoy dDoSing IRC servers to take over a channel or dDoSing somebody in a PvP LoL match. Sure, not all of them -- but a lot of them. But yeah, sure, some intrepid Blizzard employee wastes their cash on hiring underground services to kill off some third-rate gaming server clone. Riiiight.

Re:Correction

[PhxBlue]

I used to come here for interesting stories and responses, but now I have to wade through 100 pointless quips to get to one informative one.

A hundred and one now, so thanks for that. :P

Re:Correction

[ImprovOmega]

Official, Blizzard WoW was glitchy as hell for a few hours on Sunday too. I don't think they were behind tanking their own systems too.

Player Generated Content, at a whole new level

Must be Goonswarm, protesting about the upcoming patch. It's all player generated content.

Re:Player Generated Content, at a whole new level

[meerling]

Player generated content = marketing spiel for "we don't actually put in any content, we just let the anti-social types attack everyone".

Re:How can you DDoS an MMO?

[GodfatherofSoul]

Because in networking, every new connection comes from a "non-player" until you're authenticated as otherwise.

Re:How can you DDoS an MMO?

Because someone clever enough can send a request that can't be distinguished easily from a real player?

Seriously, this is Slashdot, a little critical thinking would at the bare MINIMUM be an asset.

All we need is the HOSTS file guy

[Cito]

Where's the HOSTS file guy to post his 10 pages of spam on hosts file

and blame a bad hosts file for the reason eve is offline

har har

Re:All we need is the HOSTS file guy

[VortexCortex]

Sadly, I fear '127.0.0.1 slashdot' is to blame. Live by the hosts file, die by the hosts file... He slashdotted himself.

Re:All we need is the HOSTS file guy

[Cito]

haha!

I never could figure what was up with that guy, his posts started off halfway making sense then turned into the schizophrenic rambling of a mad man

all over a freaking hosts file

Russians

Usually I would expect DDoS extortion to come FROM Russia. Now I wonder how all those hardcore Russian EVE players are going to react if this wasn't their idea....

Re:Russians

[infonography]

Russian DDoS operators take their life in their own hands by this, I have fought with and along side Russians (on Eve) and they take this very serious.

Re:Russians

[powerlord]

Considering they've managed to take down Serenity (the China specific EVE on-line server) also ... I'd say the usual haunts of DDoS operators might not be as safe as they think they are.

Oh, for anyone who wishes to track it:
http://eve-offline.net/ and
http://eve-offline.net/?server=tranquility

Re:Russians

[ZeRu]

I believe that other servers were taken down by CCP as a precaution measure.

Logical reasons for a DDoS would be money related

[infonography]

Theory 1 They want to drive down the stock price by sullying them before the big release this week
Theory 2 They are butt sore over their podding by Goonswarm, or Test, or some noob named 5t@rTw33rp
Theory 3 Collect Underpants
Theory 4 ????.
Theory 5 PROFIT

Re:How can you DDoS an MMO?

[GloomE]

Initially it looked to me like an attack on their DNS servers, not the game itself.
A dig would work or not depending on which name server you were randomly allocated.
If you managed to resolve the required names you could get in and play just fine. Was fun having NPC null almost to myself.

They've brought the lot down now of course, but don't just assume that it's a problem with the game code.

Re:How can you DDoS an MMO?

[Hentes]

It's enough to do authentication once, after which just remember the IP. You don't have to authenticate every request.

Re:How can you DDoS an MMO?

[sgbett]

You should be in charge of the whole internet. You got it all figured out.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Eve Online

[dicobalt]

aka Spreadsheet Simulator 2013?

Re:Eve Online

You are part right. To be fair when you deal with corporations, there is a lot of human factor involved. But anyone who played eve online for more than 3 years in null sec logistics should be able to put it on their resume. I just quit one day. Needed to focus on getting paid part.

Re:Eve Online

[Nocturnal+Deviant]

If MS Excel looked like eve, I would switch to data entry.

Re:Eve Online

[Pino+Grigio]

I do actually have a spreadsheet for Eve. Only for manufacturing costs of certain things though.

Re:Eve Online

My favorite troll for Eve Online players is to tell them that Eve is getting an ODBC driver so they can directly link tables in the Excel spreadsheets.

The reaction is always the same. Their eyes get bright and their faces light up with a flash of excitement.. Then quickly sour when the realize how absurd it is, and that they were actually excited about it, and how damn nerdy it makes them.

Re:How can you DDoS an MMO?

unless you are the sort of coward who logs out!

Pfft, I'm the sort of coward who doesn't even log in!

Re:How can you DDoS an MMO?

[jeff4747]

You should probably learn how networking actually works. It will avoid making posts that are this bad.

The way the server knows what IP the packet came from is by the IP layer of the stack processing the packet. Which means the packet triggered work by the server, and the DDoS can do it's job.

Your "solution" requires the server to predict that a non-player IP will be sending a packet and reject it before examining the packet at all. But that's assuming the DDoS is sending random packets.

If the person behind the DDoS doesn't have enough nodes to carry out the attack above, then they can send bad "login" requests. The server will have to process them completely in order to reject the login.

Re:How can you DDoS an MMO?

If you are a sysadmin, please find new work. If you are a coder, please find new work.

Re:How can you DDoS an MMO?

I don't care. I am gov't sysadmin employee, my job is to bring the check home. Not going to waste my brain power to improve my knowledge, find new work or something that stupid.

Re:How can you DDoS an MMO?

As a gov't IT guy that has to fight uphill battles to implement simple shit like $TNS_ADMIN or create f'ing standards in the first please because of asshats like yourself...please sodomize yourself with something sharp and rippy as soon as possible. Thank you.

Re:Haha, EVE Online, more like...

Yours is a singular and rapier whit sir. *golf clap*

Re:How can you DDoS an MMO?

[Pino+Grigio]

Haha. ^ mod up.

interesting to note

Some have speculated that this may be related to some russian based player corporations. I find it interesting that as most US players would be getting ready to go to bed and it is prime time (6:30pm ish) in russia, that the DDOS would subside. while it may be a possible coincidence, it is about 2:30am eastern in the US and the servers are about to be restarted.

Re:In other news: EVE Offline

There's a membership drive right now on SA... You might be on to something.

Re:How can you DDoS an MMO?

[zachie]

Actually, even if you can distinguish, is no way to prevent any host of the Internet from sending traffic to you. If you gather enough upstream bandwidth, you can clog any pipe you want. Some research works have proposed ways to amend this, for example this.

Re:How can you DDoS an MMO?

Because in networking, every new connection attempt is completely unrelated to previous ones. Logs are forbidden black magic, and actually blocking any IP addresses requires approval from the council of internet elders. So, it's easier to just wait it out.

Re:In other news: EVE Offline

This isn't the Goons' style, honestly. They're capable of many things, but they're not lawbreakers.

Everyone Vs Everyone Online!

[Nostromo21]

Couldn't have happened to a more wretched hive of scum and villainy in all the virtual worlds!

(obviously, that comment excludes carebears & all non-sociopath gamers :)

Re:Goons?

[Nostromo21]

Re your sig: if you think that belief in a monotheistic, infinite, possibly personal, possibly triune, deity is a popular choice these days...then I find your lack of faith stupefying! Just sayin...

Re:How can you DDoS an MMO?

[angel'o'sphere]

Why do the gaming servers respond to requests from non-players?
I doubt they respond.

But the packet coming in as request get routed through the game servers network _until_ one part of the network decides to drop the packet(s) because they are illegit.

DDoS attacks basically always flood your network, consider it like a traffic jam in a city. You delete cars from the road as you recognize them as part of the DDoS but new cars coming into the city all the time cause more jams at the entrances to the city.

Re:How can you DDoS an MMO?

[Bengie]

Don't you know? Most upstream providers have Layer7 firewalls that can drop non-player EvE logins. The secret is the magic pixie dust.

Re:How can you DDoS an MMO?

Mod parent funny, I haven't laughed this hard in a long time.

DDOS becoming way too easy.

I host for a small, indie, open-source, free-to-play multiplayer game project. I get ddos-ed about once or twice a month.

It seems like it has become much easier in the past few months for skids to get ahold of a botnet. Maybe it's time to start pushing for vuln scanning by residential ISPs and simply cutting off infected people totally. Hell, the greedy ISPs could continue to charge the account holder after disconnection and even try to charge for on-site disinfection services.

The days of clever DDOS mitigation through firewalling and inspection are over. It now requires vast and increasing amounts of resources (bandwidth, packets per second capability for the DDOS scrubbing) to combat a level 1 skid's botnet.

There are two ways to fix this. One - force the asshole users to protect their machines and not allow attacks to originate from their nodes. Two - force the asshole providers to be responsible for removing the asshole infected zombie nodes from their networks, or limit the attack ability of the zombie nodes.

I don't have the money to fight off a ddos. If skids keep upgrading their ddos capability, you're going to see the monetization of the internet gain speed. Hobbyist servers and pages will increasingly get ddosed by machines that had some vulnerability exploited. We don't really have the money for ddos mitigation, even if we are vigilant about patching vulernabilities and following best practices to keep our stuff from being rooted.

Cheap higher speed bandwidth doesn't help

[0x537461746943]

It doesn't help that those infected hosts now can get 150mbit/sec upload speeds... Verizon only charges an extra $10 a month for 50/25mbit service. It wouldn't take many of them to kill a lot of decent sized sites.

Kim Jong-un

[DQKennard]

It was the North Koreans. Supreme Leader Kim kept getting boned within a few minutes of logging in and, being the most awesomest gamer in the world, instructed his people to take down the whole nest of conspiring cheaters.

IGB

Ironically, I'm reading this story from EVE's In-Game Browser. :)

Re:How can you DDoS an MMO?

[angel'o'sphere]

Pfft ...
What nonsense are you talking about?

How should an ISP know wheather a package you snt upstream is legit or ot?

Go smoke something else ...