Slashdot Mirror

← Back to Stories (view on slashdot.org)

DoS Attack Forces EVE Online Offline

Posted by timothy on from the tried-turning-it-off-and-back-on-again dept.

Resorting to the out-of-band messaging that is Facebook, CCP Games has announced that "At 02:05 GMT June 2nd, CCP became aware of a significant and sustained distributed denial-of-service attack (DDoS) against the Tranquility cluster (which houses EVE Online and DUST 514) and web servers."

37 of 127 comments (clear)

  1. Wow, finally a timely Slashdot story! by GodfatherofSoul · · Score: 5, Funny

    I was just wondering why I couldn't log in! I criticize you guys a lot, gotta give you props this time.

    --
    I swear to God...I swear to God! That is NOT how you treat your human!
    1. Re:Wow, finally a timely Slashdot story! by MtHuurne · · Score: 5, Funny

      Now we know what Slashdot editors do all day ;)

    2. Re:Wow, finally a timely Slashdot story! by conspirator23 · · Score: 4, Funny

      All it means is that a Bitcoin angle to this story will be revealed later.

    3. Re:Wow, finally a timely Slashdot story! by fuzzyfuzzyfungus · · Score: 5, Funny

      All it means is that a Bitcoin angle to this story will be revealed later.

      The raspberry Pi is working as fast as it can; but the angle isn't quite finished yet...

    4. Re:Wow, finally a timely Slashdot story! by Impy+the+Impiuos+Imp · · Score: 3, Funny

      It was Eve Online, not My Little Pony Online.

      --
      (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
    5. Re:Wow, finally a timely Slashdot story! by powerlord · · Score: 4, Funny

      and what do they do with the Bitcoins? Trade them for PLEX obviously.

      --
      This space for rent. All reasonable inquiries will be entertained at proprietors discretion.
  2. EVE Offline by Anonymous Coward · · Score: 5, Funny

    That is all.

    1. Re:Eve Offline by Anonymous Coward · · Score: 2, Informative

      3) get a life.

    2. Re:Eve Offline by fazig · · Score: 3, Funny

      You expect me to run missions in a gallentean shuttle?
      I'd rather watch grass grow, which is almost as entertaining as mining is in EVE Online.

      I suggest: Go for a walk, take a shower, get some sleep. Do things that can't done sufficiently during the daily downtime of about 15 minutes. Or if it has to be EVE related map out the skills you are going to learn on your characters for the next few years in EVEmon or create a whole fleet setup for PvP in your EFT or Pyfa.

      When the servers are back on CCP might reimburse you some skillpoints, who knows.

    3. Re:Eve Offline by TheNastyInThePasty · · Score: 2

      3) Go to drive.google.com. Click Create. Choose Spreadsheet. Enjoy!

      --
      The best thing about UDP jokes is I don't care if you get them or not
  3. Internet Spaceships by Airdorn · · Score: 5, Funny

    They need to get this sorted ASAP. I have important Internet spaceship business to tend to and it really can't wait any longer.

    1. Re:Internet Spaceships by Pino+Grigio · · Score: 2

      Yea me too. My manufacturing jobs have finished cooking! (Although obviously with the cluster offline I've got nobody to sell them to).

    2. Re:Internet Spaceships by joelleo · · Score: 2

      I was in the process of joining a new corporation :/ Approximately 50b in assets just sitting in space in null sec at the moment while I get all my chars moved over and able to dock. Awesome.

      --
      "In the end, there is simply no weapon more devastating than the truth, delivered in just the right way." - tnk1
    3. Re: Internet Spaceships by Anonymous Coward · · Score: 2, Funny

      I'll keep you safe. Please post system and nearest celestial and I'd be happy to provide escort once the server is back online

  4. So... by fuzzyfuzzyfungus · · Score: 4, Interesting

    What kind of intricate in-game machinations will this turn out to be connected to?

    1. Re:So... by Pino+Grigio · · Score: 4, Informative

      Some people are speculating it's to do with TEST Alliance, as they're under a bit of pressure at the moment. It wouldn't surprise me if Eve played host to the kind of idiots who'd be able to do something like this. Certain aspects of the game are attractive to sociopaths. Then again I'm not a conspiracy theorist, so I'm thinking it's just a re-run of the last one, given that some of Lulzsec guys were jailed a few weeks ago for doing it some time ago.

  5. Why by Anonymous Coward · · Score: 4, Insightful

    Why would anyone launch a DoS attack on EVE online servers?!"
    Nerds should not attack other nerds. :P

    1. Re:Why by osu-neko · · Score: 5, Funny

      Nerds should not attack other nerds. :P

      Um... you haven't actually played EVE Online, have you? xD

      --
      "Convictions are more dangerous enemies of truth than lies."
  6. Re:How can you DDoS an MMO? by fuzzyfuzzyfungus · · Score: 4, Insightful

    Why do the gaming servers respond to requests from non-players?

    I assume that there is, at very least, some sort of authentication service that has to evaluate a request to determine whether or not it comes from a player...

  7. Eve Offline by Anonymous Coward · · Score: 2, Interesting

    For those hopelessly addicted, there are two solutions:

    1) practice on the singularity server (aka test server)
    2) play the flash version.

  8. Re:How can you DDoS an MMO? by ThePeices · · Score: 2

    Why do the gaming servers respond to requests from non-players?

    Ahhh, this question is unanswerable as it is one of the few true mysteries of the universe, like magnets ( wtf, how do they work!), velcro, and the location of the proverbial "other sock".

    Why do gaming servers respond to requests from non-players? Well dude, the answer might as well be 42, nobody knows.

  9. Re:How can you DDoS an MMO? by fuzzyfuzzyfungus · · Score: 4, Funny

    *sigh*

    You need to log in to the game at some point.

    But only once, unless you are the sort of coward who logs out!

  10. Correction by girlintraining · · Score: 4, Informative

    It's not Facebook that they're updating from; It's Twitter. Their Facebook account is linked to Twitter.

    Anyway, this isn't the first time the servers have been DDoS'd; This happens about every 4 months or so on average. And unfortunately, they've handled it about as well each time as you're seeing now: They tend not to announce the DDoS until hours after the news is all over the forums that people are experiencing mass disconnects and instability. And once the problem has been identified (late), their response is usually to kill all the servers, remove the BGP routing table entry for their network, and wait it out.

    They don't have the capability of weathering DDoS attacks; Though they claim otherwise, history tells another story. It has to do with the fact that their game depends on a cluster architecture that is not adaptable to something like Amazon cloud, or any kind of scalability. I don't really want to get into details here because it gets really technical, but basically it comes down to data syncronization within the cluster requiring very low latency between nodes. And that means you can't locate the nodes off-site, and proxying is only of limited utility.

    They tried proxying the front-end for accepting connections and authenticating users, because that's what has been targetted in the past and is one of the few components that can be moved. The current DDoS attack though is generating large numbers of connections that look the same as legitimate connections, so the proxies are allowing them. Rather than just throwing as much bandwidth as they can at the network as in the past, they're now crafting their traffic.

    I suspect the reason the attack is being launched now is because in a few days they're releasing a new patch of the game which will change the network protocols used by the client... their hack might not work then, so they probably decided to launch it now before it becomes useless. They are hitting people on the weekend because it's when the most users are on... so it's most likely to be noticed.

    --
    #fuckbeta #iamslashdot #dicemustdie
    1. Re:Correction by Dachannien · · Score: 5, Insightful

      I don't really want to get into details here because it gets really technical,

      This is Slashdot. What else is Slashdot good for, if not "really technical"?

    2. Re:Correction by Anachragnome · · Score: 2

      "They don't have the capability of weathering DDoS attacks;..."

      I play a private WoW server called Molten-WoW. This weekend they held a couple of PvP tournaments--they've been under constant DDoS attack since Friday night, right up to.......now. It is still occurring. Interestingly, their DDoS protection software keeps the servers up--the problem is that one in five people cannot connect as a result of false-positives on the part of the software. It is also common for attacks to happen for no obvious reason--the operators of these private servers wage war against each other trying to force players to leave, hopefully to their own server. There has also been evidence of extortion attempts directed against the operators of these private servers as they have little legal recourse. Most rely on renting servers from companies that will provide the DDoS protection. They can weather DDoS attacks, just not very well. It effects their customers the most and that is probably the goal.

      My point is that these attacks are common. They just haven't been targeting large corporations, until now.

      There has been considerable debate regarding Blizzard being behind the attacks against the private WoW servers. Who knows, it could be. It could also be any competitor. It could be the Chinese (think about how many Chinese MMOs there are out there now). It could be some kid with LOIC and a bunch of friends.

      Welcome to the Wild West.

    3. Re:Correction by xtracto · · Score: 2

      uuuh no, the story was an actual technical story with technical details (from Mark Russinovich) ( http://it.slashdot.org/story/05/10/31/2016223/sony-drm-installs-a-rootkit ), and there is actually insightful and interesting technical and political discussion in the thread.

      --
      Ubuntu is an African word meaning 'I can't configure Debian'
    4. Re:Correction by Phrogman · · Score: 3, Informative

      Increasingly /. is all about pointless uninformative one line comments. In that its very much like reddit. I used to come here for interesting stories and responses, but now I have to wade through 100 pointless quips to get to one informative one.

      --
      "The first time I got drunk, I got married. The second time I bought a chimpanzee, after that I stayed sober" Arian Seid
    5. Re:Correction by PhxBlue · · Score: 3, Funny

      I used to come here for interesting stories and responses, but now I have to wade through 100 pointless quips to get to one informative one.

      A hundred and one now, so thanks for that. :P

      --
      !#@%*)anks for hanging up the phone, dear.
  11. Re:How can you DDoS an MMO? by sgbett · · Score: 5, Funny

    You should be in charge of the whole internet. You got it all figured out.

    --
    Invaders must die
  12. Re:The wives of EVE by powerlord · · Score: 5, Funny

    Will rejoice

    All the countless Wives, Girlfriends, significant others, etc. ... wait ... I think I know who might be behind this. ...

    --
    This space for rent. All reasonable inquiries will be entertained at proprietors discretion.
  13. Eve Online by dicobalt · · Score: 3, Funny

    aka Spreadsheet Simulator 2013?

  14. Re:How can you DDoS an MMO? by Anonymous Coward · · Score: 3, Funny

    unless you are the sort of coward who logs out!

    Pfft, I'm the sort of coward who doesn't even log in!

  15. Re:How can you DDoS an MMO? by jeff4747 · · Score: 3, Insightful

    You should probably learn how networking actually works. It will avoid making posts that are this bad.

    The way the server knows what IP the packet came from is by the IP layer of the stack processing the packet. Which means the packet triggered work by the server, and the DDoS can do it's job.

    Your "solution" requires the server to predict that a non-player IP will be sending a packet and reject it before examining the packet at all. But that's assuming the DDoS is sending random packets.

    If the person behind the DDoS doesn't have enough nodes to carry out the attack above, then they can send bad "login" requests. The server will have to process them completely in order to reject the login.

  16. Re:The wives of EVE by Corbets · · Score: 5, Insightful

    Wives? Girlfriends? Obviously, you've never met anyone who plays EVE Online.

  17. Re:All we need is the HOSTS file guy by VortexCortex · · Score: 2

    Sadly, I fear '127.0.0.1 slashdot' is to blame. Live by the hosts file, die by the hosts file... He slashdotted himself.

  18. Everyone Vs Everyone Online! by Nostromo21 · · Score: 4, Funny

    Couldn't have happened to a more wretched hive of scum and villainy in all the virtual worlds!

    (obviously, that comment excludes carebears & all non-sociopath gamers :)

  19. Re:How can you DDoS an MMO? by angel'o'sphere · · Score: 2

    Why do the gaming servers respond to requests from non-players?
    I doubt they respond.

    But the packet coming in as request get routed through the game servers network _until_ one part of the network decides to drop the packet(s) because they are illegit.

    DDoS attacks basically always flood your network, consider it like a traffic jam in a city. You delete cars from the road as you recognize them as part of the DDoS but new cars coming into the city all the time cause more jams at the entrances to the city.

    --
    Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.