Slashdot Mirror

← Back to Stories (view on slashdot.org)

Why Lizard Squad Took Down PSN and Xbox Live On Christmas Day

Posted by samzenpus on from the ruining-it-for-everybody dept.

DroidJason1 writes Early Christmas morning, hacker group Lizard Squad took credit for taking down PlayStation Network and Xbox Live for hours. This affected those who had received new Xbox One or PS4 consoles, preventing them from playing online. So why did they do it? According to an exclusive interview with Lizard Squad, it had to do with convincing companies to improve their security — the hard way. "Taking down Microsoft and Sony networks shows the companies' inability to protect their consumers and instead shows their true vulnerability. Lizard Squad claims that their actions are simple, take down gaming networks for a short while, and forcing companies to upgrade their security as a result."

9 of 336 comments (clear)

  1. Re:They're assholes. by JackieBrown · · Score: 5, Informative

    So they just gave you time to think about your game consumption, and the opportunity to think about the "silent" in silent night.

    They stopped because they were paid off. Thinking of them as noble or anything less than assholes gives them to much credit.

    https://twitter.com/LizardMafi...

    Lizard Squad @LizardMafia 10h 10 hours ago
    Thanks @KimDotcom for the vouchers--you're the reason we stopped the attacks. @MegaPrivacy is an awesome service.

  2. Re: For that, you'd have to do a different attack by beanpoppa · · Score: 3, Informative

    I don't think you understand how amplification attacks work. Anti-spoofing measures don't do anything. The spoofed messages don't come into your network. The very large responses do. And by the time they reach your filters, the damage is done; they've already filled your pipes. As the patent said, it's not exposing a weakness on your system. It's exposing a weakness on third party DNS servers, and the hundreds/thousands/millions of peoples' PCs that have been controlled via botnet.

  3. Re: They're assholes. by Anonymous Coward · · Score: 3, Informative

    Hi. You are dumb. Very dumb. Now, being a moron, you probably don't realize just how dumb you are, so I won't hold it against you. But now that I have informed you that you are stupid, you now have a responsibility to not go around talking about things you are ignorant about (likely everything).

    Simply because something is not physical does not make it not real. And, in actuality this "attack" was as physical as a door. Routers are physical, switches are physical, computers are physical even if their OS has been virtualized. And the services they provide are just as real as the doctors' services behind a door at the physician's office.

    So distinguishing between a DDOS attach and blocking a door is rather stupid and you should feel shame by bringing up such a ridiculous argument. Go stand in the corner, child.

  4. Re:They're assholes. by Anonymous Coward · · Score: 2, Informative

    The games CAN be played offline. But unfortunately, the systems (and many of the games) needed an initial patch, which they couldn't get.

    My son was lucky in that he received his Xbox One on xmas eve and the updates downloaded fine. Come Xmas day, we just popped in the game disc and it ran just fine once we told the Xbox to go to offline mode.

    The reason these guys are ASSHOLES is because of all those excited kids that opened their BIG present and couldn't do anything with it because the update patches couldn't be downloaded. If these guys came through and took a toy from a kid's hand, you wouldn't be saying they aren't assholes because they COULD have beat people with bats at the same time.

  5. Ways to protect vs DDoS by Anonymous Coward · · Score: 2, Informative

    Per my subject vs. many kinds of DoS/DDoS - Defensive measures that work:

    Microsoft Windows NT-based OS settings vs. DDoS/DoS:

    Protect Against SYN Attacks

    FROM -> http://msdn.microsoft.com/en-u...

    A SYN attack exploits a vulnerability in the TCP/IP connection establishment mechanism. To mount a SYN flood attack, an attacker uses a program to send a flood of TCP SYN requests to fill the pending connection queue on the server. This prevents other users from establishing network connections.

    To protect the network against SYN attacks, follow these generalized steps, explained later in this document:

    Enable SYN attack protection
    Set SYN protection thresholds
    Set additional protections

    Enable SYN Attack Protection

    ---

    The named value to enable SYN attack protection is located beneath the registry key:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TcpIp\Parameters.

    Value name: SynAttackProtect

    Recommended value: 2

    Valid values: 0, 1, 2

    Description: Causes TCP to adjust retransmission of SYN-ACKS. When you configure this value the connection responses timeout more quickly in the event of a SYN attack. A SYN attack is triggered when the values of TcpMaxHalfOpen or TcpMaxHalfOpenRetried are exceeded.

    ---

    Set SYN Protection Thresholds

    The following values determine the thresholds for which SYN protection is triggered. All of the keys and values in this section are under the registry key

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TcpIp\Parameters

    These keys and values are:

    Value name: TcpMaxPortsExhausted

    Recommended value: 5

    Valid values: 0?65535

    Description: Specifies the threshold of TCP connection requests that must be exceeded before SYN flood protection is triggered.

    Value name: TcpMaxHalfOpen

    Recommended value data: 500

    Valid values: 100?65535

    Description: When SynAttackProtect is enabled, this value specifies the threshold of TCP connections in the SYN_RCVD state. When SynAttackProtect is exceeded, SYN flood protection is triggered.

    Value name: TcpMaxHalfOpenRetried

    Recommended value data: 400

    Valid values: 80?65535

    Description: When SynAttackProtect is enabled, this value specifies the threshold of TCP connections in the SYN_RCVD state for which at least one retransmission has been sent. When SynAttackProtect is exceeded, SYN flood protection is triggered.

    ---

    Set Additional Protections

    All the keys and values in this section are located under the registry key

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TcpIp\Parameters. These keys and values are:

    Value name: TcpMaxConnectResponseRetransmissions

    Recommended value data: 2

    Valid values: 0?255

    Description: Controls how many times a SYN-ACK is retransmitted before canceling the attempt when responding to a SYN request.

    Value name: TcpMaxDataRetransmissions

    Recommended value data: 2

    Valid values: 0?65535

    Description: Specifies the number of times that TCP retransmits an individual data segment (not connection request segments) before aborting the connection.

    Value name: EnablePMTUDiscovery

    Recommended value data: 0

    Valid values: 0, 1

    Description: Setting this value to 1 (the default) forces TCP to discover the maximum transmission unit or largest packet size over the path to a remote host. An attacker can force packet fragmentation, which overworks the stack.

    Specifying 0 forces the MTU of 576 bytes for connections from hosts not on the local subnet.

    Value name: KeepAliveTime

    Recommended value data: 300000

    Valid values: 80?4294967295

    Description: Specifies how often TCP attempts to verify that an idle connectio

  6. Re: They're assholes. by Anonymous Coward · · Score: 0, Informative

    Destiny, the crew and others require an active connection to even start the game

  7. Re: They're assholes. by Anonymous Coward · · Score: 0, Informative

    Kids in hospital beds who's parents bought them a new console to distract from what they're going through were given a reminder about just how cruel the world can be. They just wanted a few hours to not think about it.
    Lizard Squad are assholes.

  8. Re:They're assholes. by Penguinisto · · Score: 3, Informative

    Plus their benefit vs harm ratio is kinda crap. Any idiot knows that online game stuff is vulnerable to DDOS. It's normally not a big problem because there doesn't seem to be enough money for most attackers to DDOS such stuff regularly. Most of them probably want more than vouchers from Kim Dotcom. So you cause a problem now and you don't really reduce future problems.

    Whereas it seems lots of people actually didn't know the bad and evil things their governments were doing, and Assange and Snowden opened at least some of their eyes. Greater awareness of that is a step towards eventually reducing the bad stuff. It may not actually fix stuff (people might still not care), but what other better options and paths are there?

    Quoted complete for greater exposure. You should have posted this under a 'nym or login, because it needs to be modded way the fuck up. :)

    --
    Quo usque tandem abutere, Nimbus, patientia nostra?
  9. Re:They're assholes. by BarbaraHudson · · Score: 3, Informative

    True, but they can always send their current ip address to their friend via email, chat, text, or a phone call. Or run a small server that people can join up to independent of the game companies, just to get the other players IPs.

    --
    "Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.