It's hard to suggest blocking those addresses, as they may be legitimate people who didn't do anything wrong.
I just read through the NeverWinterGod twitter page (thanks to ronanobrien for posting the link). And he looks to me as though he is intentionally doing this.
It's hard to suggest blocking those addresses, as they may be legitimate people who didn't do anything wrong.
I just read through the NeverWinterGod twitter page (thanks to ronanobrien for posting the link). And he looks to me as though he is intentionally doing this.
Of course, HE is... but he's probably using other systems that have been compromised, unbeknownst to their owners.
but don't you have some identification system that shows how much data you are getting from one source and if that source is giving overwhelming amount of data
These attacks don't come from one source. They have a "bot" network with boatloads of systems (often compromised computers with a virus). So first you have to figure out the attack vectors, then determine which IPs are repeating it before you can start block them. At least that's "typically" how it goes.
Well it is fortunate I never really play during evenings and more often in the mornings, so far it's been minimal connection issues on my end during such time. Nonetheless hope you all have best of luck solving this, someone needs to be made an example of being this crazy.
Is this the same guy who was doing the attacks yesterday?
He's claiming on hit twit feed he is...
This guys is not only attacking Neverwinter, but now he's saying that he wants to attack Elder Scrolls Online. Looks like we have an ego-maniac on the loose. I hope they nail him!
Isn't there a nefarious network guy in our community that is properly motivated to at least figure out who this kid is? Unfortunately, I'm a hardware guy, otherwise I'd be attempting something.
You may as well report the twitter account to the FBI. Though unlike a previous poster mentioned about trouble ticket turnover time (say that 5 times fast!) they should get to it pretty much immediately.
Is this the same guy who was doing the attacks yesterday?
He's claiming on hit twit feed he is...
This guys is not only attacking Neverwinter, but now he's saying that he wants to attack Elder Scrolls Online. Looks like we have an ego-maniac on the loose. I hope they nail him!
It's a foregone conclusion that he will be apprehended. Looks like he's trying to do as much as he can before that happens, and at this rate, I am sure it won't be long!
Isn't there a nefarious network guy in our community that is properly motivated to at least figure out who this kid is? Unfortunately, I'm a hardware guy, otherwise I'd be attempting something.
Yea me too... Not a network person...
Though I'm not really impressed... he had to test it several times to get it to work... Amateurish to be sure... Someone will get him... If he could not get it on the first or second pass, he made mistakes and will get caught...
0
rattler2Member, Star Trek Online ModeratorPosts: 58,689Community Moderator
If he's not only attacked Cryptic, but ESO... That is definately illegal and should be reported to the Feds.
I'll get the rope. Someone get the pitchforks and torches.
And... right now... this seems to fit the situation and how we hope it ends. https://www.youtube.com/watch?v=XSqCJ-UGYns
I can't take it anymore! Could everyone just chill out for two seconds before something CRAZY happens again?!
The nut who actually ground out many packs. The resident forum voice of reason (I HAZ FORUM REP! YAY!)
normal text = me speaking as fellow formite colored text = mod mode
Just a reminder, like all things related to internet trolling/negative behavior, please do not directly follow, message, or tweet him. Doing so encourages repeat behavior. While the team is working to resolve the issue, be mindful please.
the game doesn't crash, it just constantly pauses, i am not the best computer expert (so you guys who are much smarter than me, feel free to insult me, i will not take it personally) but don't you have some identification system that shows how much data you are getting from one source and if that source is giving overwhelming amount of data, just cut them off for a half-hour and email them stating the situation about their computer was DDoS'ing the server, yada yada, and "we are not blaming you, we are simply telling you". Or does that go against some policy
think of it this way...
you are standing in the middle of grand central station having a conversation with a few friends. While you may not be aware of it your ears and brain are processing every single sound in range - a fundamental function of human biology. Suppose now that everyone in the station started yelling at you at once. Blasted loud music in your ear. Gunshots and explosions. Your ears and brain now go into sensory overload to the point of rupturing your ear drum or causing you to become deaf. You don't have the ability to filter out that external noise or ignore it except for cancelling all of the sound at once by say plugging your ears.
DDoS is similar. It is a fundamental function of servers/routers to receive and send packets (i.e. sound waves in the ear example). Without this capability they are not able to function, that is, communicate with the outside world - which is their purpose. A DDoS exploits this functionality as if someone who wanted to make you go deaf may fire a weapon close to your ear. Your biology (or in the case of the server its biology otherwise known as protocols) is being taken advantage of.
Just as the ear doesn't have the ability to turn some sounds off the protocols outlining network communication can't turn off some requests for call/response without risking isolation. In that way the only real way (at least for now) to completely thwart a DDoS attack is to disconnect the server from the network. Which ultimately satisfies the malevolent who set out the attack.
Just a reminder, like all things related to internet trolling/negative behavior, please do not directly follow, message, or tweet him. Doing so encourages repeat behavior. While the team is working to resolve the issue, be mindful please.
What did come to my mind is perhaps the attack shouldn't even be acknowledged officially, could just say there are technical issues and leave it at that. But then, everyone turns to blaming the service for the problem, so I don't know what is better.
Just a reminder, like all things related to internet trolling/negative behavior, please do not directly follow, message, or tweet him. Doing so encourages repeat behavior. While the team is working to resolve the issue, be mindful please.
Just a reminder, like all things related to internet trolling/negative behavior, please do not directly follow, message, or tweet him. Doing so encourages repeat behavior. While the team is working to resolve the issue, be mindful please.
and for the love of common sense DO NOT click on any link he posts.
L'Miren: "T'Ket, darn it, stop! You're gonna TRIBBLE up that nice date... peace I made with the Other! Disable that DDOS Probe, now!"
#TASforSTO
0
rattler2Member, Star Trek Online ModeratorPosts: 58,689Community Moderator
Trendy... PLEASE tell me you guys have reported this to the Feds for investigation. Apparently he's not only targeting Cryptic (Since we just can't say Neverwinter since his attacks are affecting the other games) but word is he's also going after Elder Scrolls Online. I'd say there's plenty of evidence via Twitter that he's doing this on purpose.
I can't take it anymore! Could everyone just chill out for two seconds before something CRAZY happens again?!
The nut who actually ground out many packs. The resident forum voice of reason (I HAZ FORUM REP! YAY!)
normal text = me speaking as fellow formite colored text = mod mode
Trendy... PLEASE tell me you guys have reported this to the Feds for investigation. Apparently he's not only targeting Cryptic (Since we just can't say Neverwinter since his attacks are affecting the other games) but word is he's also going after Elder Scrolls Online. I'd say there's plenty of evidence via Twitter that he's doing this on purpose.
All I am allowed to say is we are investigating with a much larger team. You are free to read between the lines.
the game doesn't crash, it just constantly pauses, i am not the best computer expert (so you guys who are much smarter than me, feel free to insult me, i will not take it personally) but don't you have some identification system that shows how much data you are getting from one source and if that source is giving overwhelming amount of data, just cut them off for a half-hour and email them stating the situation about their computer was DDoS'ing the server, yada yada, and "we are not blaming you, we are simply telling you". Or does that go against some policy
think of it this way...
you are standing in the middle of grand central station having a conversation with a few friends. While you may not be aware of it your ears and brain are processing every single sound in range - a fundamental function of human biology. Suppose now that everyone in the station started yelling at you at once. Blasted loud music in your ear. Gunshots and explosions. Your ears and brain now go into sensory overload to the point of rupturing your ear drum or causing you to become deaf. You don't have the ability to filter out that external noise or ignore it except for cancelling all of the sound at once by say plugging your ears.
DDoS is similar. It is a fundamental function of servers/routers to receive and send packets (i.e. sound waves in the ear example). Without this capability they are not able to function, that is, communicate with the outside world - which is their purpose. A DDoS exploits this functionality as if someone who wanted to make you go deaf may fire a weapon close to your ear. Your biology (or in the case of the server its biology otherwise known as protocols) is being taken advantage of.
Just as the ear doesn't have the ability to turn some sounds off the protocols outlining network communication can't turn off some requests for call/response without risking isolation. In that way the only real way (at least for now) to completely thwart a DDoS attack is to disconnect the server from the network. Which ultimately satisfies the malevolent who set out the attack.
Now this is helpful, the other dude just did a facepalm, ok, so there really is no way to stop it unless you get earplugs (tripping over the 10by10 ethernet cord XD), but so, is there anyway for counter DDoS
Trendy... PLEASE tell me you guys have reported this to the Feds for investigation. Apparently he's not only targeting Cryptic (Since we just can't say Neverwinter since his attacks are affecting the other games) but word is he's also going after Elder Scrolls Online. I'd say there's plenty of evidence via Twitter that he's doing this on purpose.
I would guess that they have, or are sending someone in the morning (PST for them) to the authorities, but until then, they need some help
0
rattler2Member, Star Trek Online ModeratorPosts: 58,689Community Moderator
It appears as though our networks are stable, Captains. Welcome back. We will continue to monitor.
Based on yesterday's behavior... he'll start up again later. I hate to say this but I'm probably going to wait until this... shtako is busted and we don't have to deal with this.
I can't take it anymore! Could everyone just chill out for two seconds before something CRAZY happens again?!
The nut who actually ground out many packs. The resident forum voice of reason (I HAZ FORUM REP! YAY!)
normal text = me speaking as fellow formite colored text = mod mode
the game doesn't crash, it just constantly pauses, i am not the best computer expert (so you guys who are much smarter than me, feel free to insult me, i will not take it personally) but don't you have some identification system that shows how much data you are getting from one source and if that source is giving overwhelming amount of data, just cut them off for a half-hour and email them stating the situation about their computer was DDoS'ing the server, yada yada, and "we are not blaming you, we are simply telling you". Or does that go against some policy
think of it this way...
you are standing in the middle of grand central station having a conversation with a few friends. While you may not be aware of it your ears and brain are processing every single sound in range - a fundamental function of human biology. Suppose now that everyone in the station started yelling at you at once. Blasted loud music in your ear. Gunshots and explosions. Your ears and brain now go into sensory overload to the point of rupturing your ear drum or causing you to become deaf. You don't have the ability to filter out that external noise or ignore it except for cancelling all of the sound at once by say plugging your ears.
DDoS is similar. It is a fundamental function of servers/routers to receive and send packets (i.e. sound waves in the ear example). Without this capability they are not able to function, that is, communicate with the outside world - which is their purpose. A DDoS exploits this functionality as if someone who wanted to make you go deaf may fire a weapon close to your ear. Your biology (or in the case of the server its biology otherwise known as protocols) is being taken advantage of.
Just as the ear doesn't have the ability to turn some sounds off the protocols outlining network communication can't turn off some requests for call/response without risking isolation. In that way the only real way (at least for now) to completely thwart a DDoS attack is to disconnect the server from the network. Which ultimately satisfies the malevolent who set out the attack.
Now this is helpful, the other dude just did a facepalm, ok, so there really is no way to stop it unless you get earplugs (tripping over the 10by10 ethernet cord XD), but so, is there anyway for counter DDoS
There is a way to mitigate and potentially fix it entirely. Due to the nature of it, I will not discuss the full details, however I can ensure you that we are building said measures.
Comments
i would hope cryptic has a few "hackers" of their own on staff
My Ship Builds: USS Conqueror, HMS Victorious, HMS Concord, ISS Queen Elizabeth, Black Widow III
Click here to view my DeviantArt.
Of course, HE is... but he's probably using other systems that have been compromised, unbeknownst to their owners.
These attacks don't come from one source. They have a "bot" network with boatloads of systems (often compromised computers with a virus). So first you have to figure out the attack vectors, then determine which IPs are repeating it before you can start block them. At least that's "typically" how it goes.
This moron isn't a "hacker", he is paying to use a botnet that someone else set up to do this. Any idiot can do it, and many idiots have.
This guys is not only attacking Neverwinter, but now he's saying that he wants to attack Elder Scrolls Online. Looks like we have an ego-maniac on the loose. I hope they nail him!
It's a foregone conclusion that he will be apprehended. Looks like he's trying to do as much as he can before that happens, and at this rate, I am sure it won't be long!
Yea me too... Not a network person...
Though I'm not really impressed... he had to test it several times to get it to work... Amateurish to be sure... Someone will get him... If he could not get it on the first or second pass, he made mistakes and will get caught...
I'll get the rope. Someone get the pitchforks and torches.
And... right now... this seems to fit the situation and how we hope it ends.
normal text = me speaking as fellow formite
colored text = mod mode
think of it this way...
you are standing in the middle of grand central station having a conversation with a few friends. While you may not be aware of it your ears and brain are processing every single sound in range - a fundamental function of human biology. Suppose now that everyone in the station started yelling at you at once. Blasted loud music in your ear. Gunshots and explosions. Your ears and brain now go into sensory overload to the point of rupturing your ear drum or causing you to become deaf. You don't have the ability to filter out that external noise or ignore it except for cancelling all of the sound at once by say plugging your ears.
DDoS is similar. It is a fundamental function of servers/routers to receive and send packets (i.e. sound waves in the ear example). Without this capability they are not able to function, that is, communicate with the outside world - which is their purpose. A DDoS exploits this functionality as if someone who wanted to make you go deaf may fire a weapon close to your ear. Your biology (or in the case of the server its biology otherwise known as protocols) is being taken advantage of.
Just as the ear doesn't have the ability to turn some sounds off the protocols outlining network communication can't turn off some requests for call/response without risking isolation. In that way the only real way (at least for now) to completely thwart a DDoS attack is to disconnect the server from the network. Which ultimately satisfies the malevolent who set out the attack.
What did come to my mind is perhaps the attack shouldn't even be acknowledged officially, could just say there are technical issues and leave it at that. But then, everyone turns to blaming the service for the problem, so I don't know what is better.
Will do, Trendy.
and for the love of common sense DO NOT click on any link he posts.
normal text = me speaking as fellow formite
colored text = mod mode
Now this is helpful, the other dude just did a facepalm, ok, so there really is no way to stop it unless you get earplugs (tripping over the 10by10 ethernet cord XD), but so, is there anyway for counter DDoS
I would guess that they have, or are sending someone in the morning (PST for them) to the authorities, but until then, they need some help
Based on yesterday's behavior... he'll start up again later. I hate to say this but I'm probably going to wait until this... shtako is busted and we don't have to deal with this.
Sorry, but I am that irritated by him.
normal text = me speaking as fellow formite
colored text = mod mode