Cheesecake-DN Posted November 1, 2017 Share Posted November 1, 2017 In recent years, DDoS attacks have become increasingly common. They've existed for quite some time now, but are being used more and more as a form of cyber warfare.What is a DDoS Attack? I won't pretend to be the most techno-savvy person in the world, and I only really understand it myself in the broadest sense. DDoS stands for Distributed Denial of Service. http://en.wikipedia.org/wiki/Denial-of-service_attackhttps://www.cisco.com/c/en/us/support/docs/security-vpn/kerberos/13634-newsflash.html Essentially it boils down to a person, or people, coordinating a massive number of computers (usually compromised computers) to send requests or pings on a scale that the receiving server cannot handle, resulting in a website or webservice being either heavily slowed or brought offline altogether. Why do people do this? For the same reasons that people have hacked into highly secure servers and databases. For the same reason that people have distributed and utilized viruses. It can be a revenge thing. A banned gamer might do it as a way to get back at the host company for banning him. It can also be "just because we can", a show of power, or simply thumbing one's nose at the authorities, as seems to have been the case for the "Derp" group that ran large scale DDoS attacks on several games some months back. There is no single unifying reason as to why its done, and in any given DDoS attack, you would have to know who is behind the attack before you can really know why they're doing it. Can DDoS attacks be prevented or stopped? In short, no, not really. As the cisco link above lays out, there are measures that can be taken that may or may not stop an attack, depending on they type of attack underway (the cisco page specifically points to SYN request type attacks, but there are other types), the scale of the attack, and the infrastructure of the server being attacked. Google or Amazon would be much harder to take down with DDoS attacks than gaming servers like NCsoft hosts due to their massive budget and infrastructure allowing incredibly high bandwidth. How do I recognize that a DDoS attack is underway, rather than problems sourcing from the server itself? If the server itself is suffering internal issues, you may see some initial "lag" just before a crash, but following the crash, the servers generally stay offline for longer periods of time in order to find and address issues before bringing servers back online. During a DDoS attack, you'll see sudden massive spikes in ping, resulting in skills becoming non responsive, "rubber banding" of your character if you're attempting to run, etc. Less resource intensive content like the chat window may (and usually does) suffer less lag than the gameplay. Expect through a ping check to suddenly have numbers in the thousands, or even millions. Players will be forced off the server (disconnects) in large numbers if the attack persists (and it always does), if the server is not crashed entirely. Once the attack ceases, there is commonly no delay in bringing the servers online, as the problem was not with the servers themselves, but rather came from an outside source. What can I do during a DDoS attack? Be patient. If at all possible, avoid adding to the server load. I know its tempting to attempt to immediately log back in (I find myself doing it too), but while under attack, the load on a server is tremendous, and you're only making it worse by attempting to access the servers during this time. Understand that the host company is not to blame (at least not directly in the case of a revenge motivated attack), and that they will have the game back online as soon as they're able. Unfortunately, waiting an attack out is all that can really be done. Getting angry at NCsoft during a DDoS Attack is misplacing the blame, and doesn't really help anything. Repost from DavidGarrett http://forums.na.aiononline.com/na/showthread.php?t=131545 Follow Aion Ops Twitter Link to comment Share on other sites More sharing options...
This topic is now archived and is closed to further replies.