1. I have corrected the e-mail settings so that outgoing e-mails from these forums should be sent now. If you tried to Register or Reset your Password, please try again!
    Dismiss Notice

DDOS attack general question

Discussion in 'EverQuest II General Discussion' started by Jadethorn, Jan 2, 2017.

  1. Jadethorn

    Jadethorn New Member

    Hi,

    For the experts who understand such things, how does this keep happening? Is it a totally new game (no pun intended) every holiday as far as, little can be done to prevent this stuff?

    Are they continually breaching new security, or the same old security?

    Thanks,
    Jade
     
  2. Conifur

    Conifur Member

    If I understand correctly the "breach" is not at the companies server, but the infected computers (could be yours and mine). Those computers then take part in overloading the target companies servers with information request. There is no real breach, just no easy path for "real" information to go to and come from the server. Like 1,000 people outside your house asking to come in; your security might be good enough to keep them all out of the house but the pizza guy with your pizza can't deliver it so you are SOL and denied service.
     
    • Informative Informative x 3
    • Like Like x 1
    • Agree Agree x 1
  3. Uyaem

    Uyaem Member

    You deserve a medal for the pizza guy analogy. :)

    I would change the people outside the house to zombies though, because they have no idea why they are even there, or what they are doing. Also, everything is better with zombies.
     
    • Like Like x 1
    • Agree Agree x 1
  4. Feldon

    Feldon Administrator Staff Member

    It's not a matter of security. It's the millions of computers out there that are infected with spyware/viruses/etc. which can be summoned into an unstoppable army. Just imagine 1 million computers each hitting Refresh on a company's website. That website is going to go down. This is kind of like that, but more technical and specific. With the prevalence of high speed internet, each computer out there can flood a server with a lot of data. Multiply by 1 million and you see the problem.

    Daybreak's current IT situation is positively prehistoric. When you attack any part of Daybreak, the whole thing goes down. Their whole system is all linked together and running an ancient version of Central Authentication Service, a piece of open source software developed 12 years ago. If Daybreak migrated to something more modern, or even just an updated version of CAS, they could isolate servers so that, for instance, when H1Z1 is under attack, it doesn't also take down EverQuest2.com, which is what happens now.

    My understanding when you connect to EQ2 through the launcher is it's almost like a VPN connection. You are joining Daybreak's gaming network as if you were hooking up your computer in Las Vegas. Maybe this is typical for MMO design, I don't know, but when someone explained this to me, I could not believe that this is still being done in 2016.

    Even the reptilian DDoSers were shocked a few years back that Daybreak's current IT infrastructure puts all the eggs in one basket and how easy it was to take down the entire network for hours.
     
    Last edited: Jan 4, 2017
    • Like Like x 1
    • Agree Agree x 1
  5. Inire

    Inire Not really an evil duck, just misunderstood.

    DoS (Denial Of Service i.e. the service that you want is not responding and the attack is coming from one attacker)
    DDoS (Distributed Denial of Service i.e. the service that you want is not responding and the attack is coming from MANY attackers)

    Both Daybreak and SOE have been given solutions by reputable companies.

    DDoS has mitigation methods. GRE Tunnels, BGP redirects, HA Proxy distributed systems, etc. etc. etc.

    ISP's are super willing to work with companies that have money and are willing to get good support contracts.

    When there was a big outage a few months ago due to the wireless camera attack, a few sites (pornhub.com for example) stayed online during the assault. The reason why is that these sites are HIGHLY DISTRIBUTED, and have DDoS mitigation in place. Instead of depending on one location for giving you the goat porn you want, they have multiple services at multiple locations, using many different connections.

    Daybreak/SOE's architecture is single location, single target. Even working with ISP's to remove this traffic will still mean that they have only one place to attack, meaning that it is an ever increasing feat to defend that one point. The longer term solution to this problem is to have DBG move Platform to multiple locations, with many different systems providing the services.

    In terms of what Feldon was discussing, the auth system being in one location is the key issue for this. It should also be distributed to other locations as well. I suspect he's talking CAS while I am talking Platform, which I believe is functionally the same set of systems? Not totally sure.
     
    • Like Like x 1
    • Informative Informative x 1
  6. Feldon

    Feldon Administrator Staff Member

    Platform is the group/department.

    Central Authentication Service is the piece of software that Daybreak uses for everything. It is the one and only gatekeeper for every game, every website, every service.
     
    • Like Like x 1

Share This Page