open All Channels
seplocked EVE General Discussion
blankseplocked We are back in business,TQ is back up *Update*
 
This thread is older than 90 days and has been locked due to inactivity.


 
Pages: first : previous : ... 5 6 7 8 [9] 10 11 12 13 ... : last (25)

Author Topic

topix92
Posted - 2011.06.15 01:09:00 - [241]
 

Originally by: Abor Mala
I'm wondering about the technical details of the DOS attack. If it was a simple PING flood it could be easily disabled by setting an ACL in the firewall to deny all ICMP packets from any source.

If it was a TCP SYN flood to the EVE login port it would take some tricky filtering to differentiate between a login request from a real Eve client, and the flood of TCP SYNs from the attacking nodes. I assume there is some sort of rate limit set in the firewall to discard TCP SYNs from the same source IP, but the source IPs could be spoofed to make them different.




I guess it was a simpel Ping attack, CCP maybe should have thought about that:P but still LulzSec went easy on CCP.


Well done CCP. Everyone which is angry right now, DONT BE ANGRY AT CCP. CCP did what they thought was the best thing to do to not risk your personal information.

Kane Kodiac
Posted - 2011.06.15 01:09:00 - [242]
 

Originally by: Macabre Devil

Yeesh...wonder how I can make back the ISK I lost from this fiasco...


Maybe they will credit current accounts with skill points like in the past?

...fingers crossed...Very Happy

Lancot
Posted - 2011.06.15 01:09:00 - [243]
 

I want to address a few things here.

1. CCP did good. Maybe it wasn't the best solution to the problem, but given the reputation of LulzSec (they do seem to have a few who actually know what they are doing), it was the safest solution. A server that is not running is 100% guaranteed not hackable. Also, this decision had another, more subtle, effect. According to LulzSec tweets, they were annoyed/disappointed by the fact that CCP simply wasn't playing along and shut everything down. So in the end, DDOSing Eve wasn't that much of lulz as they expected it to be. It's like someone scrambling your precious ship and you simply self-destroying the ship. It takes out the fun and you give the attacker the proverbial finger.

2. The community was something to be proud of in the last hours. I wasn't on the forums but anywhere else on the internet, I could only read about slight annoyance from the community. No full-blown rage attacks, no immature statements about how stupid everything is (although the statement itself was everywhere, but just in a mature way), etc. You guys rock (until you blow me to smithereens, then you're just cool).

3. How about we order those guys at CCP some pizza, since they do have to work at night right now for our universe to be running?

S'qarpium D'igil
Posted - 2011.06.15 01:09:00 - [244]
 

Thank you, CCP. Keep up the good work! <3

PS. I get mad at you about some things, but you're doing well today. :)

Barbarella Smith
Posted - 2011.06.15 01:10:00 - [245]
 

good job ccp Very Happy

Cortith Barnacarus
Gallente
University of Caille
Posted - 2011.06.15 01:12:00 - [246]
 

Jesus.. First Sony, now Bethesda, Nintendo, Codemasters, Epic Games, and even CCP?... Frak, what's the deal with these people?

Wyke Mossari
Gallente
Posted - 2011.06.15 01:13:00 - [247]
 

Originally by: Sister Virgin


--dated BS snipped--

Sister Virgin
Aged, Retired, REAL Hacker and Phreaker



You don't know what you are talking about.

A Ping flood is a very old attack vector and doesn't work against any OS less than 10 years old.

Today the vast majority of DDOS attacks are carried out with SYN floods, some use a low data rate tear-drop attack.

DDOS the front door is often a distraction to hide a covert intrusion via another route.

Current Technical Architect.

Martineski
Posted - 2011.06.15 01:13:00 - [248]
 

ughgreat response and timing CCP. glad you stopped the attack before damage could have been caused. and for those out there saying just block pings, thats not all there is to it. Pings are just one type of DDoS attack, you can also do packet flooding and other things to bring the servers to a halt. I am studying in the field of Network Security and its more complicated than just a few Countermeasures.

Thanks again CCP

Jormungandr Bastanold
Posted - 2011.06.15 01:15:00 - [249]
 

These people, in my own opinion, have a God syndrome. They do those things because they can. They might actually fool themselves into beliving they're "testing the security" or something like twisted that.

Bunnyy Lebowski
Posted - 2011.06.15 01:15:00 - [250]
 

All of the people demanding to know what CCP plans to do to guard against this in the future or details outside of what CCP is offering up should realize:

  1. You are asking questions that answers do not exist for yet.

  2. Statements made this soon after an event are public facing statements to avoid wild speculative rumors

  3. You are asking questions that answers do not exist for yet.

  4. Time CCP has to spend dealing with the assault from players is time that isn't being spent doing anything useful.

  5. You are asking questions that answers do not exist for yet.

  6. You are asking questions that answers do not exist for yet.

  7. You should be so fortunate that they have given us even this much information considering how soon it is after.

  8. If you are now asking yourself "why?" to the item above it, the answer is "Because, (Insert item below)"

  9. You are asking questions that answers do not exist for yet.


Relax, anything there is to tell that will be told will be told soon enough. If half the people going "WTFBBQ I DEMAND ANSWERS RAWR IMABEAR!" focused that energy collectively towards the actual source of this problem, you would at worst be doing something more useful than shouting at CCP to "fix their sh*t".

You may now proceed to flame me as if any of those items were even remotely untrue. Rolling Eyes

count sporkula
Posted - 2011.06.15 01:16:00 - [251]
 

There is a very simple answer for this. sometimes the start of dos - ddos - rddos attack is used to mask other intrusions until they finish and can cover their tracks. it is very wise to remove this possibility before they finish. if they where mucking around in there you want all the tracks you can get...

it was perfectly reasonable for them to do this. they get a thumbs up from me.




Originally by: JEK3
Originally by: Sister Virgin
A DOS or Denial of Service attack (most commonly done with a ping flood) is most often
completely different than a hacking attempt to breach a database.

Why CCP suddenly took credit for making sure credit card data was safe makes no sense, as
someone attempting to obtain files would not call attention to themselves with something as
stupid and simple as a DOS attack.

Two COMPLETELY different things.

It sounds like CCP has ****ed someone off big time whom is retaliating by flooding the servers.
And CCP to pull some smoke and mirrors has used that to their advantage to try to make themselves
look like heros.

Some people are not THAT stupid.... Sigh....


Oh and some advice to CCP. Seek some advice and do some research about how eBay and Amazon prevent this.
I suspect you can just make your servers ignore pings. That simple. (I hope)

To players; Until CCP does that, I predict they could be down for days until law enforcement can intervene.

Sucks, I wanted to play today.

Cheers

Sister Virgin
Aged, Retired, REAL Hacker and Phreaker



I was about to write that when I saw your post Sister Virgin. I cannot put that better ;-)

CCP, I think you should really answer to that post, as it contains a few interesting points!

Tali Ambraelle
Posted - 2011.06.15 01:17:00 - [252]
 

Edited by: Tali Ambraelle on 15/06/2011 01:17:00
Atlas has confirmed to paying RMT cash to LulzSec for the DDoS attack.

http://www.eveonline.com/ingameboard.asp?a=topic&threadID=1528162&page=2

Soden Rah
Gallente
EVE University
Ivy League
Posted - 2011.06.15 01:17:00 - [253]
 

Originally by: Wyke Mossari
Originally by: Sister Virgin


--dated BS snipped--

Sister Virgin
Aged, Retired, REAL Hacker and Phreaker



You don't know what you are talking about.

A Ping flood is a very old attack vector and doesn't work against any OS less than 10 years old.

Today the vast majority of DDOS attacks are carried out with SYN floods, some use a low data rate tear-drop attack.

DDOS the front door is often a distraction to hide a covert intrusion via another route.

Current Technical Architect.



also talking about Amazon and ebay defending themselves... they post profits in the hundreds of millions... they can afford distributed servers and computer security CCP could only dream of.

penmonkey
Posted - 2011.06.15 01:17:00 - [254]
 

Edited by: penmonkey on 15/06/2011 01:17:32
Originally by: Wyke Mossari
Originally by: Sister Virgin


--dated BS snipped--

Sister Virgin
Aged, Retired, REAL Hacker and Phreaker



You don't know what you are talking about.


we all know he doesnt know anything but a believe you can be arrested for hacking so report report report lol just kidding i know your no hacker you would have to be half way smart


Sergeant Spot
Galactic Geographic BookMark Surveying Inc.
Posted - 2011.06.15 01:18:00 - [255]
 

Well done CCP. A proper response to a serious situation.

Also glad to see that most players recognize reality on this. (as for the 'compensation' whiners, let em rot....)


Uncle AWOL
Posted - 2011.06.15 01:20:00 - [256]
 

Originally by: Jormungandr Bastanold
These people, in my own opinion, have a God syndrome. They do those things because they can. They might actually fool themselves into beliving they're "testing the security" or something like twisted that.
this happens every now and then. its sad really that people stupe so low as to believe themselves as superior to the rest of us. or theyve all been watching too many movies. :)
BTW i wouldnt be surprised if they tried to hack Microsoft any time soon. so i would get rid of any card information on any and all sites. if possible

Annika Ocada
Posted - 2011.06.15 01:21:00 - [257]
 

They need to be back-traced and the cyber police notified immediately .. consequences will never be the same.

TwoJohn
Posted - 2011.06.15 01:22:00 - [258]
 

Edited by: TwoJohn on 15/06/2011 01:23:28
Originally by: Katrina Raskin
A few points:

The group claiming responsibility has stated it was not for any reason beside the "lulz". They also took down a number of other sites today. It's unlikely to be retaliation or a vendetta.

A DoS attack is often used to create cover for other more intrusive attacks. (Simplified e.g. : Try to pick out the intrusive connection in the field of non-intrusive and combat it, while trying to combat the DoS simultaneously).

With certain systems a DoS can cause flaws in a server response which can allow for exploits to be used (simplified e.g. An overloaded server may not respond correctly to requests, allow for injection, etc)

DoS being limited to pings... Um, no. Just, too much wrong with that to even begin to explain it. And most servers are set to ignore anyway. Amazon and eBay are not comparable to CCP, not in scale, scope or resources. That's just... *shakes head* Oi.

CCP's response was correct in this situation. There's just no possible way anyone with current knowledge of networking can say otherwise.


thank you for stating that. i agree, it is just too much to explain the details...
i just wanted to add: you cannot fight ddos by blocking the traffic it causes - because the traffic then already happened! the only way to counter ddos is by filtering/redirecting the traffic on the providers side and/or by shutting down the botnet nodes that cause the traffic! and if the ddos is done right (hate to say that) you cannot do ANYTHING against it but to wait until it stops.

CCP has done the right thing. as raskin said, ddos often is done to cloak the real attack. you cannot know when it is just for the "lulz". i hope these stupid kids come to their senses when they realize they just get no support for their bored bull****ting. not even on 4chan. these guys are like the griefers in eve online. they do it for the tears and the whining.

...so stop whining please ;)


cu
twojohn

p.s. i am a too slow poster... Rolling Eyes

Mike Takumi
Caldari
hirr
Morsus Mihi
Posted - 2011.06.15 01:22:00 - [259]
 

Just curious, all these Atlas. people claiming responsibility will be banned, yes? They've claimed themselves guilty, so I guess they would like judgement of the banhammer.

Jormungandr Bastanold
Posted - 2011.06.15 01:24:00 - [260]
 

You could be in the corp and inactive for 6 month. I would not ban a whole corp.

topix92
Posted - 2011.06.15 01:24:00 - [261]
 

Originally by: Lancot
I want to address a few things here.

1. CCP did good. Maybe it wasn't the best solution to the problem, but given the reputation of LulzSec (they do seem to have a few who actually know what they are doing), it was the safest solution. A server that is not running is 100% guaranteed not hackable. Also, this decision had another, more subtle, effect. According to LulzSec tweets, they were annoyed/disappointed by the fact that CCP simply wasn't playing along and shut everything down. So in the end, DDOSing Eve wasn't that much of lulz as they expected it to be. It's like someone scrambling your precious ship and you simply self-destroying the ship. It takes out the fun and you give the attacker the proverbial finger.

2. The community was something to be proud of in the last hours. I wasn't on the forums but anywhere else on the internet, I could only read about slight annoyance from the community. No full-blown rage attacks, no immature statements about how stupid everything is (although the statement itself was everywhere, but just in a mature way), etc. You guys rock (until you blow me to smithereens, then you're just cool).

3. How about we order those guys at CCP some pizza, since they do have to work at night right now for our universe to be running?


So right, i didn't find much complains from EVEplayers, the League of Legends players WAS hilarious to read when they raged at this. CCP did the right thing on many grounds for one to prevent personal information to be leaked, two so LulzSec got bored of DDosing them after a while.

Demitrios
Di-Tron Heavy Industries
Atlas.
Posted - 2011.06.15 01:24:00 - [262]
 

Inappropriate comment removed. Spitfire

Soden Rah
Gallente
EVE University
Ivy League
Posted - 2011.06.15 01:25:00 - [263]
 

Originally by: Uncle AWOL
Originally by: Jormungandr Bastanold
These people, in my own opinion, have a God syndrome. They do those things because they can. They might actually fool themselves into beliving they're "testing the security" or something like twisted that.
this happens every now and then. its sad really that people stupe so low as to believe themselves as superior to the rest of us. or theyve all been watching too many movies. :)
BTW i wouldnt be surprised if they tried to hack Microsoft any time soon. so i would get rid of any card information on any and all sites. if possible



hmmm, would it be worthwhile having special Internet credit cards specially for use on the internets, that expire every few hrs/days, meaning if you shop around all over the place your details expire pretty quickly. (this would be like a security token that spits out new credit card details every few hrs)

Any thoughts?

JEK3
Posted - 2011.06.15 01:26:00 - [264]
 

Originally by: count sporkula
There is a very simple answer for this. sometimes the start of dos - ddos - rddos attack is used to mask other intrusions until they finish and can cover their tracks. it is very wise to remove this possibility before they finish. if they where mucking around in there you want all the tracks you can get...

it was perfectly reasonable for them to do this. they get a thumbs up from me.

Thank you for your answer count sporkula. That cleared up some things for me. I still think CCP could have added what you said to their statement to make everything clear to the less "PC technical" users.
Of one thing I'm still unsure. To me, it looks like the time it took to CCP to tell us our data were secure and not stolen was very short. Can you really come out with that kind of conclusion so quick?

Cheers JEK3




Originally by: JEK3
Originally by: Sister Virgin
A DOS or Denial of Service attack (most commonly done with a ping flood) is most often
completely different than a hacking attempt to breach a database.

Why CCP suddenly took credit for making sure credit card data was safe makes no sense, as
someone attempting to obtain files would not call attention to themselves with something as
stupid and simple as a DOS attack.

Two COMPLETELY different things.

It sounds like CCP has ****ed someone off big time whom is retaliating by flooding the servers.
And CCP to pull some smoke and mirrors has used that to their advantage to try to make themselves
look like heros.

Some people are not THAT stupid.... Sigh....


Oh and some advice to CCP. Seek some advice and do some research about how eBay and Amazon prevent this.
I suspect you can just make your servers ignore pings. That simple. (I hope)

To players; Until CCP does that, I predict they could be down for days until law enforcement can intervene.

Sucks, I wanted to play today.

Cheers

Sister Virgin
Aged, Retired, REAL Hacker and Phreaker



I was about to write that when I saw your post Sister Virgin. I cannot put that better ;-)

CCP, I think you should really answer to that post, as it contains a few interesting points!


Mike Takumi
Caldari
hirr
Morsus Mihi
Posted - 2011.06.15 01:27:00 - [265]
 

Originally by: Jormungandr Bastanold
You could be in the corp and inactive for 6 month. I would not ban a whole corp.

I didn't say a whole corp, just the people who are dumb enough to be seriously trying to claim responsibility for the attack.

Alvani
Posted - 2011.06.15 01:27:00 - [266]
 

You know... I was going to make a post regarding this is more detail, however I will share some info....

Some group called lulzsec is claiming responsibility. They offer their hacking services to people who pay them, and their website contains admin accounts to various game companies (they are proud of their hacking).

This claim was made on their twitter (https://twitter.com/#!/LulzSec)
Their website is: http://lulzsecurity.com
If you click on "releases" you can find all the account information and passwords for various companies and their admin staff.

CCP... USE their claim and sue the pants off them for this.

By the way, the corp who owns the following website paid LulzSec to do the attack... At least this is what they claim.
http://killboard.atlas-dot.net

Their post regarding it taunts a GM to ban them for this.

Soden Rah
Gallente
EVE University
Ivy League
Posted - 2011.06.15 01:29:00 - [267]
 

Originally by: Mike Takumi
Originally by: Jormungandr Bastanold
You could be in the corp and inactive for 6 month. I would not ban a whole corp.

I didn't say a whole corp, just the people who are dumb enough to be seriously trying to claim responsibility for the attack.


to do it legally... which part of the EULER covers flapping mouth off on forum claiming to have caused DDoS attack?

Jormungandr Bastanold
Posted - 2011.06.15 01:29:00 - [268]
 

Originally by: Soden Rah
Originally by: Mike Takumi
Originally by: Jormungandr Bastanold
You could be in the corp and inactive for 6 month. I would not ban a whole corp.

I didn't say a whole corp, just the people who are dumb enough to be seriously trying to claim responsibility for the attack.


to do it legally... which part of the EULER covers flapping mouth off on forum claiming to have caused DDoS attack?

Illegal activities. Ban pending investigation.

topix92
Posted - 2011.06.15 01:30:00 - [269]
 

Originally by: Mike Takumi
Originally by: Jormungandr Bastanold
You could be in the corp and inactive for 6 month. I would not ban a whole corp.

I didn't say a whole corp, just the people who are dumb enough to be seriously trying to claim responsibility for the attack.


Well the possibility is that your computer can be one of the computers used to make the DEATHBALL OF DDoS. You just dont know it. :D

BeanBagKing
Terra Incognita
Intrepid Crossing
Posted - 2011.06.15 01:31:00 - [270]
 

Edited by: BeanBagKing on 15/06/2011 01:32:06
I have a suggestion (not that it'll ever happen). We have a lot of people whining for compensation. I don't think we deserve any because a) none of this is CCP's fault b) I'm not the type of person who thinks I'm entitled to anything, especially in a game. and c) periodic unscheduled downtime should be expected by everyone anyway, CCP doesn't award compensation for any of those.

However, here's what I say we do. Since it wasn't CCP's fault (point a), then if/when LolSec is ever caught, I'm sure a lot of charges will be thrown at them, and I wouldn't be surprised if CCP's lawyers are doing some of the throwing. They should file a civil suit against them on the consumers (our) behalf at a rate of ($15 /30 days / 24 hours = ) .02 cents per hour for 5 hours of downtime times 500,000 (estimate) accounts which may or may not have been trying to log on, which would be somewhere around $52,000 (if I've done my math right, probably not). Then apply that in game time to all active accounts. Not so much because it's a great amount of time we missed or its a great amount of money for CCP but a front page post that they did it "for the lolz" would be an epic pun and it'd be one more thing to throw at them.

For those of you who are now going to poke holes in my math/law knowledge, I'm sure there's plenty and this will never happen, still, have at it if it makes you happy Razz


Pages: first : previous : ... 5 6 7 8 [9] 10 11 12 13 ... : last (25)

This thread is older than 90 days and has been locked due to inactivity.


 


The new forums are live

Please adjust your bookmarks to https://forums.eveonline.com

These forums are archived and read-only