insert mj eating popcorn GIF
2 Likes
That he could basically what he is doing is taking a bunch of virused computers and running a bot programming to all log into the server / servers at once and basically making it so the server crashes. Once the server crashes the combined effort of everyone trying to get back on + the added attack of the ddoser makes it so the servers cant be ran stable.
Your a professional in a different field telling someone whose profession it is to do exactly these things that you know more about it?
Iâm done dude youâre a complete moron. Have fun being wrong.
Go read the documentation. Try again.
Work at building databases for 5 years professionally and having a masters in data science. Try again.
So why did twitch, which is run by amazon. Get knocked out for most of the day on the 6th? Guess money cant buy everything.
1 Like
Well, no, not really. If Blizzard decided to not do anything to mitigate or stop it and just tried to wait him out, then it would go on forever or until something happened like them losing internet (assuming all of the computers involved are on the same network, which is unlikely), or the botnet was taken down, or some other act of God that would cripple their ability to send massive amounts of useless data to the servers.
In reality, there are things that Blizzard and their ISPs can do. One example is something called a scrubbing center, generally a third party that your traffic is diverted to that filters out all (or at least a lot) of the attackerâs packets while then allowing safe packets (so in our case, playersâ) to then go on to Blizzardâs servers.
If youâre interested in how a large scale attack can be stopped, I would definitely recommend looking at the attack against GitHub in 2018. It was, at the time, the largest DDoS attack ever recorded, peaking at 1.35 Tbps (as in Terabits per second). When they identified the attack, they had Akamai Prolexic step in, having everything sent to their scrubbing centers before being redirected to GitHub if they were deemed clean.
GitHub was offline for like five minutes. The attack began at 5:21PM, traffic was redirected to Akamai at 5:26, GitHub recovered by 5:30. The attackers gave up shortly after, with only one (relatively) small spike in traffic at around 6:00 before ending entirely.
One thing to note, though: Iâm not entirely certain how well something like that would work for something like WoW. I do study Computer Science but this area is not my specialty, and although I suspect that there may be some complications with using a scrubbing center on a live service game, I may be wrong, so if anyone has an actual answer to that part, Iâd love to hear it.
Any idiot with google and 20 minutes can build an Azure database. The complexity is in management of them. In simple terms, youâre the guy who makes layering in classic work. You do absolutely NOTHING about handling incoming requests from the internet. Thatâs your network administrator who 9/10 is a software developer.
I have 5 years of managing entirety IT and social media/advertising for a business where sensitive information has to be kept in constant potential reach. I think I would know that Algolagnist knows what heâs talking about. My job is to understand enough to know which of the 2 of you Iâd hire to be responsible for the security of our servers. Iâd also look into what a masterâs in data science actually entails. Your degree does nothing for me. I need someone who understands whatâs going on on my system when people connect to it and potentially attempt something like this. You work internally. I need someone who understands what makes security threats possible. I need someone who KNOWS networking. The software developer is more likely to actually be certified in network administration, or be able to obtain it NOW, than someone who studied data, which doesnât even require a background in IT, which is why Iâm kind of doubting your claims.
The biggest issue with this is that they donât typically work on waiting for humans to get involved. Itâs automated. What triggers it is sudden massive spikes in requests. WoW is full of those from just legitimate players logging into the game.
1 Like
I stand by my statement. If DDOS were easy to stop, it wouldnât be a global threat.
I want to point something out though: Iâm not here to attack you. I really donât care about you or your credentials. Iâve spent the better part of my adult life building various systems, and I can say that Iâve had the good fortune of a userbase that has been extremely positive. I canât say the same for video games; there is an unreal amount of toxicity being spewed out in forums like this one and itâs disgusting. Try to remember: this game was built by a group of people that wanted to build something that you would love. I can promise you that this game is not trivial, and that they probably spent the better part of 5 years building it.
Try to show some respect and understand that the service provider is the victim. Thatâs the point of a DDOS.
continues munching popcorn
5 Likes
I not only design the databases, I migrate, and manage them. I am also responsible for the data that these databases store. I am at an executive level and manage people under me. You have no idea what I do. You have no clue. You donât even know what data sciences entail from youâre statement about it. Itâs focused mainly on engineering data structures (databases) and how they work.
If you think this is a âsecutiry issueâ you doubly have no idea what youâre talking about. Youâre some network manager who has no idea how databasing works. Software developers are clueless in this kind of thing unless specifically learned in it too.
The whole point of distributed virtual servers is that Blizzard wouldnât need IT sec, they are paying a third party to virtually host their servers who also handle the âsecurityâ end, which by the way doesnât need any people as itâs a baked in feature of the virtual operating systems running the server. IT is a joke, they are the people I go to and help them fix stuff they donât understand, and people who write software too.
The field I specifically work in requires me to work with the US Army Corps of Engineers on a regular basis and I handle a ton of their data requests as well. You think your âsocial media/adâ business is sensitive and now you know everything about security by being in that field? Cute.
Just my opinion but any engineer making 6 figures probably wouldnt act like a child on a video game forum. Also if you are who you say why does every major company get hit with DDOS attacks every year if they are so easy to protect against.
1 Like
Usually these attacks eventually peter out, and in the interim can be filtered somewhat upstream although with a lot of attacks, filtering becomes a cat-and-mouse game.
In the event that it continues for an excessively long period of time there are options for mitigation. However, cost and complexity become issues depending on the implementation. The most robust systems also arenât exactly something that can be rolled out overnight either: by the time itâs all set up the attacker will have likely moved on to other targets anyway.
1 Like
Wrong. Thatâs database administration. Data science is what most people think a statistician does.
1 Like
Right, that makes sense. Although I thought that I had read the command to divert traffic to Akamai was manual, but I could have misinterpreted it or perhaps theyâre just one of the few to have not automated it at that point.
What about any impact on players, though? I mean I know that not doing it would probably be worse for the players anyway, but would redirecting traffic to those centers potentially result in things like increased latency or misidentify legitimate packets as being part of the attack, resulting in more issues for the players?
1 Like
Iâm guessing GitHub dealt directly with their ISP on it. Most complete systems automatically redirect, but are risky for a game like this.
Basically, either you call your ISP to make them aware, or you use a company who you route the connection to your server through their server. So your .com would point to their server, and then theyâd redirect users to yours.
Wrong.
Why do people feel so compelled to talk about things with authority that they have no idea about?
I am not a database administrator. The fact you think what I said describes a database admin is laughable.
Data science does have some statistics involved, but nothing to do with databases, itâs more for data analysis using languages like python and R.
What makes you so compelled to keep saying stuff off the cuff when you donât have any idea what it is youâre talking about?
Wait, youâre attacking the victim and youâre a data scientist?
Dude. Give it a rest.
No. Thatâs database programming.
You understand that data science does not require digital data, right? It has absolutely nothing to do with the internet or computers. Theyâre just the most common medium for data scientists.
Again, data science is what most people think a statistician does. You know, collecting and analyzing data. Programming systems to analyze that data for you, is called database programming. Implementing those systems to organize and analyze DIGITAL data for an end-user, is called database administration.
Youâre mixing 3 entirely different jobs into one.
1 Like