Serious Question: How Long?

Fabermor-frostwolf · September 9, 2019, 4:15am

There is tracking, its called follow the call home signal… which once you identify the botnet its easy enough to get inducted into it… Whats harder is shutting it down fully

Elaice-blades-edge · September 9, 2019, 4:16am

Wasn’t that Lizard Squad?

Eurilli-garrosh · September 9, 2019, 4:19am

Ahh thanks. Guessing whatever service or tools they are using to identify the attacks are flagging the sources as nix or mostly nix , probably iot devices. Would hope its just step 1 blanket step and its quickly followed by a fine tuning. Suprised at this strat though, very basic.

/edittosharethepopcorn

Cricket-myzrael · September 9, 2019, 4:24am

Actually Blizzard can stop DDOS events. They just don’t want to spend the money to do it.

Fabermor-frostwolf · September 9, 2019, 4:26am

Never go near a network, also Congratulations you build and manage databases in Azure… Which from a management perspective is designed to be as simple as possible to allow high adaptation into market

Liriss-spinebreaker · September 9, 2019, 4:27am

Hi Widdly. And no, eveything in:

[note: wrong->] “Blizzard could absolutely do something about it by switching to virtual distributed servers through AWS or Google. They would save money if they get rid of some of their datacenters, using a couple as raid backups for the virtual servers. It’s not an issue of cost.” …

…is utterly wrongheaded for compute-bound services. While different models of distributing a service across the backbone topology can mitigate different types of attacks, it’s essentially guaranteed that a company would ideally want to control those datacenters as much as possible, especially when tight control, / coördination or intellectual property is taken into account. Do you have any idea how many vulnerabilities have been found in cloud networks? The measures required to mitigate even just side channel attacks - i.e not sharing your cloud servers at all - tends to immediately sink any hypothetical savings.

So one would absolutely expect a company to create their own fully-controlled cloud service for their exclusive use, not use any other company’s cloud.

Otherwise see Algolagnist’s post, he’s entirely correct.

Widdly-burning-legion · September 9, 2019, 4:31am

Celessi:

I DO database design, implementation, and management professionally. I’m literally in charge of my team that handles this.

Data science is not synonymous with web-based databases. And you’re extremely unlikely to be getting hired to manage Azure databases with a background in data science. That’s way too technical for your background, because now you’re getting into being knowledgeable about cloud servers. I don’t want a masters in data science handling my network, I want someone with a minimum of a Network+ certification for that, while preferring them also have their Security+, and very highly preferring a computer science degree combined with that for the programming knowledge that is required for handling the network.

Your mistake was you found the word “data” and immediately thought of computers. Computers are only a tool that you’d use in the analysis of your data. Not to be confused with a database administrator, who is the person who manages a computerized database.

You’re so far off with what these jobs even do that it’s insanely easy to tell that you don’t do any of this for a living. I know what the people on my team do. And we DO NOT use data scientists in IT. If you really do have that degree, then you were hired into the administration department, where your job is primarily business analytics.

Stop lying to us, we’re not stupid.

You have literally zero knowledge of what you keep claiming about data science because you’re flat wrong. Stop telling me that what I know intimately is somthing else. I deal with a lot of automated databases for data gathering and write all the transactionary rules regarding these databases as well. These are mostly internal (for each client). I’ve also created several hyperledger testbed servers as well recently, that I am currently working for on a project now. These hyperledger fabric servers I set up on, guess what, virtual servers distributed on an internal network to test the p2p transactionary rules I put in.

You’re clueless if you think setting up Azure databases in SMSS and utilizing SRSS is beyond someone studied in data science, it’s literally what we learn about. How are you so ignorant about what data science is? Who let you manage anyone? You probably think designing, building, writing all the rules for, and managing an Azure database is ‘way too technical’ because it’s above your paygrade.

You keep going on about things you know in networking and programming while being totally ignorant to databasing and servers, I’m not going to sit here and tell you how to manage networks like you’re not going to sit there and tell me how virtual distributed databasing works, stop.

Also, I don’t do IT, IT is entry level trivial stuff. Go back to what you know and stop telling others what their job entails or what kind of knowledge is required. Net+ and Sec+? What a joke, I could do most of that at 16 before I even graduated highschool. You work in some IT support department, you don’t know anything about the internal design and function of the processes you monitor and use software to correct.

As for you who keep claiming I keep describing different job roles, my title at my company is Senior Data Engineer, but I consider myself a full stack data scientist.

Also, I’m done arguing with people who don’t have a clue, cya.

A link for you to read a brief synopsis of what data science and engineering is, so you inform yourself and not look stupid (like you do now) whenever you deal with someone whose field it is (if you do) professionally.

mastersindatascience. org/careers/data-engineer/

Feardozer-yojamba · September 9, 2019, 4:41am

DDOS is a very expensive attack. Depends on the infrastructure it may cost hundreds of thousand dollars a day. So if it’s a real DDOS, although I think it’s BS, people should have a really good reason to spend that much money.

Liriss-spinebreaker · September 9, 2019, 4:46am

Widdly seems to be playing a clueless, self-enamored troll rather well (go Horde?) and is entirely missing that the corrections he’s getting are from those who are substantially better qualified to understand the situation than he is, or will trouble to be. No point in feeding a troll.

Dawndew-grobbulus · September 9, 2019, 4:50am

Well I mean imagine a young man who now will have his life ruined, won’t be able to get a job as easily, maybe have a hard time making relationships with his relatives since they only think of him as a criminal and like that.

It is just a big waste of human potential and of his potential happiness. Not something to be celebrated I feel.

Fox-atiesh · September 9, 2019, 4:50am

It depends on how long it takes for mommy’s credit card to get maxxed out by the bot farm I suppose. Or perhaps he might get stopped short by someone kicking down his door.

Maldonix-aerie-peak · September 9, 2019, 5:05am

I would guess that latency would increase as data traffic was rerouted and filtered, but the game might still be playable in the meantime. I wouldn’t suggest playing a game with permadeath (like D3 Hardcore mode) under such conditions though.

Widdly-burning-legion · September 9, 2019, 5:16am

If you think they are ‘better qualified’, you apparently aren’t qualified to read.

Eurilli-garrosh · September 9, 2019, 5:20am

Latency is one of the biggest issue of using a scrubbing service. For ecommerce not a big deal. For something like wow, it could leave the game barely playable. However with proper planning and design with said partner service the latency could be reduced, tweaked to maybe be doable. However not knowing Bliz architect I couldnt guess.

Patti-kirtonos · September 9, 2019, 6:35am

shares popcorn with people arguing as well as spectators

We’ve devolved into a dick measuring contest on some sides.

As someone totally unqualified to know who’s bullsh1tting (masters in music, lol). It seems wiggly is most full of sh1t, or at least, woke up on the wrong side of the bed.

Elite-kurinnaxx · September 9, 2019, 6:40am

You don’t think Activision/Blizzard, a multi-billion dollar company have friends in high places?

I don’t claim any knowledge on the matter, so I don’t know either, but I would imagine that they can (and likely do) pay some pretty expensive lawyers with some pretty serious sway to expedite search warrants, etc. as needed.

Maggotrot-benediction · September 9, 2019, 7:05am

I am a DevOps Engineer by trade. Currently a Senior DevOps Engineer at the company I am gainfully employed at. There is a lot of misinformation, and people talking past each other in this thread. I see a lot of incorrectly used terms.

Not sure who made the claim that AWS was just microservices for instance, but you are incorrect friend. AWS is virtualization, and SaaS solutions. Microservices in the form of EKS is certainly among those offered, but until a few months ago, AWS’s Kubernetes management solution was hot garbage. Also AWS is not just “web services”. They provide virtual machines, I can host my mail server, my game servers, whatever other kind of service I want out of AWS. Assuming it is just web services is silly.

All that being said, I am sure Blizzard is on top of things from a technology standpoint and is actually using containerization where it makes sense (I hope), and virtualization elsewhere.

So to be specifically clear, you cannot stop a DDoS short of somehow pulling the plug from the CNC of the botnet. You can mitigate them with some success, which I do have real life experience doing, but it really depends on the size of the DDoS.

The two common nethods for mitigation are scaling, and filtering. With the first method, you basically grow your service to enough nodes that the botnet cannot reliably target all of them, or they cannot distribute enough traffic to target all of them. It can get extremely pricey, and the application itself has to be designed to scale like this.

The second method usually involves falling behind a service where the traffic is accepted, examined by an automated process, then passed through if it looks legit or dropped if it does not. This can also be very expensive.

I believe the second is what Blizz is currently doing, or did, during the first attack. That was why the server IPs changed, and then the attacker didn’t manage to do much after. This is likely why he started targeting Blizzard’s upstream providers instead.

If you made it this far through my techno-jargon filled rant, have a virtual high five and a virtual cookie! <3

EDIT: “This” is not spelled like “Thos” no matter what my fat fingers think.

Ceeyoo-aegwynn · September 9, 2019, 7:15am

Thank you.

Patti-kirtonos · September 9, 2019, 7:24am

Well, you seem to be a voice of reason about something I don’t understand. Thank you sir.

Algolagnist-mankrik · September 9, 2019, 1:01pm

You can run absolutely anything in a docker container. I run Plex and Factorio (and some Rust apps!). But I would definitely say two things:

the vast majority of content hosted in container services are .NET/Java/Node (and the like) web services intended for use in web-based applications. these apps have lower performance requirements and are relatively easy to build, making them ideal candidates
containerization is absolutely not intended to be a defense mechanism for denial of service attacks just because it’s scaleable (which is how it was originally portrayed by OP)

Thanks for your input.