forums.rs

Forums

Update on Service Disruptions

Quick find code: 294-295-293-65202916

of 39
The contents of this message have been hidden.

07-Nov-2013 19:55:49

Malekahtepes
Mar Member 2022

Malekahtepes

Posts: 639 Steel Posts by user Forum Profile RuneMetrics Profile
If other major MMO's get hit by DDoS attacks when they have even more infrastructure and support in place, it isn't a stretch that Jagex could get hit also.

On top of this, for those of you saying it isn't the bots harassing due to the claims on that other forum, well let me tell you something from a network security perspective. Script Kiddies a lot of times like to claim they did something when they did not. This is nothing new.

These sort of attacks are not easy to trace because they rely on a controller proxy, basically a commanding system sends orders to bots generally hidden in downloads (All those people who downloaded macro software or torrent movies). These multitudes of bots then send floods of packets to a designated port, generally the one with the particular open service.

There's also quite a bit of difference from an individual attacking a small business site and a large scale opposition.

If the NSA can be hit by a DDoS and have its website shutdown, don't you think Jagex is probably vulnerable too?

As for supporting them? Yes, nice job supporting criminals that are doing this out of greed. Most likely it isn't even any legitimate players, its unlikely that many of the angry players have the technical knowledge beyond perhaps hiring a botnet service, at least not on the scale to cause the level of disruptions reported.

It has to be a rather organized effort to shut down corporate servers that have a number of safeguards in place, I would expect this from goldfarmer organizations more than dissatisfied players.

07-Nov-2013 20:15:41

Syldra

Syldra

Posts: 414 Silver Posts by user Forum Profile RuneMetrics Profile
Ben P said :
Since when can a multigigabit ddos knock out a ISP?

Are we back in the 90's? I forget sometimes, the knowledge on this forum seems to come from wiki pages that haven't been edited for years.

If Jagex were facing a small group of large-scale ddos'ers, they would have been caught very quickly. The problem arises when you have many smaller-scale attacks between intermittent large-scale attacks, this is when you need mitigating severs; it's all about the timing and method not about the raw size.

Multi-gigabit, other than the reference to all it would take to drown out a software firewall, includes "100s of gigabits". That much spare throughput is something small ISPs who actually sell services to end-customers don't have laying about. "ISP" doesn't mean "core Internet infrastructure". Maybe some of the largest national ISPs can soak that up easily, but the ISPs they rent to can not... Which is why expensive services exist, who manage power-guzzling, $10,000 equipment to swallow an attack as far out from the bottleneck as possible.

I have no idea why you think a larger attack would lead to anyone getting caught. It's not like you make a mess on the Internet big enough that people suddenly see you doing it, we know there are 100s of thousands of rogue nodes and a few thousand more or less doesn't make a difference. Unless you mean "the attack caught and stopped", which is just ridiculous.

I also have no idea why you think small attacks need mitigation more than large attacks. It is exclusively the large attacks that need third-party mitigation, that need to be managed closer to their sources, which means cooperation and distribution.

I'm not sure what you think "mitigating severs" are. Mitigating DDoS attacks is indeed about raw size (at the point of mitigation). Whether the timing is inconvenient to you as the target is irrelevant. Maybe you should study these wikis you're so fond of a little harder.

07-Nov-2013 20:29:16

Void J
Dec Member 2021

Void J

Posts: 244 Silver Posts by user Forum Profile RuneMetrics Profile
all this time i thought the servers were just kept poorly, even when on low detail i lag, might be my computer but sometimes its the server. i also found RuneScape runs better when java is not installed but if i want to play OSRS sometime i need it, i was wondering if OSRS could have its power come from anything that runs smoother than java so i can un-install that piece of crap. Here for a good time, not a long time. :)

07-Nov-2013 20:51:09

Kats Whisker
Jun Member 2007

Kats Whisker

Posts: 1,429 Mithril Posts by user Forum Profile RuneMetrics Profile
Shame on you Jagex if it has taken a year to DDOS proof yourselfs. You do need to hire a few ICT Security Professionals. I have also worked for an organisation that was a constant target and we found ways to not impact services. Some were very similar to methods described already in this thread.

Kats

07-Nov-2013 21:12:20

Malekahtepes
Mar Member 2022

Malekahtepes

Posts: 639 Steel Posts by user Forum Profile RuneMetrics Profile
The NSA just got hit a few days ago. Quit acting like its so easy to counter large scale organized DDoS attacks.

It takes time and money to develop an appropriate security infrastructure as well as active monitoring in many cases in response to large scale attacks. Obviously the attacks have increased in the last couple of months, likely due to additional measures against goldfarmers (bonds), so other than minor lag it was generally manageable until recently.

07-Nov-2013 21:20:40

Alondro D
Feb Member 2010

Alondro D

Posts: 274 Silver Posts by user Forum Profile RuneMetrics Profile
Oh my god.

The facepalm of the year goes to:
Tank Tetsu


What you are doing is supporting a criminal act. This is beyond any cynicism. Looks like you are one of the immature users of suspect forums Mod MMG is talking about in his statement.

07-Nov-2013 21:36:38

Quick find code: 294-295-293-65202916 Back to Top