I’m not an expert on DDoS attacks. Maybe someone else is… which is why I am posting this.
My thoughts were… surely in this day and age (ok, fine, I’ll try not to call you Shirley), there are ways to defend against or mitigate DDoS attacks? Like not accepting connections from the IPs who are doing the attacks, or somehow filtering those IPs? And surely (whoops… did it again), IPs can be traced, people reported to authorities, etc?
I have no doubt that I’m wrong with these initial thoughts, and I know that “nothing’s easy,” especially with complicated tech stuff. I’m just looking for someone to chime in and explain the mechanics of DDoS, why it is difficult to defend against, etc.
Yeah, I already kind of figured that to block an IP with software running on your own system, at a minimum you’d still have to read the IP, and run it through a filter (whether that be comparing it with a list of banned IPs or whatever else). I just figured there was probably some better way to do it, and that this was probably some ‘naive’ or ‘low effort’ attempt to solve the problem. I figured there must be some better solution, like using specialized hardware, blocking IPs way upstream before they can get to you, etc. Again, I admit I know little of the topic, which is why I posted this.
Are you saying that DDoS attacks can basically just cripple anything on the internet, and that if you are under attack you are basically just shite-out-of-luck? If so, then how do high-profile entities (banks, google, facebook, youtube, etc) ever keep any operations up? How does Fox News maintain an internet presence? Etc.
Google/Youtube, etc. have billions of users. CCP not so much. Google is one of the largest companies on earth. They have so many employees and backup servers around the world that it’s hard to fathom. So exactly, it’s an issue of size/money.
You are saying that a company the size of CCP has no recourse, other than to go under. Naturally I mean in the face of a determined enough, large enough attack (if attackers give up and move on after a while, it will just amount to a nuisance and money loss for the company and its customers) . Already service has been denied for the better part of a couple of days, if you count the other DDoS attacks that happened within the last couple of days.
The attacker/s is/are likely using a VPN or Tor to control malicious software on uninvolved parties boxes to rapidly send malicious packets to CCP’s servers. CCP’s recourse is to remain calm while they gather data on the attacks in order to strengthen the software running on their servers from future attacks, and ultimately the attacker’s botnet will shrink due to the malicious software being found and removed. All of this takes time. Also, if the attacker/s is/are using a VPN it’s possible to pinpoint their IP and prosecute them, but this is a long shot and takes lots of time/resources also.
The whole point of a DDOS is that you have like 10k of different systems which simultaneously try to flood the target with requests so it’s connection gets saturated.
Those 10k are your moms laptop, your unpatched internet router, your unpatched security camera with wifi… you get the picture. They are not criminals, except if you want to make people accountable for not maintaining their devices, which often is not even possible even if they where aware of the problem.
So tracing and reporting is not an option. For blocking, how? I mean the packet already used the bandwidth when your firewall receives it and decides if it has to block it, so that does no good. If you have a centralised service like EVE Online, there is not much you can do to defend against such attacks.
So, again, folks are saying there is really no recourse. I’m not arguing, mind you, I’m just stating, in an obvious way, what the conclusion seems to be.
If so, then we have to accept that - at least with current technology, methods, etc. - if someone wants to, and is determined enough, then THEORETICALLY they can force your online-based company to fold under. Period. Paragraph.