| Pages: 1 [2] 3 :: one page |
| Author |
Thread Statistics | Show CCP posts - 0 post(s) |
N'maro Makari
   |
Posted - 2011.06.15 08:37:00 -
[31]
 Originally by: Daxine Myth
Taking the game Server down for DDos attack is stupid and there is no point in putting it back up if your just going to take it down every time it happens. It's about time CCP took game security more seriously by implementing security features into the client at the users end to distinguish between genuine requests and malicious requests. They should also put bot and script detection software amongst the EVE client to actively prevent and detect bots, Eve is becoming a game where rules do not matter anymore and people are becoming sick of CCP's soft touch against deliberate rule breaking.
Wow, ok, I guess I might just be a little overprotective of my credit card details...
|
Xervish Krin
|
Posted - 2011.06.15 10:03:00 -
[32]
Agreed. Obviously CCP shouldn't make the effort to ensure unimportant information such as credit card details is secure if it means cutting off Internet Spaceships for few hours.
We didn't want that bank account anyways.
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.06.15 10:09:00 -
[33]
Originally by: Xervish Krin
Agreed. Obviously CCP shouldn't make the effort to ensure unimportant information such as credit card details is secure if it means cutting off Internet Spaceships for few hours.
We didn't want that bank account anyways.
Given the fact that DDOS's come AFTER a breach, you pulled the plug too late.
You should talk to Epic. and Sony... They all had DDOS's, which also covered their data thefts.
Nato/Lulsec never leave empty handed
|
Noriaki Sugiyama
|
Posted - 2011.06.15 10:29:00 -
[34]
So It was Lulzsec or not? We need official comments of CCP!
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.06.15 10:31:00 -
[35]
Originally by: Noriaki Sugiyama
So It was Lulzsec or not? We need official comments of CCP!
It was Lulz, but who is Lulz? Nato front to blacken Anon?
Most likely since gamers and nerds community is their support backbone, Anon is political and targeting Fed, Bernanake, IMF etc.
Lulz are attacking that support base and its working.
Seems to go in the opposite direction to Anon, wonder why. Yeah as NATO said, target ANON, seems to be working.
|
Doctor Ungabungas
Caldari
GoonWaffe
Goonswarm Federation
|
Posted - 2011.06.15 10:35:00 -
[36]
If you are running a web server that serves your favorite kitten pages, you probably don't need to turn your server off.
If you are running a complex network of servers performing various roles then yes, you do have to turn your 'server' off.
|
DuKackBoon
|
Posted - 2011.06.15 10:37:00 -
[37]
Originally by: Daxine Myth
Taking the game Server down for DDos attack is stupid and there is no point in putting it back up if your just going to take it down every time it happens. It's about time CCP took game security more seriously by implementing security features into the client at the users end to distinguish between genuine requests and malicious requests. They should also put bot and script detection software amongst the EVE client to actively prevent and detect bots, Eve is becoming a game where rules do not matter anymore and people are becoming sick of CCP's soft touch against deliberate rule breaking.
When will people get it's not possible to defend against a DDoS attack, only mitigate its effects by having a omgwtfbbq server farm?
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.06.15 10:38:00 -
[38]
Originally by: Doctor Ungabungas
If you are running a web server that serves your favorite kitten pages, you probably don't need to turn your server off.
If you are running a complex network of servers performing various roles then yes, you do have to turn your 'server' off.
Yes, but what did they notice first? The high pings or the breach? Im guessing the DDOS. Which comes AFTER a breach.
|
Doctor Ungabungas
Caldari
GoonWaffe
Goonswarm Federation
|
Posted - 2011.06.15 10:41:00 -
[39]
Well, there hasn't been any indication that there has been a breach so 
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.06.15 10:45:00 -
[40]
Originally by: Doctor Ungabungas
Well, there hasn't been any indication that there has been a breach so
Sony and Epic never had indications of a breach either. Masked by the DDOS.
They even admitted that.
|
Doctor Ungabungas
Caldari
GoonWaffe
Goonswarm Federation
|
Posted - 2011.06.15 10:46:00 -
[41]
Originally by: Miilla
Originally by: Doctor Ungabungas
Well, there hasn't been any indication that there has been a breach so
Sony and Epic never had indications of a breach either. Masked by the DDOS.
They even admitted that.
Absence of evidence is not evidence. 
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.06.15 10:49:00 -
[42]
Originally by: Doctor Ungabungas
Originally by: Miilla
Originally by: Doctor Ungabungas
Well, there hasn't been any indication that there has been a breach so
Sony and Epic never had indications of a breach either. Masked by the DDOS.
They even admitted that.
Absence of evidence is not evidence.
http://www.eve-news.com/2011/05/18/ccp-database-dump-rest-story/
http://www.eveonline.com/ingameboard.asp?a=topic&threadID=535208&page=1
http://www.warcry.com/news/view/78155-EVE-Database-Hacked-CCP-Issues-Statement
http://www.eveonline.com/news/newsOfEve.asp?newsID=464
http://www.gamefreaks.co.nz/2011/06/14/hacked-epic-games-website-breached/
https://www.infosecisland.com/blogview/13558-Sony-Tells-Congress-Anonymous-DDoS-Aided-Breach.html
http://blog.us.playstation.com/2011/05/04/sonys-response-to-the-u-s-house-of-representatives/
|
Doctor Ungabungas
Caldari
GoonWaffe
Goonswarm Federation
|
Posted - 2011.06.15 10:52:00 -
[43]
Edited by: Doctor Ungabungas on 15/06/2011 10:53:08
Originally by: Miilla
Originally by: Doctor Ungabungas
Originally by: Miilla
Originally by: Doctor Ungabungas
Well, there hasn't been any indication that there has been a breach so
Sony and Epic never had indications of a breach either. Masked by the DDOS.
They even admitted that.
Absence of evidence is not evidence.
http://www.eve-news.com/2011/05/18/ccp-database-dump-rest-story/
http://www.eveonline.com/ingameboard.asp?a=topic&threadID=535208&page=1
http://www.warcry.com/news/view/78155-EVE-Database-Hacked-CCP-Issues-Statement
http://www.eveonline.com/news/newsOfEve.asp?newsID=464
http://www.gamefreaks.co.nz/2011/06/14/hacked-epic-games-website-breached/
https://www.infosecisland.com/blogview/13558-Sony-Tells-Congress-Anonymous-DDoS-Aided-Breach.html
http://blog.us.playstation.com/2011/05/04/sonys-response-to-the-u-s-house-of-representatives/
That is certainly 0 evidence that anything significant happened today to CCP beyond someone having access to a botnet for a few hours.
Rather than googling for all those links, you could have just said "I have no evidence to backup what I'm saying."
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.06.15 10:56:00 -
[44]
Edited by: Miilla on 15/06/2011 10:55:59
Originally by: Doctor Ungabungas
That is certainly 0 evidence that anything significant happened today to CCP beyond someone having access to a botnet for a few hours.
It is evidence that DDOS's mask breaches more often than not and companies do not publicise that until later or worse, don't even know.
So lets all sit in our comfort blankets made from PR statements stitched together.
See you... next time it happens.
|
Florestan Bronstein
draketrain
Test Alliance Please Ignore
|
Posted - 2011.06.15 10:56:00 -
[45]
Edited by: Florestan Bronstein on 15/06/2011 10:56:32
a ddos throws a ton of malformed/random requests at your servers which will make your IDS go crazy and will make you probably miss the few carefully crafted packets scattered within the noise.
(of course you would not really want to deny service in that case as you still want the server to process your attack vector, you just want to create a lot of noise)
|
Doctor Ungabungas
Caldari
GoonWaffe
Goonswarm Federation
|
Posted - 2011.06.15 10:57:00 -
[46]
Edited by: Doctor Ungabungas on 15/06/2011 10:58:52
Originally by: Miilla
Edited by: Miilla on 15/06/2011 08:35:08
DDOS attacks are usually used to cover an initial breach
DDoS aren't normally used to cover an initial breach. DDoS are normally used either as retaliation for a personal slight or as a commercial blackmail attempt in their own right. (I've only ever dealt with the later.) They can be used to cover up all kinds of things, but for every big hack that makes the news there are hundreds of DDoS that aren't covered by anyone because nothing of value was lost.
You still don't have any evidence that anything significant happened today and standing their with your **** in your hand isn't going to get the rest of us going until you find something worthwhile to show us.
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.06.15 10:58:00 -
[47]
Edited by: Miilla on 15/06/2011 10:59:55
Originally by: Florestan Bronstein
Edited by: Florestan Bronstein on 15/06/2011 10:56:32
a ddos throws a ton of malformed/random requests at your servers which will make your IDS go crazy and will make you probably miss the few carefully crafted packets scattered within the noise.
(of course you would not really want to deny service in that case as you still want the server to process your attack vector, you just want to create a lot of noise)
or just breach then hammer. Either way works, and works well. As Epic and Sony found out.
NatoLulsec walked with data everytime they had a chance from their history of attacks... This one I consider no different. They have never left empty handed.
Given their history of previous attacks. every time it has been a breach , theft then DDOS. Epic DDOSed the same day as CCP, data stolen. Epic forces users to reset.
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.06.15 11:05:00 -
[48]
Originally by: Doctor Ungabungas
Edited by: Doctor Ungabungas on 15/06/2011 10:58:52
Originally by: Miilla
Edited by: Miilla on 15/06/2011 08:35:08
DDOS attacks are usually used to cover an initial breach
DDoS aren't normally used to cover an initial breach. DDoS are normally used either as retaliation for a personal slight or as a commercial blackmail attempt in their own right.
Actually they are used to mask breaches, more often than you think.. You should talk to Sony and Epic. That is exactly what happened to them.. Oh dont worry it is just a DDOS, your data is safe... Months later.. Oh yeah... CC database compromised... Statement to congress... Yup, DDOS masked it.
|
k0f4
|
Posted - 2011.06.15 11:05:00 -
[49]
Edited by: k0f4 on 15/06/2011 11:06:32
lol, the DDOS attack proved one thing.
ccp has outdated routers or old firmware a mmo getting hit by a ddos is common and should not have really forced a total shut down, yeah made it laggy and login goes screwy but to the stage that they had to pull the switch and also scan for intrusion.
ccp basicly poo'd they pants and KNOWING they had bad routeing/firmware/old security patches, pulled switch. No other reason really
|
Obi Kayes
|
Posted - 2011.06.15 11:21:00 -
[50]
Originally by: Tippia
No.
This ^
|
Xearal
Minmatar
SOL Industries
Black Thorne Alliance
|
Posted - 2011.06.15 11:25:00 -
[51]
As has been noted time and time again already in this thread.. while a DDos in itself isn't much of a security issue, and not something that CCP would have a big issue handling, the noise it generates is a good masking for other more nefarious attacks, something which has been happening a lot in the last couple of months, as it's the 'hype' thing to do, it seems by groups like Lulz and Anon.
They have targetted several companies now, Sony, Nintendo, Epic, and now it seems CCP has suffered somethign similar.
As such, the possibility of something nasty happening, and erring on the side of safety, is a very sensible move for CCP. Sure, maybe it was just a DDos, or maybe it was something more. They were right to pull the plug, and I hope their teams manage to check and see everything is alright, and it was just a DDos without anything else happening at the same time.
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.06.15 11:29:00 -
[52]
Edited by: Miilla on 15/06/2011 11:31:21
Originally by: Xearal
As has been noted time and time again already in this thread.. while a DDos in itself isn't much of a security issue, and not something that CCP would have a big issue handling, the noise it generates is a good masking for other more nefarious attacks, something which has been happening a lot in the last couple of months, as it's the 'hype' thing to do, it seems by groups like Lulz and Anon.
They have targetted several companies now, Sony, Nintendo, Epic, and now it seems CCP has suffered somethign similar.
As such, the possibility of something nasty happening, and erring on the side of safety, is a very sensible move for CCP. Sure, maybe it was just a DDos, or maybe it was something more. They were right to pull the plug, and I hope their teams manage to check and see everything is alright, and it was just a DDos without anything else happening at the same time. Even when my card expires, I cannot update the bloody thing until 30 days gametime or less remains.
Anon did not do Sony, Nato-Lulzsec did most likely.
Nato IS AIMING for Anon because Anon is POLITICAL and only hits POLITICAL targets, government etc. not the general public and customers / consumers.
More and more are starting to beleive Nato is actually behind Lulzsec given the statement issued by NATO about their intent to persecute Anon.
No better way to persecute Anon than make the general public go up against any group out of sheer ignorance because it affects them directly.
Anon is political
nato-Lulzsec is generally tramping on everybody with the intent to get as much bad publicity and hatred from people they can, wonder why?
Already people are confusing their intent with Anon. Seems to be working huh?
This is a continuation with the wikileaks wars, and governments are trying to discredit that too, now their target is discrediting anon.
I have no problem with CCP pulling the plug, fine, good. The problem I have is how their account management page works and the fact I have no option to update / remove my CC details and even go via a PAYMENT PROCESSOR so I do not have to retain my CC details on their site. I would prefer just to enter it once for each year I continue to get gametime and not have to worry oh they got breached, do they have my CC details on the site.
|
JibbaJabbas
Minmatar
MOIL
|
Posted - 2011.06.15 11:34:00 -
[53]
I love how these internet nubs who know nothing about hacking
*you cant fight agaisnt ddos*
*you just have to wait it out*
Bull****, the entire server could be proxied onto a shadow server easily enough, pushing the main loop thru another router which would solve the entire problem. Because that is exactly Blizzard does. Any DDOS attack is re-routed into boosting there server, i.e the one who is being attacked.
Who cares about the source. Dont comment on **** you know nothing about you morons.
|
BellaDonna Nyghtshade
|
Posted - 2011.06.15 11:58:00 -
[54]
Originally by: JibbaJabbas
I love how these internet nubs who know nothing about hacking
*you cant fight agaisnt ddos*
*you just have to wait it out*
Bull****, the entire server could be proxied onto a shadow server easily enough, pushing the main loop thru another router which would solve the entire problem. Because that is exactly Blizzard does. Any DDOS attack is re-routed into boosting there server, i.e the one who is being attacked.
Who cares about the source. Dont comment on **** you know nothing about you morons.
Stop trying to confuse them with fact, mate.
Besides, I'm enjoying the show. Haven't seen a parade of 2 brain cell parrots this thick since the last national elections.
|
Vaju Katru
|
Posted - 2011.06.15 11:59:00 -
[55]
Originally by: JibbaJabbas
I love how these internet nubs who know nothing about hacking
*you cant fight agaisnt ddos*
*you just have to wait it out*
Bull****, the entire server could be proxied onto a shadow server easily enough, pushing the main loop thru another router which would solve the entire problem. Because that is exactly Blizzard does. Any DDOS attack is re-routed into boosting there server, i.e the one who is being attacked.
Who cares about the source. Dont comment on **** you know nothing about you morons.
Cool story bro.
|
PhantomMajor
Minmatar
|
Posted - 2011.06.15 12:00:00 -
[56]
So this is the official "Crying that eve was crashed by someone other than CCP thread".
So a couple of sad acts lost their favourite game for a few hours, there are other things that you could have been doing other than staring at the screen attempting to use non-existent jedi mind powers to will life back into the CCP servers, you could've;
1.played another game, World of Tanks was working fine.
2.read a book, you know those things you see on tv that have lots of words in them.
3.go outside and get some exercise fat-so.
the best thing you can do is contact your credit card company and tell them to be on the look-out for suspicious transactions over the next weeks/months.
my first eve video
http://www.youtube.com/watch?v=5ROr6bYLOXY |
Tammarr
|
Posted - 2011.06.15 12:07:00 -
[57]
Miila, I'am sadly on your page. Something is fishy with thoose strikes at entites that should contain alot of supporters for political net activism.
Option #1: They ones behind this stunt are 12 year old boys mentaly, because everyone with a bit of overview on situation can see that the powers of the old world need more excuses to sway popular opinion regarding internet regulations.
Option #2:
...anyone can claim to be lulz.
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.06.15 12:11:00 -
[58]
Edited by: Miilla on 15/06/2011 12:11:44
Originally by: Tammarr
Miila, I'am sadly on your page. Something is fishy with thoose strikes at entites that should contain alot of supporters for political net activism.
Option #1: They ones behind this stunt are 12 year old boys mentaly, because everyone with a bit of overview on situation can see that the powers of the old world need more excuses to sway popular opinion regarding internet regulations.
Option #2:
...anyone can claim to be lulz.
No shame in agreeing with somebody, or being wrong
Nato to persecute Anon
http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=nato+persecute+anon
Anon Denies Sony
https://encrypted.google.com/#hl=en&source=hp&q=anon+deny+sony&aq=f&aqi=&aql=&oq=&bav=on.2,or.r_gc.r_pw.&fp=d41dd9fab4fc6983&biw=1920&bih=849
|
Shemmy
Brutor Tribe
|
Posted - 2011.06.15 12:38:00 -
[59]
Originally by: Miilla
I have no problem with CCP pulling the plug, fine, good. The problem I have is how their account management page works and the fact I have no option to update / remove my CC details and even go via a PAYMENT PROCESSOR so I do not have to retain my CC details on their site. I would prefer just to enter it once for each year I continue to get gametime and not have to worry oh they got breached, do they have my CC details on the site.
How about buying GTC's? Or how about buying a 1 year sub, then cancelling the account? It will play out until your paid time expires and won't renew. One time payment.
I cancelled a sub yesterday, about 3 hours before this all started as it happens, as I'd consolidated some characters. In 36 days, that account will expire. I'll have to enter new payment details if I want to make it work again.
Also, payment by CC on the website includes the CC companies' verification process as well, so I'm not sure what the benefit would be of going through a Payment Processor in preference? Surely they'd just be a bigger and juicier target?
Oh, and enough with the NATO=Lulzsec thing already. If you really think that, then fine, but you're going on about it so much, whilst presenting zero evidence, that you're making yourself look like a certifiable member of the tinfoil hat brigade.
|
Shemmy
Brutor Tribe
|
Posted - 2011.06.15 12:40:00 -
[60]
Originally by: Miilla
Anon Denies Sony
Oh, OK then, flagrant breachers of law claim innocence. Respect is earned and lost, I'm afraid.
|
| |
|
| Pages: 1 [2] 3 :: one page |
| First page | Previous page | Next page | Last page |