Wasn't there a big null sec battle just before the DDOS?

Naturally, that leads to speculation that one side meta-gamed and used DDOS to buy time to get more players/push the battle past the other side's peak time

Was the DDoS attack just some random kids wanting to DDoS something for teh lulz? Or was it something more sinister...
like North Korea! tryin' to steal EVE's advanced ship technology?

Wasn't there a big null sec battle just before the DDOS?

that would be really dumb because just as last year's ddosers found out, there are consequences ... Bubba will have fresh jail meat soon

BTW I lost 2 full jet cans of the Holy Veldspar I will now commence 1000 hail Marys.

I don't care who it was, they need to be found and punished to the fullest extent of the law, if for no other reason than the crime of making me expose myself to the cancer causing rays of that "Luminous sky-blob" (i've heard-tell it was something called "the sun") and forcing me to participate in a neo-pagan ritual where I was forced to eat charred animal flesh (some primitive concoction know as bharr-bee-que or some such).

It's was barbaric...and delicious.

More likely it was a RMT group up to there no-good tactics again. Seriously doubt it was any alliance.

http://community.eveonline.com/news/news-channels/eve-online-news/tranquility-downtime-on-sunday-june-2-and-monday-june-3/

It was not a DDoS attack but someone or a group that was able to exploit a vulnerability to some back-end services.

Confirming our Caracal vs Talwar battle brought down all of Eve. This site really needs a tinfoilhat emoticon.

It states in the first sentence it was a DDoS. The whole point of DDoS is to exploit a vulnerability to gain access.

Maybe it was both. The DDOS attack was a smoke screen. While everyone was busy with that, the hack attempt would go unnoticed.

Except CCP was on the ball and noticed.

This is what me and my peeps was talking about during the server downtime. Just wild guess from the limited info given to us from CCP. It was a good idea to pull the servers down and do a full analysis imo.

Better safe than sorry.

http://community.eveonline.com/news/news-channels/eve-online-news/tranquility-downtime-on-sunday-june-2-and-monday-june-3/

It was not a DDoS attack but someone or a group that was able to exploit a vulnerability to some back-end services.

Was the DDoS attack just some random kids wanting to DDoS something for teh lulz? Or was it something more sinister...
like North Korea! tryin' to steal EVE's advanced ship technology?

it's quite common to use a ddos in order to sneak by other malicious stuff - an IDS will often look for deviations from the statistical patterns of normal network traffic in order to spot intrusions (a ddos drowns out any meaningful patterns) or inspect individual packets (in which case a ddos might cause a poorly configured IDS to choke on all the traffic).

The attention of human staff is of course diverted as well while they are trying to deal with a ddos attack (which will cause delays in them sorting through and reacting to automated reports on potential intrusions).

the ddos is basically a massive smokescreen behind which the attacker is trying to hide his probing and/or intrusion.

Attempted backend services exploit... can you image what a powerful zombie the CCP cluster would make?
Is it possible the attack wasn't aimed at CCP, per se, but rather at gaining access to CCP's horsepower in aid of an attack on a third party?

Attempted backend services exploit... can you image what a powerful zombie the CCP cluster would make?
Is it possible the attack wasn't aimed at CCP, per se, but rather at gaining access to CCP's horsepower in aid of an attack on a third party?

I don't care who's responsible.

What I care about is that my personal information wasn't stolen thanks to CCP being on the ball.

That can't be said for the big boys, including Blizzard and Sony. Any accts I have with them are fake info on throw away email addys thanks to their pathetic past performance.

At this point, CCP is the only one I trust to protect my privacy.

Mr Epeen

There's probably a considerable number of server clusters accessible to varying degrees on the internet with equivalent or greater computing power.

It was a bunch of wow kids. They got mad that eve is growing.

There seem to be a lot of misconceptions. Let me clear this up, considering I know how a DDoS works, and understand what CCP said in their post.

Someone found a vulnerability in CCP's servers. This doesn't mean they were able to gain access, or compromise the system. Vulnerabilities like that are pretty rare when you have a development team that knows what they're doing. Instead, what this most likely means, is they found a way to make CCP's servers do excessive amounts of work. They then either used a single computer, or multiple computers, to repeatedly send the data to CCP's servers that would make them do excessive amounts of work. This resulted in a Denial of Service.

Think of it in terms of a website, as it's a bit easier that way. Imagine you found a page on a website that took forever to load, and while loading slowed the entire website down. Now imagine if you had control of thousands of computers, and commanded all of those computers to request that page over and over again. The effect would be that the website would go offline under the load while trying to process all of those requests.

CCP took the servers offline to ensure no further vulnerabilities had been found/exploited. This is precautionary, and a smart move on their part. It doesn't mean the attacker actually gained any access though.

A thread titled "So.. Who's Responsible?" and after two pages no-one has blamed the Goons yet?

I'm on the Eve Online forums right?

Did we lose the tin-foil rolls in the attack or something?

A thread titled "So.. Who's Responsible?" and after two pages no-one has blamed the Goons yet?

I'm on the Eve Online forums right?

Did we lose the tin-foil rolls in the attack or something?

CCP took the servers offline to ensure no further vulnerabilities had been found/exploited. This is precautionary, and a smart move on their part. It doesn't mean the attacker actually gained any access though.

If the new expansion included content that was massively hurting the Goons, I could see them trying something like this to extort CCP.

But there is nothing in the expansion like that. You may say "Tech!" except the goons have said many times that although they are exploiting the current Tech situation, that situation should not exist.

There is the possibility it was just an attempt to get credit card numbers, or identity theft of some sort, or to get account details so assets could be drained for RMT.

There is the possibility it was just an attempt to get credit card numbers, or identity theft of some sort, or to get account details so assets could be drained for RMT.

It states in the first sentence it was a DDoS. The whole point of DDoS is to exploit a vulnerability to gain access.

There seem to be a lot of misconceptions. Let me clear this up, considering I know how a DDoS works, and understand what CCP said in their post.

Someone found a vulnerability in CCP's servers. This doesn't mean they were able to gain access, or compromise the system. Vulnerabilities like that are pretty rare when you have a development team that knows what they're doing. Instead, what this most likely means, is they found a way to make CCP's servers do excessive amounts of work. They then either used a single computer, or multiple computers, to repeatedly send the data to CCP's servers that would make them do excessive amounts of work. This resulted in a Denial of Service.

Think of it in terms of a website, as it's a bit easier that way. Imagine you found a page on a website that took forever to load, and while loading slowed the entire website down. Now imagine if you had control of thousands of computers, and commanded all of those computers to request that page over and over again. The effect would be that the website would go offline under the load while trying to process all of those requests.

CCP took the servers offline to ensure no further vulnerabilities had been found/exploited. This is precautionary, and a smart move on their part. It doesn't mean the attacker actually gained any access though.

Do you even know what DDoS is?

Yes I do. As stated the whole idea behind a DDOS is to flood a server with "white noise" exploiting a vulnerability in a servers ability to process incoming traffic. Which then is almost always followed with a attempt to access information within a server. This is why anytime time a DDOS attack occurs the servers are taken down, to prevent access as well as do a sweep of the system to see if anything has been compromised.

DOS attacks are rarely used nowadays just to deny service, pretty much anytime a DOS attack occurs you can assume they are doing so to try and gain access.

They are distinct, but almost always used in conjunction with one another.

http://community.eveonline.com/news/news-channels/eve-online-news/tranquility-downtime-on-sunday-june-2-and-monday-june-3/

It was not a DDoS attack but someone or a group that was able to exploit a vulnerability to some back-end services.

At 02:05 UTC June 2nd, CCP became aware of a significant and sustained distributed denial-of-service attack (DDoS) against the Tranquility cluster (which houses EVE Online and DUST 514) and web servers.

Our policy in such cases is to mobilize a taskforce of internal and external experts to evaluate the situation. At 03:07 UTC, that group concluded that our best course of action was to go completely offline while we put in place mitigation plans.

Yes I do. As stated the whole idea behind a DDOS is to flood a server with "white noise" exploiting a vulnerability in a servers ability to process incoming traffic. Which then is almost always followed with a attempt to access information within a server. This is why anytime time a DDOS attack occurs the servers are taken down, to prevent access as well as do a sweep of the system to see if anything has been compromised.

DOS attacks are rarely used nowadays just to deny service, pretty much anytime a DOS attack occurs you can assume they are doing so to try and gain access.

They are distinct, but almost always used in conjunction with one another.

Anonymous: "We r leejunz. We haf haqd ur spaecships. Resstnc is futiel k? Xpect uz."

Throw everyone in jail, that way we will be sure the guilty have been punished.