DDoS at Launch

[Aydinx2]

Now as for DDOS, I hope blizzard has learned something from all the DDOS over the last 2 months and upped their security to tell the difference between actual people connecting and attacks.

That's not how DDOS works... You cant "detect" a DDOS...

[Kazuchika]

People logging on to play the new xpac is a DDoS attack now days?

It is to ignorant people who believe what some kiddie posts on their twitter account

[Wondercrab]

The way Legion's set up to send people to a bunch of different areas, along with the new sharding tech they have, means that it's going to be difficult to break in-game areas with lag either intentionally or unintentionally. The login servers, on the other hand, are a lot more likely to take a hit.

[Gaaz]

If anything, I actually expect Blizz to fu the launch themselves and blame it on a DDoS attack. I mean most other large online games rarely experiense such problems, major patch content or not. Even if they do, these are sorted in 1 or 2 days at absolute maximum. But for Blizz, every launch turns into a disaster since vanilla, the main difference being the scale and the length of such disaster. There is no way they can blame Draenor launch to a DDoS. For 2 weeks the game was literally unplayable, and the following month just full of bugs and glitches. Just like they can not blame DDoS for bugs on live servers right now, when quests and instances fail to load and freeze at one stage or the other. Today, while levelling a mage, I was literally forced to restart instanced quest in Talador harbor 3 times, because for some reason Khadhar froze after casting a time stop spell. Orgri is lagging like there is no tomorrow, while draenor (other than instances) is more or less fine. That is not a DDoS! That is a huge collection of bugs and overstressed servers due to invasions. This will be a catastrophy at launch as increased server load is only going to make problems worse.

[Raamm]

It doesn't matter the rumor is that raids won't be running for 5 weeks.

[WintersLegion]

That's not really how it works... One of the reasons denial of service attacks are so successful is because it's so hard to distinguish between real traffic and fake traffic. Even if you're filtering "bad traffic," too much of it, as is the case with a distributed denial of service, will bog down your filtering device and take you offline. Honestly, at this point, it's a matter of people whose computers have been turned into bots to either remove their computers from the internet to prevent its use in DDoS, or get a new one and stop going to sites where you can get this malicious software (since cleaning their computer of the malware is clearly beyond their scope).

Yep if you think of it as a road whether it's car's or just some boxes on wheels they are still going down the same path. Send in enough of those boxes on wheels you create a traffic jam. Yeah you may be able to put in a guard that checks each one to see if it's an actual car or not that is still going to slow down traffic due to the inspection.

If anything, I actually expect Blizz to fu the launch themselves and blame it on a DDoS attack. I mean most other large online games rarely experiense such problems, major patch content or not. Even if they do, these are sorted in 1 or 2 days at absolute maximum. But for Blizz, every launch turns into a disaster since vanilla, the main difference being the scale and the length of such disaster. There is no way they can blame Draenor launch to a DDoS. For 2 weeks the game was literally unplayable, and the following month just full of bugs and glitches. Just like they can not blame DDoS for bugs on live servers right now, when quests and instances fail to load and freeze at one stage or the other. Today, while levelling a mage, I was literally forced to restart instanced quest in Talador harbor 3 times, because for some reason Khadhar froze after casting a time stop spell. Orgri is lagging like there is no tomorrow, while draenor (other than instances) is more or less fine. That is not a DDoS! That is a huge collection of bugs and overstressed servers due to invasions. This will be a catastrophy at launch as increased server load is only going to make problems worse.

The only launch that was a disaster for WoW since Wrath was WoD which was mostly a combination of a lot more people coming back than they expected and them being DDoS'd. Sure the others had problems but nothing that made it a disaster.

[Tharkkun]

That's not how DDOS works... You cant "detect" a DDOS...

Blizzard's network admins will be sitting back and watching for the traffic to spike. Then they'll start dropping traffic from the junk sources. There's a reason why services like Cloudflare exist. They do nothing but sit and wait for DDOS attacks and then react. There's a distinct difference between valid and ddos traffic.

If there was no way to detect a DDOS then they would continue affecting services for days. Instead they are usually cleared up within an hour or less.

[Lewlies]

It's pretty funny looking at all the posts denying Ddosing ever took place or even knowing how to recognize such. Tells me and probably others that those people don't know what ddosing is much less how to do it

[Deleted]

It's pretty funny looking at all the posts denying Ddosing ever took place or even knowing how to recognize such. Tells me and probably others that those people don't know what ddosing is much less how to do it

Oh great expert on DDoS attacks, please enlighten us the poor nobs what those attacks really are! Don't just keep all that secret knowledge to yourself...

The biggest problem with proper DoS attacks is that they are really hard to distinguish from live traffic. For example, if attacker knows how to encrypt login data the way WoW client does when trying to authenticate, it can flood the auth service with something that looks valid, but has garbage login and/or passwords encrypted inside. You can't tell the difference between the proper and attacker data. Adding 'distributed' part means that there are hundreds/thousands/+++++more machines trying to false authenticate (or use any entrance available that is not protected by global auth/allowance system).

There are more or less sophisticated methods for DoS filtering and firewalling, some in hardware and some in software forms. But they work up to the volume of attackers and then you're in square one again.

In short, there are no security solutions that could not be broken. Either by computing power or volume. So don't expect Blizzard admins to just use their magic wand (ot staff, depending if they prefer 2h weapons) and magically fix server flooding and world hunger for your favorite game lunch. They are more like warriors on the battleground, running from target to target, while being slowed and killed in the process. And then from time to time a rogue pops up..

[RoKPaNda]

Is anyone else expecting the Legion launch to be marred by another DDoS attack? The last couple of expansions have been almost unplayable due to DDoS attacks.

Weird, I had zero problems playing on launch day. Probably just your server is high pop and the massive amount of traffic ruined it for you.

[wowaccounttom]

DDoS Attack =//= Players Logging in.. NOT Really the same..

lol

do you know what those letter stand for?

intended or unintended, it is still a DDoS

to be fair, whoever you replied to did mean it in a "im going to get you" way

[ComputerNerd]

There'll be lag for sure from the amount of people joining.

Now as for DDOS, I hope blizzard has learned something from all the DDOS over the last 2 months and upped their security to tell the difference between actual people connecting and attacks.

Another thing to take into account is that blizzard now has HotS and OW too, so during launch they might have less players so Blizz might temporarily take some of that server space, if their server architecture supports easy swapping like that

The recent issues made it clear that blizzard are doing all they can, and obviously doing a decent job.
Because it isn't blizzard they are going after, but the ISP's.

[sionus]

Is anyone else expecting the Legion launch to be marred by another DDoS attack? The last couple of expansions have been almost unplayable due to DDoS attacks.

No they haven't.

[WurstKaeseSzenario]

At the start of WoD, the servers didn't log off players, so everyone's character was online indefinitely. Servers were DDOSing themselves, trying to send information between an ever growing amount of nonexistent players who got disconnected or logged of after not being able to enter their garrison and continue their quests.

So if Blizzard makes a stress-test this time we might get a smooth launch with only slightly higher latency.

[Triggered Fridgekin]

Wasn't there some kind of graph from Norse which showed a fuck ton of traffic hitting the States from Asia?

Here it is

Take from that what thy will.

[Heladys]

Don't fucking invite trouble.

[Kuntantee]

Blizzard stated they got DDoS'd. So it's most likely a combination of both.

As if Blizz wouldn't lie.

[plato13]

From my understanding, there wount be a big flood of players logging in to the game this time. So far it looks like we already have the full expansion live. We just cant access it yet. Blizzard will be able to activate it w/o a realm restart like they did with the current invasion event. Wich means the launch will be alot smoother.

[wowaccounttom]

Wasn't there some kind of graph from Norse which showed a fuck ton of traffic hitting the States from Asia?

norse traffic is all about honeypots, bots, and c&c


hardly anything worth paying attention to

[Arewn]

lol

do you know what those letter stand for?

intended or unintended, it is still a DDoS

to be fair, whoever you replied to did mean it in a "im going to get you" way

Legitimate player logins (user traffic), no matter how much it floods the network, does not constitute a DDOS attack. While the effect may be the same, the determining factor of whether something is or is not in fact a DDOS attack is intent.
DDOS attacks are defined by the fact that they are explicitly an attempt to deny usage of the network from legitimate users. A legitimate user attempting to login in order to play the game is not a DOS attack, even if you have so many users that some of them are unable to receive service.

There are some cases in which one might loosely refer to something as an "unintentional" DDOS/DOS attack, but in actuality this is just a congested network or poorly managed network component.
You wouldn't call a sale bringing in a large volume of customers, causing a line to form, an attack. That's just being busy. But a rival store sending a large number of people to your store who won't actually buy anything in order to ruin your store's service and create long wait times, you would call that an "attack".