Ongoing DDoS Service Impact

[Czahariusz]

9 hours ago, Seijichu said:

Is the "DDOS" also the reason why my fps has been terrible?
Before the DDOS (which I think started on Halloween), I'd have pretty good fps (80+). Now I get like... 15-25, 30 if I'm lucky when I'm doing dungeons and stuff.
;-; It's super annoying.. 
 

DDoS does not affect your hardware, so your fps drop is likely caused by the game itself (not servers) or your pc.

[Sahris]

Legit question, when do you guys ballpark that this will be resolved? I logged in after maintenance thinking maybe it'd be better but it's not. 

[Czahariusz]

23 minutes ago, Sahris said:

Legit question, when do you guys ballpark that this will be resolved? I logged in after maintenance thinking maybe it'd be better but it's not. 

You couldn't have logged in cause maintance is still not finished. :P

[Takemikazuchi]

On 11/7/2017 at 3:51 AM, xBunnie said:

For god's sake, it's not a DDoS. The pattern suggests that it is a scheduled system process on the server, rather than a DDoS. Someone else posted something, but it looks like you guys deleted it. Whoops, I still have it. Accountability is very important. Be honest with us.

Awesome job ! Always a good thing when the community participates!

On 11/7/2017 at 2:13 PM, NiLord said:

A week since the issues started. I've seen better performance in the game now lag spikes are shorter nevertheless they are commoner (no each 20 min). I hope we get some kind of compensation because even though it's not your direct fault we (premiums) are paying for a benefit we can't get because of these attacks. 

Very true, we premiums are being mistreated and it will hurt @NCSOFT the most, as their premium and NC coins will drop.

22 hours ago, Fieryfly said:

13 days and counting.. Ive got so many screenshots of this crap.. Ive decided to not play the 8-10 hours I used to play. I have also decided not to spend any real money. So aside from dailies and raiding.. Im playing another game that takes up my time.

I get you~ but their trying to solve it, I think................

20 hours ago, whippleshuffle said:

No, the person you quoted is mistaken. DDoS attacks can and usually are precisely timed, and can be carried out in variable intervals. Appreciate the intent to help and identify the issue, though. We do have ongoing mitigation in place and are working to minimize impact as much as possible, you may be seeing some improvements, but as we continue to monitor we would appreciate updates on how it's impacting you and your play time.

His mistaken? So, you know what you're doing then? If so, let's hope it will be fixed soon.

17 hours ago, caioc2 said:

Maybe, but I think it could be related to the official release of other well know game today (11/7) which I wont cite the name. It isnt uncommon those attacks bettween different companies, pservers, etc. For sure isnt the first and not the last we will sufer from.

It could be a DDoS attack from another company to take the @NCSOFT player base, corporate sabotage isn't that uncommon these days!

[Scarlet Nightshade]

Or maybe NCSofts dealings with this notoriously horribad company have something to do with it...

 

https://www.wired.com/story/how-a-tiny-error-shut-off-the-internet-for-parts-of-the-us/

 

Gonna go ahead and shift blame for this fiasco to Level 3. As per yearly usual.

[Sahris]

 

1 hour ago, Czahariusz said:

You couldn't have logged in cause maintance is still not finished. :P

yes it was rofl am NA

[Takemikazuchi]

1 hour ago, Scarlet Nightshade said:

Or maybe NCSofts dealings with this notoriously horribad company have something to do with it...

 

https://www.wired.com/story/how-a-tiny-error-shut-off-the-internet-for-parts-of-the-us/

 

Gonna go ahead and shift blame for this fiasco to Level 3. As per yearly usual.

To put it simple *SYNTHESIZING*:

_________________________________________________________________________________________________________________________________________________________________

HOW A TINY ERROR SHUT OFF THE INTERNET FOR PARTS OF THE US

 

A YEAR AGO, a DDoS attack caused internet outages around the US by targeting the internet-infrastructure company Dyn, which provides Domain Name System services to look up web servers.

 

Monday saw a nationwide series of outages as well, but with a more pedestrian cause: a misconfiguration at Level 3, an internet backbone company—and enterprise ISP—that underpins other big networks. Network analysts say that the misconfiguration was a routing issue that created a ripple effect, causing problems for companies like Comcast, Spectrum, Verizon, Cox, and RCN across the country.

 

Level 3, whose acquisition by CenturyLink closed recently, said in a statement to WIRED that it resolved the issue in about 90 minutes. "Our network experienced a service disruption affecting some customers with IP-based services," the company said. "The disruption was caused by a configuration error."

 

Comcast users started reporting internet outages around the time of the Level 3 outages on Monday, but the company said that it was monitoring "an external network issue" and not a problem with its own infrastructure. RCN confirmed that it had some network problems on Monday because of Level 3. The company said it had restored RCN service by rerouting traffic to a different backbone.

 

The misconfiguration was a "route leak," according to Roland Dobbins, a principal engineer at the DDoS and network-security firm Arbor Networks, which monitors global internet operations. ISPs use "Autonomous Systems," also known as ASes, to keep track of what IP addresses are on which networks, and route packets of data between them. They use the Border Gateway Protocol (BGP) to establish and communicate routes. For example, packets can route between networks A and B, but network A can also route packets to network C through network B, and so on. This is how internet service providers interoperate to let you browse the whole internet, not just the IP addresses on their own networks.

 

In a "route leak," an AS, or multiple ASes, issue incorrect information about the IP addresses on their network, which causes inefficient routing and failures for both the originating ISP and other ISPs trying to route traffic through. Think of it like a series of street signs that help keep traffic flowing in the right directions. If some of them are mislabeled or point the wrong way, assorted chaos can ensue.

 

Route leaks can be malicious, sometimes called "route hijacks" or "BGP hijacks," but Monday's incident seems to have been caused by a simple mistake that ballooned to have national impact. Large outages caused by accidental route leaks have cropped up before.

 

"Folks are looking to tweak routing policies, and make mistakes," Arbor Networks' Dobbins says. The problem could have come as CenturyLink works to integrate the Level 3 network, or could have stemmed from typical traffic engineering and efficiency work.

 

Internet outages of all sizes caused by route leaks have occurred occasionally, but consistently, for decades. ISPs attempt to minimize them using "route filters" that check the IP routes their peers and customers intend to use to send and receive packets, and attempt to catch any problematic plans. But these filters are difficult to maintain on the scale of the modern internet, and can have their own mistakes.

 

Monday's outages reinforce how precarious connectivity really is, and how certain aspects of the internet's architecture—offering flexibility and ease-of-use—can introduce instability into what has become a vital service.

_________________________________________________________________________________________________________________________________________________________________

In short: I know it's a big resource management issue, and @NCSOFT can't manage to look Inwards whilst looking Outwards but this may be a good bet/chance to take~ Wouldn't hurt at all!

The glasses have spoken! 

[NiLord]

I know they should be working trying to figure out how to fix these problems but Id be nice if at least we get some kind of news about the topic. 'hey players we are here, we are not dead trying to fix everything' small things, thats the way to improve your costume service. 

[Sahris]

3 hours ago, NiLord said:

I know they should be working trying to figure out how to fix these problems but Id be nice if at least we get some kind of news about the topic. 'hey players we are here, we are not dead trying to fix everything' small things, thats the way to improve your costume service. 

So much this, I just want to hear them update maybe once a day like, " Still ongoing attempts to fix." So I don't feel crazy and alone with this crazy ping that I NEVER had before in game. 

[Fieryfly]

On BnS twitter feed there is roughly 35 replies and I have at least 3..  The lag still continues, I dc'd once last night, thankfully it was at the end of raid. There is still periods of lag that impedes skills for 10-20 seconds. Its been 15 days since this began, 2 Maintenance patches, and its not really any better than it was when it first began.  I pay for membership.. it is really dumb NC is not doing more. If it were to effect the cash shop or any form of ncoin transactions they would be all over it.. The last event.. I did not get one Rose Thorn fabric. I missed 5 days of dailies because of the disconnects.  My ping yesterday was 220-900. It was all over the place. Normally I should have 15-35

[paingwar]

From Yesterday maintenance i cannot stay logged for more than about 15-30 minutes. It's a pain doing every dungeon that it's not cold storage or heaven's mandate.

 

They have absolutly to found a solution, it's impossible to continue like this.

 

The most funny thing is that most of the time when i try to reconnect, i insert, my psw, my 6 pin code and it told me that i'm "alredy logged in".... so i have to repeat all the cricket flow.

 

Nor to count all the time the you freeze -> die -> dc -> log again just to found out the you have to press 4 to revive and lost the possibility to join your party again (if you're lucky and they wait for you).

 

I almost oblige to do every single dungeon 2 or 3 times to complete it. last day i have to forfeit doing Naryu Foundry after 4 attempts.

 

This situation stat to became pretty ridicolous

[SilverFoxR]

Geez... the entitlement in this thread is thick enough to cut with a knife.

 

Look, it sucks... everyone knows it sucks... but be glad it's not a lot worse. DDoS attacks have gotten bigger and more powerful as time goes by, thanks to massive zombie-bot networks. There've been a couple on record that have been said to be unstoppable, due to the sheer volume of these networks.

 

For those who don't understand what's going on and how a DDoS attack works, the best way I had it described was to think of it as a website/service as your house. Every time someone comes and knocks on your door, you have to open the door and say "hello". Now, imagine that 100 people showed up to your door at the same time and each knocked on your door. You still have to say hello to every single one (can't say it to everyone at once, you need to say it to each one individually). Sound annoying and difficult, right? Well, try 10,000 people. 100,000 people. Or, like a couple of websites have had, over 3 MILLION people.

 

That's essentially how this works - a zombie-bot network is ordered to all go to a site at the same time. These sites are required to give a response, no matter what... and the massive wave of incoming traffic overwhelms them, causing havoc on the site's server. Lag, disconnects from the server... it's all going to happen and there's very little that can be done, depending on the severity of the attack.

 

You might be asking "Okay, but how are they getting so many signals sent to the server? What's this 'zombie-bot net' you keep mentioning?"

 

Well, simply put, a zombie-bot is a small, malware-style program that, once on a system, allows a person to use your device to send a simple message attempt (the "hello" we mentioned earlier) to a location chosen by that person. See, these "hackers" (more or less script kiddies most of the time) don't send the messages to the servers themselves - they order all of the devices with this little zombie-bot program to do it for them. It's not just a PC/Laptop that can have this program put on it, however, and this is why these DDoS attacks are getting more severe... anything that has web-connectivity can be used in a zombie-bot network, so long as the program can get put into it... and the sheer number of web-connected devices are getting absurdly larger all the time. Computers, cell phones, sure... but home security systems, refrigerators, televisions, toasters... even LIGHT BULBS are being web-connected. The big problem with a lot of these "smart" appliances (light bulbs especially) is that companies do not put very good protection on them. So, if they are connected to your home wifi, they can often be an easy entrance to your network, no matter how strong your wireless router's security is.

 

So, there are zombie-bot nets out there that are millions of devices strong... and a big enough net can take down any server on the globe... and we don't have a proper way of defending against it. This is not a joke... a journalist's website a little while ago was hit by a DDoS attack so hard that no system on the planet would have been capable of stopping it.

 

And, since a zombie-bot net can be set off with a program, it's obvious that it'd be easy to automate it to sending the command out at timed intervals... such as the 20 minute hits we've been getting since last week.

 

I'm sorry, kiddies, but if you were patient enough to read this far, then you should realize that this is being worked on, but until ways to redirect the flow can be implemented, this isn't going to stop any time soon... and it's not because the staff is inept or unable to do their job. Obviously, they want things running properly just like you do. The grunts in the data mine don't want to be scanning through lines of code, the help desk doesn't want to be insulted or inundated with constant whining and, if you want to look at it as cynically as possible, they want their product working properly so they can continue to make a proper profit.

 

So, simply put, you're just going to have to bear with it until they sort it out.

[xInikox]

t h i s ^

[Scarlet Nightshade]

27 minutes ago, SilverFoxR said:

Geez... the entitlement in this thread is thick enough to cut with a knife.

 

Look, it sucks... everyone knows it sucks... but be glad it's not a lot worse. DDoS attacks have gotten bigger and more powerful as time goes by, thanks to massive zombie-bot networks. There've been a couple on record that have been said to be unstoppable, due to the sheer volume of these networks.

 

For those who don't understand what's going on and how a DDoS attack works, the best way I had it described was to think of it as a website/service as your house. Every time someone comes and knocks on your door, you have to open the door and say "hello". Now, imagine that 100 people showed up to your door at the same time and each knocked on your door. You still have to say hello to every single one (can't say it to everyone at once, you need to say it to each one individually). Sound annoying and difficult, right? Well, try 10,000 people. 100,000 people. Or, like a couple of websites have had, over 3 MILLION people.

 

That's essentially how this works - a zombie-bot network is ordered to all go to a site at the same time. These sites are required to give a response, no matter what... and the massive wave of incoming traffic overwhelms them, causing havoc on the site's server. Lag, disconnects from the server... it's all going to happen and there's very little that can be done, depending on the severity of the attack.

 

You might be asking "Okay, but how are they getting so many signals sent to the server? What's this 'zombie-bot net' you keep mentioning?"

 

Well, simply put, a zombie-bot is a small, malware-style program that, once on a system, allows a person to use your device to send a simple message attempt (the "hello" we mentioned earlier) to a location chosen by that person. See, these "hackers" (more or less script kiddies most of the time) don't send the messages to the servers themselves - they order all of the devices with this little zombie-bot program to do it for them. It's not just a PC/Laptop that can have this program put on it, however, and this is why these DDoS attacks are getting more severe... anything that has web-connectivity can be used in a zombie-bot network, so long as the program can get put into it... and the sheer number of web-connected devices are getting absurdly larger all the time. Computers, cell phones, sure... but home security systems, refrigerators, televisions, toasters... even LIGHT BULBS are being web-connected. The big problem with a lot of these "smart" appliances (light bulbs especially) is that companies do not put very good protection on them. So, if they are connected to your home wifi, they can often be an easy entrance to your network, no matter how strong your wireless router's security is.

 

So, there are zombie-bot nets out there that are millions of devices strong... and a big enough net can take down any server on the globe... and we don't have a proper way of defending against it. This is not a joke... a journalist's website a little while ago was hit by a DDoS attack so hard that no system on the planet would have been capable of stopping it.

 

And, since a zombie-bot net can be set off with a program, it's obvious that it'd be easy to automate it to sending the command out at timed intervals... such as the 20 minute hits we've been getting since last week.

 

I'm sorry, kiddies, but if you were patient enough to read this far, then you should realize that this is being worked on, but until ways to redirect the flow can be implemented, this isn't going to stop any time soon... and it's not because the staff is inept or unable to do their job. Obviously, they want things running properly just like you do. The grunts in the data mine don't want to be scanning through lines of code, the help desk doesn't want to be insulted or inundated with constant whining and, if you want to look at it as cynically as possible, they want their product working properly so they can continue to make a proper profit.

 

So, simply put, you're just going to have to bear with it until they sort it out.

Cool story bro, but after you manage to get down from that high perch, could you then prove without a shadow of doubt that this whole event was, in fact, a DDoS or any other type of malicious outside influence? Cause as it stands there's mounting proof that this whole DDoS excuse might just have been a cover for what amounts to user/administrative negligence.

 

Unless you typically just like to come on to random forums to ostentatiously white knight multi billion dollar companies and attack other players on their behalf.

 

In that case, stay the course.

 

[SilverFoxR]

21 minutes ago, Scarlet Nightshade said:

Cool story bro, but after you manage to get down from that high perch, could you then prove without a shadow of doubt that this whole event was, in fact, a DDoS or any other type of malicious outside influence? Cause as it stands there's mounting proof that this whole DDoS excuse might just have been a cover for what amounts to user/administrative negligence.

 

Unless you typically just like to come on to random forums to ostentatiously white knight multi billion dollar companies and attack other players on their behalf.

 

In that case, stay the course.

 

I'm sorry, but you can prove without a shadow of a doubt that it ISN'T a DDoS attack? And you're implying that the staff is outright lying in order to... what, exactly?

 

Grow up, kid.

[Sahris]

On 11/9/2017 at 12:04 PM, SilverFoxR said:

Geez... the entitlement in this thread is thick enough to cut with a knife.

 

Look, it sucks... everyone knows it sucks... but be glad it's not a lot worse. DDoS attacks have gotten bigger and more powerful as time goes by, thanks to massive zombie-bot networks. There've been a couple on record that have been said to be unstoppable, due to the sheer volume of these networks.

 

For those who don't understand what's going on and how a DDoS attack works, the best way I had it described was to think of it as a website/service as your house. Every time someone comes and knocks on your door, you have to open the door and say "hello". Now, imagine that 100 people showed up to your door at the same time and each knocked on your door. You still have to say hello to every single one (can't say it to everyone at once, you need to say it to each one individually). Sound annoying and difficult, right? Well, try 10,000 people. 100,000 people. Or, like a couple of websites have had, over 3 MILLION people.

 

That's essentially how this works - a zombie-bot network is ordered to all go to a site at the same time. These sites are required to give a response, no matter what... and the massive wave of incoming traffic overwhelms them, causing havoc on the site's server. Lag, disconnects from the server... it's all going to happen and there's very little that can be done, depending on the severity of the attack.

 

You might be asking "Okay, but how are they getting so many signals sent to the server? What's this 'zombie-bot net' you keep mentioning?"

 

Well, simply put, a zombie-bot is a small, malware-style program that, once on a system, allows a person to use your device to send a simple message attempt (the "hello" we mentioned earlier) to a location chosen by that person. See, these "hackers" (more or less script kiddies most of the time) don't send the messages to the servers themselves - they order all of the devices with this little zombie-bot program to do it for them. It's not just a PC/Laptop that can have this program put on it, however, and this is why these DDoS attacks are getting more severe... anything that has web-connectivity can be used in a zombie-bot network, so long as the program can get put into it... and the sheer number of web-connected devices are getting absurdly larger all the time. Computers, cell phones, sure... but home security systems, refrigerators, televisions, toasters... even LIGHT BULBS are being web-connected. The big problem with a lot of these "smart" appliances (light bulbs especially) is that companies do not put very good protection on them. So, if they are connected to your home wifi, they can often be an easy entrance to your network, no matter how strong your wireless router's security is.

 

So, there are zombie-bot nets out there that are millions of devices strong... and a big enough net can take down any server on the globe... and we don't have a proper way of defending against it. This is not a joke... a journalist's website a little while ago was hit by a DDoS attack so hard that no system on the planet would have been capable of stopping it.

 

And, since a zombie-bot net can be set off with a program, it's obvious that it'd be easy to automate it to sending the command out at timed intervals... such as the 20 minute hits we've been getting since last week.

 

I'm sorry, kiddies, but if you were patient enough to read this far, then you should realize that this is being worked on, but until ways to redirect the flow can be implemented, this isn't going to stop any time soon... and it's not because the staff is inept or unable to do their job. Obviously, they want things running properly just like you do. The grunts in the data mine don't want to be scanning through lines of code, the help desk doesn't want to be insulted or inundated with constant whining and, if you want to look at it as cynically as possible, they want their product working properly so they can continue to make a proper profit.

 

So, simply put, you're just going to have to bear with it until they sort it out.

That doesn't mean people don't have a right to complain about it if the company seems like it's ignoring it. Other games have already fixed the issue by moving servers. They can fix it, they don't want to spend a ton of money to do it is all. And it's not been a week, it's been since the 21st that the Ddos officially started hitting targets so try 3 entire weeks of people losing any game play. Meanwhile Eu has been compensated for losing just 3 days in an entire month. 

[Sahris]

This is still an issue, when are we going to have updates? I'ts gone on too long. Before ddos I had under 100ping the entire time since bns came out. Now, since the Ddos I get 200 ping standing still and 500-1000 if I try to fight anything. I can't do dungeons. I put a support ticket in and you guys couldn't find anything wrong on my end. Why is this still happening? 

[Sahris]

Update please :3 

[WhiteNite]

2 hours ago, Sahris said:

Update please :3 

good luck getting anything from support, i logged on today to check (after taking 3 days off) still the same for me. And there was an email asking if I was satisfied with their support lol

[Sahris]

21 hours ago, WhiteNite said:

good luck getting anything from support, i logged on today to check (after taking 3 days off) still the same for me. And there was an email asking if I was satisfied with their support lol

T^T I just want updates, I also had a ticket and they said they did everything they could to help me already ( checked everything on my end). 

[Sahris]

Like, I really don't want this to just be forgotten about long enough that most of the issue goes away for other people while i'm still left with it. I never had issues playing the game before ddos, I just want normal play back so I can actually do dungeons and dailies. Q-Q

[Sahris]

Updates guys? When will this stop affecting Everyone? Because some of us still have issues, why is this. 

[Takaroku]

Ima bump this too, seems like it's being ignored.

[fruiteaterz]

even if there was a ddos, it seems like its all over. or ami missing out on something?

[cache22nz]

Smoothed over, maybe, but I don’t think it’s ended. My ping is still frequently about 50% above normal.