Sony and Microsoft both absolutely should have been prepared for the hits, especially as these attack become more and more prevalent, but let's put the blame squarely on the shoulders of the group responsible: Lizard Squad.
Exactly. If people keep saying DDoS is not a hack and can't be stopped then hell yeah, Blame Lizard Squad.
DDoS can be stopped, but people are convincing themselves that there's nothing Sony/Microsoft could have done so that they feel better about the services they pay to use being unavailable.
its a bit like cold war, bigger guns, bigger defences it has no end, same with DDOS idea...
Radler you know absoutely shit about ddos attacks then.
Why the hell is it even okay for a group to be DDoS in the first place. You want to sit back and blame someone for getting attacked but you don't acknowledge the source. If I broke in your house, do the police arrest you for getting robbed? This logic is so backwards. In truth you want to blame console gamers. And who the hell has the right to target companies for problems that they are causing.
Jesus christ, it'd be easier convincing a nazi that jews are not an "inferior race" than to convince people online that DDOS attacks are not 100% avoidable. Sure MS/Sony could beef up their mitigation etc for future attacks, but that would only invite a bigger DDOS attack. DDOS attacks happen EVERY dayon servers all over the world, every damn milisecond, just a lot of them fall flat because there's not enough force behind the attacks, but now and then you get a group of immature little pricks banding together to try and prove some idiotic poitn with no merit behind it whatsoever. Sorry for the language, I've been reading Garth Ennis comics all day long while PSN is down :)
No it can't, if you have the answer sell it to a company and be a millionaire. DDoS is a networking problem that does not have a definitive solution, it is a serious issue that has yet to be fixed. Companies would pay someone some serious cash if they had a 100% solution to defeating a DDoS attack, because as of yet (to my knowledge) no one else can. The ignorance on this site is ridiculous, yet you all keep talking like you know what you are talking about. Take a class in networking before you start talking about networking, or at least read a book. It is bad enough everyone calls DDoS hacking
People like you think they know what they are talking about. But you don't. DDoS cannot be stopped. They can be mitigated but they cannot be stopped.
Wow how dumb and ignorant can you be? It's near impossible to stop a DDoS or a hack. How about you do your research instead of spreading ignorance around here. If it's so preventable, I'd love to see you try it.
lol, it's you who don't know what you're talking about. DDoS can't be stopped. you can only mitigate it with few tricks or bigger, better server, but there's currently no certain way to directly block DDoS itself. Please don't confuse people stating fact with fans defending their company.
@radler: How many DDoS attacks have you stopped? None? That's what I thought. DDoS can't be avoided. The reason it can't be avoided is because all it is is flooding servers with traffic. The only actual way to stop it would be to shut down the servers, which pretty much has the exact same impact of preventing legitimate users from using the service. So because you can't avoid it, your only option is mitigation. To mitigate the damage you have to buy more servers and more bandwidth. That's expensive. Sony and MS should not be expected to have to pay for more servers and bandwidth than they'd typically need to run their services just to mitigate the damage caused by some jerks with no life and several undiagnosed complexes.
Please, by all means, share your infinite wisdom to Microsoft and Sony./s
@DragonKnight if its flooding the servers with traffic why is it not possible to QoS known addresses (every console on the network) and drop packets? Or a similar technique? Im not a ddos expert, but it seems that existing techniques should be able to at least mitigate major damage like this weekend.
@Tempest: Again, you're stating a mitigation technique, and that's all that can be done. You can't stop the damage, you can only hope to reduce it. As for your method, you're asking the system to identify every IP and what it's doing amidst the chaos of the traffic surge. That's nearly impossible. If the system could do that, then blocking the IPs performing the DDoS would be the best solution and an actual way to stop the attacks, but it's not possible especially given the fact that both Live and PSN have millions of IPs to sift through and the fact that most people don't have static IPs.
@Dragonknight Yes most people don't have static ips, but a given ip is not going to change in the middle of an attack. So why can they not identify the ip addresses that are producing Gb's worth of requests? Or my suggestion earlier was to QoS the mac address of every registered system and shut down all traffic outside of those? Yes it would suck for internet traffic and new users, but at least all existing millions of users would be fine. Once again, I'm not an expert on these things, but pretty much any business class network has the ability to monitor and limit traffic on the network. I understand psn and live are much larger networks, but they are also custom designed and coded with the hardware to match.
@timotim I'm with you man, no problems here either. One thing you must remember though this is a Sony fanBOY site and you're not allowed to tell the truth. If you say anything remotely good about MS you will get flamed, want bubbles? Praise Sony all day. N4G were truth and intelligence goes to die. Only a child would give a crap about this site and (lol)bubbles so I'm here to back you up. Some people had problems signing in, apps not working and some games would not launch in MP, but the service was never "down" except in the UK where it was down for an hour and a half. Now watch the disagrees even though this is the absolute truth, if half these people learned to read and not just the headlines they would know. They don't want to know.
radler, no, you can't "stop" a DDoS attack. you can have all the internet bandwidth in the world on your side, and you still couldn't stop a DDoS attack. why? because the attack will just keep going, and going, and increasing until it overloads the system. no amount of preparation will 100% block these kinds of attacks, so stop assuming that MS or sony could have done something to stop it from happening.
It's very difficult to counter more sophisticated forms of DDoS. The simplest SYN floods can be avoided with ease (by inspecting and storing information about each session), but the attackers are probably quite good at making their illegitimate traffic appear legitimate to the servers.
Guys guys guys. Radler is right. DDoS can be stopped. All a company has to do is completely block all incoming connections. Easy as pie. Of course, I don't think the legitimate people trying to access the servers would be too happy with that solution. Anyhow, @radler, DDoS works by targeting the very way the internet(and most networks) work. That's why they can't be stopped 100% unless you want to shut off the network from incoming connections. All a company can do is try to minimize its effects. Even then though, the vast majority of DDoS attacks happen upstream of the actual server being attacked, and never actually make it to the servers themselves. @Tempest It's possible to do, but during the attack, there are a lot of legitimate IP's that are hitting the server as well. A server such as PSN or XBL is going to have more problems by blocking addresses. Otherwise, since this attack isn't coming from just a few computers(it's distributed and LS just initiated the command for infected computers to start the attack), they may be getting thousands of IP addresses that are actually attacking out of hundreds of thousands of legitimate IP's. It isn't easy to differentiate which is which on such a large scale since people trying to log in could be hitting the servers could appear to be doing it too often. There is also a strong chance that the IP packets coming in have the wrong IP within the packet header, so blocking them wouldn't do anything unless you start moving upstream of the actual user, which could cause all sorts of problems for a commercial server.
@radler - It's clear that you know nothing about how DDoS attacks work. You can't just turn the on/off switch in situations like this because their networks are being flooded with bad traffic making it difficult for good traffic to get through. The problem is (as described in the name), attacks are distributed over thousands of slave computers across the globe. A single request may look legit, but when you add them all together, it knocks out the potential of delivering good service. If anything, Microsoft has been credited on numerous occasions for playing an instrumental role in shutting down major botnets over the past few years. I remember once instance where they were part of a project that shut down a botnet responsible for 1/3 of the Internet's email spam. So please do some reading instead of mindlessly babbling about things you don't know about.
The funny thing about these comments is how everyone is jumping on radler's case about DDoS attack not being able to be stopped. Instead everyone wants to defend these companies and throw up their hands and say there's no way to stop a DDoS attack and basically we should move on. Then, what is the point of paying for these services? Shouldn't MS and Sony be looking into trying to stop DDoS attacks or even limit their effects on us gamers? I don't believe this "it can't be done" nonsense, anything is possible in this day and age. If we pay for this service then we should want these BILLION DOLLAR companies to have some kind of protocol or fix for when these supposed "little" kids do try a DDoS attack. If they can't stop it then there should be a way to get the network quickly back up and efficiently so things can get back to normal in a good amount of time. I mean seriously...a group of kids can take down a BILLION Dollar companies network for a whole weekend and you guys are complaining to Radler? Shouldn't that be embarrassing for Sony and MS? Especially when we all knew they were going to try this on Xmas?!
Its not a hack, here learn what it is- https://www.blacklotus.net/...
Stop linking to websites that contain VIRUS'S I have already has to reinstall WINDOWS XP this week from people posting links to websites that contain MALWARE and I wont fall for this trick again. People like YOU should be banned. I am getting sick and tired of people trying to infect my computer, I love WINDOWS but if this keeps HAPPENING I am going to buy a MAC.
You're still using Windows XP? Anyway, here's a clean link for you then. http://www.digitalattackmap...
Original link is fine had a look through the code and tested it, you're getting a false postive from a crap AntiVirus. Plus implement the following Windows XP Industry updates: http://www.forbes.com/sites... MS stopped XP support ages ago, XP is a feeding ground now if you don't get the new updates.
True but honestly this gen isn't very fun at the moment. Under promised AAA's, broken AAA's, bad services from publishers and now these ongoing hacks. I would say delays but that's not a bad thing. Next year is officially the premier year and hopefully these hacks can left in the dust come next year.
This Gen has definitely been the lamest in my opinion as well.
"In February of 2014 CloudFlare mitigated the largest ever recorded DDoS attack which peaked at 400 Gbit/s" - Wikipedia It can be done. Your precious Sony and Microsoft are just to cheap to make it happen. Even though they charge for their online services.
ehh... happens to everybody, Steam went down in early December via a DDoS attack. Just cause you can prevent it doesn't mean you should? Does it make financial sense to prevent it? Let me give you a scenario: There are millions of earth ending asteroids in space, but scientist say the chances of one of those asteroids hitting us are very very slim... hence nearly no amount of budget is allocated to locating and tracking these asteroids. They are a threat, but not a constant threat... not enough of a present threat to allocate billions of dollars to when those billions could be spent else where that would make a difference now. These companies are looking at this by the numbers: how long has PSN/XBL been around? over 10 yrs, in those 10 yrs how much time has either service been down?
"Mitigated". Note that this doesn't mean the same thing as "prevented". Everyone has already said that you can MITIGATE DDoS attacks, but they cannot be prevented. Sure you can use load balancing, redundant DNS servers, junk packets, reserve bandwidth etc etc... But Cloudflare is a different company with different financial pressures. It's entire business revolves around staying online, which means 100% of investment can be poured back into it. Microsoft and Sony are different companies with different revenue streams that need to split their profits a billion ways to maintain their services. They can't pour everything into preventing DDoS attacks that happen once a year for 14 hours. It would be a huge waste of resources, when they could for example be doing more R & D, investing in indie devs, or whatever else. SERIOUSLY, do your research instead of picking sentences out of Wiki.
I don't think Microsoft have to do anything... they're doing alright. Took them less than half a day to be up and running. Sony, on the other hand, were literally down for days... they have a long way to go. Financially, for them, it SHOULD make sense to dump some money into helping mitigate future attacks. Sony stated they'd be using our PS+ money to better their services, and they have yet to do that. I happen to know for a fact that Sony doesn't have a special biggy bank marked 'PS+ funds', nor have they actually used their boost in PS+ profit to better their services. They've pretty much made a promise to make you feel alright about having multiplayer locked behind a pay-wall, and subsequently took the money and ran. I know that sounds a little extreme but, that's the truth. If you need further evidence... well, Xbox Live had the attacks mitigated in hours, and PSN had it mitigated in days.
Mitigation is not stopping. Did you know that League of legends is a cloudflare customer? it's right on their customer page. LOL was one of the first targets of LS a couple months ago when they also hit blizzard and XBL for the first time, and LOL wasn't working. Anyhow, CloudFlare is a server provider, not a security provider. They make a lot of claims with a lot of marketing speak around it. They aren't bad overall as far as servers go. CloudFlare's solution to "protecting" against DDoS is to have massive server redundancy and capacity. MS has THE LARGEST single network in the world dwarfing cloudflare by a large margin, and they still couldn't protect against it.
To those who replied: my point was that the technologies exist to help mitigate such attacks or recover quickly when they do. @mzupeman - yeah you're probably right. Live's downtime wasn't unacceptable. Sony do have a long way to go. More than 24 hours is ridiculous.
DDoS is not a hack and is very very easy to do. These scum think they are great because they are getting fame for doing something that anyone can do. It would be wise to not mention their name when posting messages online as to limit their publicity.
I say let's find the members of the Lizard Squad and kill them all. I fail to see any other option. I kid I kid I kid.
I HAVE TO REACH THESE KIIIIIIIDS!!!
It's cool, Anonymous declared "war" on these guys, I'm pretty sure with how loose and open Anonymous is, they'll have at least a few people who can send their info the authorities or post it online.
Killing might be too harsh. But breaking all their fingers would be a good lesson.
Honestly, I blame Sony also. PlayStation Network Is Still Down And Nobody Knows Why Read more: http://www.businessinsider....
Well until we DO know, why don't you hush those gums, boy.
"Hush those gums" First time I've ever heard this saying, dying here!
Must be a country term of some sort. First time hearing it too lol.
@christian hour Not sure if Mechanism is from the uk or not but "Hush your gums" is pretty commonly used here in the East End of London! lol at using here Mechanism is too funny! Its pretty much a more polite way of saying STFU! or shut up! LOLOOL
Yup, Sony had plenty of warning that a DDoS attack was going to occur and could have taken the steps to minimize or prevent outages. The PSN is also still down even though the attacks have stopped and XBL was up and running instantly. I'm not too pleased with Sony's incompetence here but they know people will make excuses for them so I can't blame them for not giving a crap. If my customers were this stupid I wouldn't waste the cash to protect against DDoS attacks either.
Yet they said XL was weaker then PSN troll. Sony didn't know it was coming, Microsoft did and they failed.
The attacks haven't stopped...just so you know. They are now demanding more things for the attacks to PSN to stop
wow you know absolutely nothing about how the internet works right....
Sony had no warning. For the weeks before all I saw on this site was "Lizard Squad say they will attack XBL on XMAS EVE", there was absolutely nothing about PSN from what I recall.
the psn network has been up for hours now , you made this comment 3 hours ago, I have been using along with my son psn since 6 am this morning in Australia, that was over 8 hours ago.
You don't even own a Playstation product radler, what you're displeased about doesn't matter to Sony.
'attacks have stopped and XBL was up and running instantly' not true: xbl support link was still showing on and off all day yesterday and many complained. Indeed the stupid people are those taking DDOS attacks as an opportunity for their idiotic fanboy wars or just dont use their brains. Both services were very disturbed by these attacks
radler, MS had the same amount of warning, and it went down, too... and XBL most certainly was not back up "instantly."
Please elaborate on these steps to minimize or prevent outages. How do you know the attacks have stopped? Sony's servers should have returned to normal as soon as the attacked stopped without Sony having to do anything. That's how these servers work. XBL got back up and running quicker due to server redundancy and capacity, which is great, but overkill for any company that isn't facebook, ebay, amazon, internet server, etc. I see you claiming on all these articles up and down that DDoS is preventable, that these companies are at fault, but never once in all your ramblings have you provided any evidence to back up your claim that DDoS is 100% preventable. First thing they teach you in security classes(past the initial "what's a network BS everyone already knows) for people getting majors in security(or cursory security classes for general computer science degrees) is about DDoS attacks, because it's the most common form of attack in the world. I took a class that spent 4 of 16 weeks on DDoS and how to mitigate the effects of the attack in exhaustive detail. On the final exam, one of the questions was "It is possible to stop DDoS attack". it was true or false. The correct answer was false. Never once, was the term "prevent" used in relation to DDoS, because it's just not possible. One of the biggest things taken away from those lessons was that the only way to prevent a DDoS is to either shut down the server, or block all incoming connections. neither of which is ideal for a public server. Please do some research and stop posting your nonsense.
Sony went the smart way and Microsoft not so much. That's like starting your laptop after it's been in freezing cold for a while. Everybody knows you should wait for it to come to room temperature and a little more, but many start it right away but scratch their head if it starts acting funny. Microsoft started their services right away but faces issues today. Sony are making sure everything's okay before starting them. Sorry, but I don't blame Sony, I'm a fan of the smart way.
@mikeslemonhead I have nothing against Microsoft on this one. I get that they wanted to start it asap but they might have missed a chance to compare this attack to the earlier one as they probably tweak the security put in some logs.
DDoSing is kinda like trolling. It's annoying and there's no way to keep someone from doing it.
You can always block someone but that might not work in this situation.
There's usually a mute option for trolls.
You can black traffic from any Ip the only problem is determining what traffic is doing what where there are thousands of tcip connections at once.
More like millions per second continuously hitting the server. A lot of DDoS attacks used spoofed or fake IP addresses too, so blocking them doesn't work since they can still get through. Some attacks even cause the server itself to DDoS itself internally. DDoS is quite encompassing of a lot of different types of techniques to overload a servers connection ports. Anyhow, there are some ways to block IP's/MAC addresses, but aren't typically suitable for public servers such as any website or PSN or XBL and are better for private companies that can manage their networks better on an individual level. Some websites block IP addresses, but they almost always do it on an individual level, and more often than not, it's not a long term block since static IP's aren't that common.
"DDoSing is kinda like trolling." Thats the comparison I've been making when explaining this stuff to my less tech savvy friends and helping them redirect their hatred towards MS/Sony back towards Lizard Squad. I had one friend who was so angry at Sony/MS he looked up how to DDOS and joined in, took me a few hours to talk some friggin sense in to him. I doubt he's the only one that reacted in such a way, Lizard squad may have pulled back (or may have not) but who's to say theres not a bunch of angry loners and splinter groups still doing it trying to get a slice of that media attention? I honestly wouldnt be surprised if some of the sony fanboys here are trying to DDOS XBL right now, and some of the MS fan boys are trying to DDOS PSN, wouldn't be surprised at all.
lol I think you got it right there. Some think these companies fail to have a secure service and in their biased logic want to attack them 'because they shoudnt be so weak and that ll serve them right' so to speak. Also for a while Ive though these groups were made of fanboys, no doubt a few of them are
OMG, an article that actually understands whats happening!
Lizard Squad....more like Baby Squad, basement dwellers for life.
Ya this sucks, but there is some of confusion about not being able to play some single player games. Disconnect your PS4 or Xbox from the Internet and Dragon Age won't look for the server in an infinite loop. Same for FC4.
You'd have to be a really sad kind of idiot to blame Sony or Microsoft for this. Sony and Microsoft aren't the ones taking down their own services. The services are always up unless they're successfully attacked. And no, buying a botnet doesn't make you a hacker. Come out of your proxies, cowards. Face your actions. Oh wait, you'll be in jail. Carry on in your basements. You'll be caught either way. Sad lives these scumbags are living, isolated from the world, hiding like rats.
I blame all three. Sony and Microsoft for failing to have the infrastructure to handle this attack (especially Sony, Xbox was up much faster) and the lizard squad for doing this BS. And the first place. Sony really should have learned from that 2011 hack even though it was a different type.
Ddos is not really hacking.... nor was it the same type of attack in 2011