Sony and Microsoft cant do much – DDoS attacks explained

The Eccentric Gamer writes: "Gamers should realize that both Sony and Microsoft cant do much to stop the DDoS attacks by Lizardsquad. Across the internet, countless people are complaining that Sony or Microsoft should do more to stop the DDoS attacks.

Clearly, people do not understand how DDoS attacks work. For the uninformed, here is a clear explanation as well as two videos that show just how a DDoS attack works."

Read Full Story >>
The story is too old to be commented.
Sillicur1418d ago

Still sad that these no-life hackers want to ruin xmas for everyone :(

CptEccentric1418d ago

Agreed, but people should not be blaming Sony or Microsoft for the issues at all like I see so many times.

DDoS attacks are near impossible to stop :(

TheLyonKing1418d ago

I am glad there is an article explaining these aren't hacks, they can't really be blocked and I hate how the media generalises it to hacks, pretty sure the bbc said they were hacks. This just builds up pointless noterity when they are basically just flooding servers.

I am not a huge online gamer, I am stuck in my ways of purely single player but I can understand the frustration, epically new gamers wanting to play on Christmas day.

Spartacus101418d ago

I'm not expert, but cant they just get people to register their IP/MAC addresses, and only those addresses/consoles/accounts can communicate with the PSN/XBL network?

Stoppokingme1418d ago

Let's hope the loser squad got carpal tunnel for Christmas.

donthate1418d ago (Edited 1418d ago )

DDoS attack is NOT near impossible to stop. MS has successfully defended it many times against Lizzard Squad.

The key to defending DDoS is detecting it early, have great network traffic analysis, migration and an awesome firewall.

Is it a difficult problem? Sure, but so is securing your network. Point being, don't give companies a free pass and don't hype it up to be some unsurmountable problem!

There is a reason why one network, PSN, goes down far longer than another, XBL:


Since a DDoS doesn't care about the the data, only the traffic it generates it is easy to spoof the MAC. The IP you can, but it is important to have the tools and expertise ready to analyze the traffic to determine which are targets and which are legitimate traffic.

A lot of times, during a DDoS the attacker is using infected zombie computers so it makes it harder to mitigate it.

Th3o1418d ago


Most ppl don't have a static IP, we have dynamically set ips which the lease gets revoked after a while.

It's extremely difficult to stop a DDOS, but it is possible.

Baka-akaB1418d ago (Edited 1418d ago )

XBL working better and being less time down is great , granted ... but ultimately both cant handle a real attack such like the XMAS one , on top of traffic .

Most DDoS either hit a port, the index.php (or similar file), or the web URL itself. But that's also exactly what every single legitimate internet user is also doing, so it's kinda hard to determine "this guy is looking at our main web page and he's legit, but THIS guy is looking at our main web page and is not legit".

The traffic itself is (usually) pretty innocent-looking. Even if you employ some sort of DDoS mitigation service, it can't filter out all the bad traffic.

Of course there are nuances and a few solutions , but not all of them are practical or easy to deploy on a large scale ... and few are DDoS fullproof

It's not use playing the "mine is better" game , both need to up the ante in all possible areas of security

bigbri6420001418d ago

What I blame Sony for is not having a way to play a digital game offline. It's a joke. I have Need For Speed, BF4, and Driveclub digital copies and have been locked out since early afternoon Tuesday. I can't even watch Netflix that I pay for. Everything has a lock on it. Message of, Can't connect to the server to verify the license. If this is how its gonna be I'll never buy a digital game again!

Mega241418d ago


If you activate your account on your PS4/PS3 you wouldn't have that problem. I could play all my friend's games but not my own since he has my account and I have his (game share). As for Netflix, idk how the apps work, I use my consoles for gaming.

DragonKnight1418d ago

@donthate: MS has done a great job of stop Lizard Squad this time haven't they?

Baka-akaB1418d ago (Edited 1418d ago )


Except there is a way . i've got digital version of the some of games you listed . And i'm played them fine .

It was just a matter of having licenses activated via making a console your primary . And to play offline you log out or unplug , otherwise the console will as expected try to check and connect to servers .

christian hour1418d ago


I'm in the same boat. Unfortunately I'd played all my friends games to death and had just bought Dragon Age digitally to play while home for the holidays.


I'm confused by your statement. You CAN play your digitally purchased games without an internet connection. As long as your ps4 is set to be your primary one.

And netflix? I don't even need to sign in to use netflix or the web browser or youtube.

thekhurg1418d ago (Edited 1418d ago )

So why was xbox live only down for a few hours and PSN hasn't been worth shit since this crap began during the late hours December 24th?

Been trying to play Destiny for going on two days now and can't do a damn thing.

Blizzard stops them, Microsoft clearly understands how to minimize the impact of these lizard scrubs - but Sony? No. We sit and suffer through excessive downtime whenever people decide to be online pricks and attack the service.


I find it hard to believe you even own a PS4. I have Lords of the Fallen, Dragon Age, Diablo, The Last of Us and Destiny as digital games. I can play all of them except Destiny. I've watched Netflix several times as well.

indyman77771418d ago

DDOS is a catch 22 problem. It's not a matter of just upgrading your security software, or upgrading your servers.

Okay here is my simple explanation of an DDOS (Distributed Denial of Service).

Say you want to signon to a game service so does thousands of other people. 99.99% are legit attempts, even if the password is wrong a few times.

What happens if there are billions of signon attempts? No gateway can keep up with that. Now only one out of a million attempts to sign on are legit!

What if I block everybody? Guess what now your 100% down to everyone (including legit gaming signons) and you could be in the same boat once you unblock everyone.

So you must research all these addresses. Some IP addresses you know are legit if machines have not been assigned a new IP since the gameing service was last working well.
Some internet companies are constantly changing home ip's. Turning off your Router for 15 minutes will do it too. But during a big release,
what is Sony and Microsoft to do? Block every IP that is new? Many people buy systems for games for big release games like Second Son, or Halo. And Christmas demand MANY more legit NEW requests.

Here is another catch 22, because many internet companies reassign IP's some of the ones that was legit, are now assigned to a machine with the DDOS).

But eventually this is a good thing you can research and find out where most of the requests are coming from. Here is the other part of the catch 22. 99.999999999% of the request's are coming from innocent people that don't even know that they're machine is infected with an ddos! (hence the word DISTRIBUTED). So you must block many people from making a request (which also is slowing you down).

More bandwidth, and hardware does help some. But it is not the trump card.

I'm not a network Admin, but I'm a software developer. But I have this information from some good ones on that side of the fence.

I just want to help people that think, it is a simple problem and that these two companies are not trying to protect themselves. And thinking that chest pumping is going to scare people. History has shown that It will just attract MORE attackers, and scare none away, causing us to have more headaches with our off time. Microsoft, and Sony are not as stupid as some of us judge them as.

radler1418d ago (Edited 1418d ago )

DDoS attacks are not impossible to stop like the uninformed would have you believe. There are companies that are more than capable of handling DDoS attacks, but Sony and Microsoft didn't want to spend the cash to protect the PSN and XBL from the attacks so their customers had to suffer, plain and simple.

Anyone making excuses for Sony and Microsoft is a fool, especially since LizardSquad even made it perfectly clear in advance that they planned to do this. The fact that PSN/XBL went down just goes to show how horribly incompetent these companies are. If Sony or Microsoft had any sense they would have planned ahead and hired a company such as Cloudflare to protect their networks, and nobody would have seen any downtime at all. For reference, Cloudflare successfully protected against the largest recorded DDoS attack earlier this year.

You people need to stop making excuses for such crappy service because Sony and Microsoft are laughing while raking in subscriptions fees that are pure profit.

And where are we now on Dec 26th? Xbox Live seems to be back up for people while PSN remains down without a peep from Sony. Great job guys, well done. This entire DDoS attack could have easily been prevented but nope, can't go spending the cash to ensure the service is stable...

Anyone defending Sony or Microsoft is a mug, plain and simple.

BattleAxe1418d ago

Well, if these events keep happening, I can't see how either Sony or Microsoft will be able to continue to charge people for online gameplay, since they can't guarantee when player will be able to play online.

Baka-akaB1418d ago (Edited 1418d ago )

Of course it's not impossible , but it's not as easy as you guys claim .

DDoS is a global, fundamental issue with the very structure of the Internet. It's a real problem that can't always be solved just by throwing money or servers at it.

And mitigation doesnt necessarily work the way people believe or imply . Let's say the average size of a DDoS attack for the year is 10Gbps. Sony or MS then pays their mitigation partner up front for services that will be rendered during a 10Gbps attack. Their mitigation partner uses the funds to set up the eventual routing that will be required when the attack happens, have the manpower ready to respond, all the systems and programs, filters, etc - then a attack happens and it's 100Gbps. Now what?

Systems go down, the mitigation partner does their best, possibly handling at least a quarter of the attack well, but the end user is still affected.

Next year, Sony or Microsoft invests the money for 100Gbps protection. It's costing a lot, draining money from the companies . But hey, at least we're protected right?

a) An attack never happens, the money was wasted (but of course not the customer's problem)

b) An attack happens, it's 400Gbps now instead of 10. Dangit.

Wash. Rinse. Repeat.

Of course you guys will argue about companies that resists ... but forget how big of spectrum they cover right now for the internet , and their scope .

Paypal , visa , mastercard have all been strained or crashed too .

Google was not totally safe , it has been the actual launching pad for DDoS attacks in the past , and has of course been developing since forever they own mitigation or anti DDoS tools .

Some of those tools are not efficient for gaming FIY and could induce lag in some cases btw .

And Amazon has spent years creating and refining an "elastic"infrastruct ure, called EC2, designed to automatically scale to handle giant traffic spikes. The company has so much spare server capacity, in fact, that it runs a sideline business hosting other websites.

Like it or not , the "tiny' gaming operation from MS or Sony can't compare .

Of course you can request a better service for the money paid , that's fair imo . But you'll always find people to argue that they do offer you better servers , services and chatting functions , if not complete security .

PS : i'd love to get rid of mp mandatory subs personally for all of those consoles

christian hour1418d ago


Just checked there, My friend still can't get on to xbl, keeps getting timed out. I'll keep you guys posted on his status though if that changes :)

ShinMaster1418d ago (Edited 1418d ago )

@ donthate

WRONG. You need to update your info. PSN is currently more secure than XBL apparently.

""The easier game network to take down was Microsoft’s Xbox Live. Sony had apparently upgraded its security recently, which took “a bit of time to work around,” but Microsoft had “almost nothing” in terms of security.""


christian hour1418d ago

My friend just got on to me there, he's finally connected to XBL, still no PSN love on my end :(

+ Show (16) more repliesLast reply 1418d ago
1418d ago Replies(2)
dodo1011418d ago (Edited 1418d ago )

'Hackers' ddos attack is something everyone can do.

Muzikguy1418d ago

I wonder if these kinds of things were even thought about during the "always online" reveal of the X1. This is just another reason why that was a bad idea and I don't ever want to go down that road again. As it stands, whether it's Sony's fault or not, I'm mad at them and won't be paying for Plus come the end of January. These companies want us to be online, they want us to pay for online, but they can't keep a stable network during high frequency play times. I'm so frustrated. Yes I should probably direct my attention elsewhere but this is just ridiculous. If they need to work with the authorities then so be it. Something needs to be done!

bigbri6420001418d ago

Totally agree. Weather or not it's Sony's fault. I bought games from them( digital) and I pay for a service that I have not been able to use since the afternoon of December 23rd. Have not been able to play any digital game at all, they all have locks, even netflix. Shouldn't we be allowed a prorated membership? Heck if our cable goes out even Mediacom offers service for the days cable is out.

1418d ago
christian hour1418d ago


Stop spreading nonsense, you can play your digitally purchased games offline, you can watch netflix without being connected to PSN. If you didn't set your ps4 as your primary one then it's you own fault you're not able to do anything with your console right now.

My PS4 isn't my primary either, but that's because I'm console sharing with a friend, so at least I have all his games to play still.

AceBlazer131418d ago

if it's one thing im greatful for these attacks for is that they helped me realize an always online/digital future is complete ass. Bought all my ps4 games so far digitally, now I'm at my friend's house for the holidays and i can't access my games from his console because psn can't verify that i own the licenses.

Back to physical for me.

bigbri6420001418d ago

I'm in the same boat. Cannot access digital games at all. Even netflix. BS.What about having our memberships prorated for the days we are unable to use?

Baka-akaB1418d ago (Edited 1418d ago )

You keep repeating this , but it isnt true . Digital games are accessible offline , if not , it's because of your settings . Or some bigger issue with those on your end .

For most people , those that would be unplayable are game that needs an online component to run , and those are only a few or 100% online centric .

once_a_jedi1418d ago

These guys aren't hackers,they should come back when they control the critical infrastructure of 16 countries, including the USA & Saudi Arabia! ;-)

THC CELL1418d ago

So much for ms 300k servers.

3-4-51418d ago

* Solutuion:

Offer $1 million dollars PER PERSON, get a group of hackers and other tech specialists together to figure out how to stop DDOS attacks.

DON'T tell me " they can't be stopped"...

The solution exists....somebody just may not have discovered it yet.

Not just stop these, but trace them.

If something started somewhere IT HAS A SOURCE.....

No matter how small or minute......there is a source, and it can be found.

Somebody, somewhere, knows how to go about doing this in a way that benefits everyone.

* You guys still all aboard the "always online" hype train ! ???

I want the next consoles to GUARANTEE OFFLINE Single Player experiences FIRST AND FOREMOST.....

ITPython1418d ago

An interesting way to look at DDOS attacks is that the majority of all of us who use the internet are the biggest part of the problem. Think about it, if these script kiddies can't infect peoples computers with botnets, then it would be a heck of a lot harder to pull off DDOS attacks and would be easier to track down and stop.

It's people who don't take computer security seriously is why DDOSing is so effective and hard to deal with.

So you want to put an end to DDOs attacks? How about looking in the mirror first and securing your computers. Ditch Internet Explore and Norton AV and get some real security solutions and browsers already. Also don't leave your internet connections active when you are not using your PC, it's essentially the same thing as leaving house windows wide open when you leave home.

Would be nice if people were required by law to install and use good security software. Because some casual internet surfer with no decent security (or none at all) is essentially giving ammo to these cyber terrorists once his machine gets infected. If there is no infected machines, DDOSing would essentially evaporate overnight and never would be a problem again.

Raiden1418d ago

Hey I have sledgehammer some very large nails and a brand new nail gun, now which one am to use on these #%&*#@£% hackers, starting with there knees then fingers ending by cracking there skull open, do there realize how many people they made unhappy this Christmas, remember krama is bitch and I hope it really bad when it comes to them.

+ Show (7) more repliesLast reply 1418d ago
CptEccentric1418d ago


Thank you kind sir/madam, that is exactly what I wanted to do, inform people. After I saw an article called "Microsoft and Sony should stand up to lizard squad", I just had to try and help people understand :)

Kivespussi1418d ago

They can't really prepare for DDoS attacks, no amount of servers can. But still I'm amazed how there hasn't been any consequences to Lizard Squad, they're interrupting the business of a huge company affecting millions, why aren't they locked up already? Are they hard to track down or is there some legal crap in the way?

CptEccentric1418d ago

Honestly they should be locked up. I am sure they are under investigation at the very least. However, these people are pretty difficult to find.

I would like to see a group like Anonamous actually jump in and help find these guys...That would be cool.

Gh05t1418d ago (Edited 1418d ago )

So you want one group of radical hackers to be locked up by getting another group of radical hackers to find them... Yeah that makes sense.

Lock them all up. If you break the law you deal with the consequences.

xtheblackparade1418d ago

yea, that actually does make sense. Because most (IT) experts are not with the government but with a group that pays well.

MelvinTheGreat1418d ago


Lizard squad are not hackers

1418d ago
DanteVFenris6661418d ago

And what would anonymous do? Fucking threaten keyboard warrior them. Most hackers even them are complete pussies when it's time to go off there computer

+ Show (2) more repliesLast reply 1418d ago
Kayant1418d ago

Probably hard to track down because for ones they will be using things like VPN's,Proxies to hide their IP and the attack itself comes from millions of affected PCs that act as bots to be used in the attack.

Avernus1418d ago (Edited 1418d ago )

They can't do much, except aggressively pursue people that DDoS on this scale. Catch them, and show others that they're serious about catching them, and punishing them according to whatever law they use.

There should be consequences to their actions, and not just be rewarded with free shit. Catch these little turds.

Sillicur1418d ago

There definately should be consequences to their actions, hopefully they get what they deserve in the end.

nosferatuzodd1418d ago

Indeed I say 10 years of hard labor for first offense

xtheblackparade1418d ago

We should get together with like a million of angry gamers and start a corporate detention facility for people like this.

DaBooth1418d ago

hard to find try here anyone live close and has a bat spare ?