heRO-Server Forum
Situation Update (from Pandora) - Printable Version

+- heRO-Server Forum (https://www.pandoraonline.net/forum)
+-- Forum: Game Related (https://www.pandoraonline.net/forum/forumdisplay.php?fid=1)
+--- Forum: General (https://www.pandoraonline.net/forum/forumdisplay.php?fid=2)
+--- Thread: Situation Update (from Pandora) (/showthread.php?tid=9058)

Pages: 1 2 3 4 5 6 7 8 9


RE:??Situation Update (from Pandora) - Slate - 02-21-2009

TPC Wrote:Thats not 100% correct, that kind of attack is not called a brute force attack, its a denial of service attack. A brute force attack is when you try to crack something (for example an encrypted file, or a password) by trying every possible combination of characters there is as the key. until you find the right one.

Nice to get an update on the situation, I hope you can have this resolved soon.

Believe by 'brute force' they were referring to the method itself rather than the technical term. They've called it a DoS in previous posts; just referring here to the method's lack of finesse or precision. It's just wave after wave of info.


RE: Situation Update (from Pandora) - huihshen - 02-21-2009

Ok, I don't know what exactly Panda have done so far, but here is what I was suggested in the case of an DoS attack by my friend who's got a PhD in computer science

you have to require IP resolution before servicing the request, if the same IP tries to make a lots of requests in a short period of time you then block them. It will still be lagging while you are singling out all the IPs of the offender because they are still flooding in. But then it will end, rather than Denied service for as long as the attacker wants.

The IP resolution is much less computationally intensive than the actual requests, especially if its cached, its just in memory and it just needs to compare it, it is like 1 primative

PS. if it is too overloaded for Pandora to make these changes, she probably has to disconnect the server and look at the logs


RE: Situation Update (from Pandora) - Fruityla - 02-21-2009

I'm wondering if it wouldn't just be better to leave the server down until the protection in installed. That way Panda won't have to do all that work getting it up only for it to go down again within hours Icon_sad


RE: Situation Update (from Pandora) - Salvosa - 02-21-2009

This is pretty interesting. Hope the 'protection' can be installed soon, or whatever needs to happen. Until then, I need a RO break anyway. No big woop.


RE:??Situation Update (from Pandora) - TPC - 02-21-2009

huihshen Wrote:you have to require IP resolution before servicing the request, if the same IP tries to make a lots of requests in a short period of time you then block them. It will still be lagging while you are singling out all the IPs of the offender because they are still flooding in. But then it will end, rather than Denied service for as long as the attacker wants.

This doesn't work if the attack is just generating as much traffic as possible to keep the target connection overloaded, which is the most common method, and what seems to be happening here. This would only work for minor attacks. For larger attacks by the time it gets to a point that you can filter it out on the same computer or even the same network its already too late, it has already used up the bandwidth and resources it needs to use up to prevent legitimate uses.

Fruityla Wrote:I'm wondering if it wouldn't just be better to leave the server down until the protection in installed. That way Panda won't have to do all that work getting it up only for it to go down again within hours Icon_sad

From what they have described so far it doesn't go up when they do something specific, but rather when the attacker decides to stop attacking for a while. Its not any work on the part of the GMs that is making the servers come back each specific time (altought I'm sure they are very busy doing what they can to try to prevent it). So there is no extra work in leaving it on. This is usually how it is with these kinds of attacks.


RE: Situation Update (from Pandora) - huihshen - 02-21-2009

well, i suppose if all fails, we can each ditch in some money for
this eh?

http://www.prolexic.com/?source=google&gclid=CIyA_eXS7pgCFRMUagodcArj0g


RE: Situation Update (from Pandora) - GM-Ayu - 02-21-2009

It's not like Pandora didn't chip in even more money for the server to fight this off, just that our provider isn't going to get it up until the next business day (which is monday) and that's why we GMs keep saying to wait for Monday.


RE: Situation Update (from Pandora) - Arkanis - 02-21-2009

Does any GM knows the ip and or the person who did it, cause if yes just call the police. Hacking is forbidden and can be persued. Pandora could win money for the server maintenance xD


RE: Situation Update (from Pandora) - Davey~ - 02-21-2009

but couldn't we get in trouble for playing a hacked server?


RE: Situation Update (from Pandora) - Barbarossa - 02-21-2009

*cries* I want my heRO back!!!
WAAAAAAAAAAAAAAHHHHH!!!