LIZARD SQUAD is Back. Planning XBL Attack. "Biggest attack yet". [UP: XBL/PSN Down]

robinsxe said:
Yeah, i've had to wait for it to time out several times today. Easier to just tell your console not to connect to the internet though like the previous poster said, but both ways are working.
Click to expand...

Ground Zeroes and LBP3 just flat out freeze for me if i haven't disabled internet connection. It's a serious flaw in the system that should have been fixed by now. kids on christmas won't know what the fuck is wrong with their single player games.
 
NotSmartEnough said:
Can I ask a dumb question
and then get slapped down for it
?

The root cause of this is the way TCP/IP works and the presence of large botnets, right? If it was just the lizard idiots' own servers that were generating the traffic then they wouldn't be to generate sufficient volume to swamp services?

There must be a signature profile for a zombie PC (n pings to IPs in range this narrow, say), ISPs could identify and throttle identified zombies, couldn't they?

I'm not saying it's easy or even practical, but isn't it possible in theory?
Click to expand...

I think the issue is that in order to tell when connections are coming from a zombie, you need processor power, and there simply isn't enough processor power or time to do that? I'm no expert tho.
 
0 IF BOTNET
10 REJECT AUTHORIZATION
20 IF ACTUAL PERSON
30 APPROVE

jeez do i have to write the code for sony and ms whats so hard about this

edit: seriously though, this is crazy.
 
EatMyFace said:
Their reasons for doing this aren't actually that crazy. If this forces companies to upgrade their security and have faster response times to these attacks then it's a good thing.

The bad thing is the many innocents getting caught in crossfire.
Click to expand...

That's just a bullshit reason on their part to sound like they're doing us a favor. Fuck them.
 
NotSmartEnough said:
Can I ask a dumb question
and then get slapped down for it
?

The root cause of this is the way TCP/IP works and the presence of large botnets, right? If it was just the lizard idiots' own servers that were generating the traffic then they wouldn't be to generate sufficient volume to swamp services?

There must be a signature profile for a zombie PC (n pings to IPs in range this narrow, say), ISPs could identify and throttle identified zombies, couldn't they?

I'm not saying it's easy or even practical, but isn't it possible in theory?
Click to expand...

Judging from the current attacks as published, they could drop all traffic from China at their upstream providers to get rid of most of it. Pretty drastic. I'd be doing it.
 
EatMyFace said:
Their reasons for doing this aren't actually that crazy. If this forces companies to upgrade their security and have faster response times to these attacks then it's a good thing.

The bad thing is the many innocents getting caught in crossfire.
Click to expand...

There is a dangerous "ends justify the means" logic here. It'd be like walking into someone's house and shooting their dog. But hey, if the house has better security after that, and the dude gets a new dog, all good right?

There is a problem here when ascribing motivations. The "they" in Lizard Squad, is nebulous. Were the people interviewed on BBC the ACTUAL people who have been claiming to be the group Lizard Squad on Twitter all year? Or were they just willing pawns that went on the show for the luls? What about the people controlling the LizardMafia account on Twitter? Are they still the same people who controlled the original LizardSquad twitter account that has long since been banned? What about the people interviewed in that one article?

We have no way of knowing if all these are the same people, different people, copycats, or what. So while one instance might claim a moral highgroundish hacktivist creed of "we're doing it to better the internet", the other half goes "lulz I press button your game stops working."

If LizardSquad *really* was a singular entity, and they really understood how the internet worked, then they already know there IS no cure for DDoS while the TCP protocol exists in its current state. So they're just blowing smoke, and making companies spend lots of money to defend against... them. The problem then isn't Sony or MS, the problem is the bully who walks into the shop and starts smashing things with a hammer, screaming "why don't you have a permanently stationed policeman here, bro!".

NotSmartEnough said:
Can I ask a dumb question
and then get slapped down for it
?

The root cause of this is the way TCP/IP works and the presence of large botnets, right? If it was just the lizard idiots' own servers that were generating the traffic then they wouldn't be to generate sufficient volume to swamp services?

There must be a signature profile for a zombie PC (n pings to IPs in range this narrow, say), ISPs could identify and throttle identified zombies, couldn't they?

I'm not saying it's easy or even practical, but isn't it possible in theory?
Click to expand...

You're not wrong, and that is how a lot of DDoS mitigation works. It's a several step process.

1. Darknet of Mitigation Company reports that there is a lot of DDoS like activity starting to flood a specific IP range.
2. Said IP range is used by Company B who has hired the Mitigation Company to help protect them.
3. Mitigation Company analyzes what their darknet honeypots and scanners are seeing, identifies the type and scale of attack.
4. Mitigation Company alerts Company B, and tells them to switch their routing tables for their services to funnel everything through Mitigation Company's servers.
5. Now Mitigation Company is filtering all the DDoS junk flooding in, using their expert knowledge. They are also in contact with all the major ISPs and trunks along the route the DDoS is coming from, but a lot of this comes from other nations. There's only so much you can do in the telecoms industry when dealing with national divides, and how responsible other countries might feel about what's coming out of their ISPs. While the target of a botnet exists in one place, the botnet itself can exist in multiple countries, all around the world, all attacking at the same time, from all those locations. We're talking millions of PCs all simultaneously doing a thing. It's like if your entire yard suddenly exploded with ant nests, and you have one spraycan. You can call for help, others that will come and spray, but that will take some time. Or you can hire a full platoon to stand in your yard all day, just in case. And if ants never come, wow you're spending a lot of money to have people stand in your yard.
6. Mitigation Company is using its knowledge of the style of DDoS to mitigate the attack somewhat, but there are always false positives, and so users of Company B are still seeing timeouts, disconnections, or other issues.
7. Mitigation Company is also reporting back anything they learn about the DDoS to anti-malware companies, so that the anti-malware people can create innoculations or removals for the style of malware that might be causing this particular DDoS.
8. DDoS starts to dial down, Company B can resume normal operations, and Mitigation Company gets paid for services rendered if they're not already on retainer.

Wash rinse repeat each time the malware changes, the style of attack changes, etc. It's an arms race. The problem being, while anti-malware and mitigation does get more complex and sophisticated, botnets grow exponentially and have brute force on their side. If a botnet can't take down the datacenter of Company B, it might try to take down the ISP that provides them access, or the ISPs that connect to the ISP that provides them access, and so on.
 
Miktar said:
.

So yeah, a totally new internet protocol that doesn't allow itself to be used for DDoS attacks! Sounds great, entirely possible - except you have to replace the entire current internet, with this new internet. And who will lead us to this brand new land? I'm sure every corporation has an idea, and perhaps there are a few coalitions that might form to suggest it. But you've seen how impossible it is for companies to agree on a global standard. Everyone wants to use the things they own the patent for, so that they can make money off ideas. It's a mess.

I sometimes think the only reason the internet exists as it does today, is because it was lucky enough to be born before anyone could really claim ownership of it. But that means it has no steward, nobody is responsible for it, or takes care of it. And therein lay our problem.

We need to replace it, but can't.
Click to expand...

People really need a shake when they suggest new protocols

IPv6 is becoming increasingly necessary and it's still only at 5% adoption
 
jesu said:
2I5Knlf.gif
Click to expand...

Disgustingly brilliant gif
 
NotSmartEnough said:
Can I ask a dumb question
and then get slapped down for it
?

The root cause of this is the way TCP/IP works and the presence of large botnets, right? If it was just the lizard idiots' own servers that were generating the traffic then they wouldn't be to generate sufficient volume to swamp services?

There must be a signature profile for a zombie PC (n pings to IPs in range this narrow, say), ISPs could identify and throttle identified zombies, couldn't they?

I'm not saying it's easy or even practical, but isn't it possible in theory?
Click to expand...

In a nutshell, blocking incoming ips and blocking them is not the issue. Determining who is a real user is a different story. You may end up blocking an ip that is from a legitimate user.
 
For the first time in awhile it let me actually get to the sign in screen on the PS4 I got all excited until I tried signing in and it's still the same shit can't connect. Hope is a cruel thing isn't it?
 
NotSmartEnough said:
Can I ask a dumb question
and then get slapped down for it
?

The root cause of this is the way TCP/IP works and the presence of large botnets, right? If it was just the lizard idiots' own servers that were generating the traffic then they wouldn't be to generate sufficient volume to swamp services?

There must be a signature profile for a zombie PC (n pings to IPs in range this narrow, say), ISPs could identify and throttle identified zombies, couldn't they?

I'm not saying it's easy or even practical, but isn't it possible in theory?
Click to expand...

There is no signature for zombie PCs; they look just like any other PC to a server.

In fact, a lot of the time they might just be any other PC. Hell, your PC could be a zombie, and odds are good you probably wouldn't notice.
 
Miktar said:
The reason why DDoS works, is because it uses the way the internet "talks", the Transmission Control Protocol, against itself. TCP is one of the most fundamental building blocks of the Internet (it's a part of the Internet Protocol Suite, or IP). That's where "TCP/IP" comes from.

The basics of TCP come from the Institute of Electrical and Electronic Engineers, from a paper published in 1974. It was a genius bit of work, but it didn't anticipate the sheer size of the internet today, how reliant people would be on it, and how easily it could be subverted.

There isn't just one style of DDoS attack, there are many, that's how numerous the issues with the TCP protocol are. And the best people can do, for now, is "mitigate", lessen the effects, slow things down and try to filter out the junk, etc. But it's a war that can't be won, because as long as TCP has its fundamental issues, people can abuse it.

The solution would be - write a new, modern protocol. In a way, that's not unlike how operating systems improved over the years. Windows 95 had so many exploitable issues, some got patched, but others were a hard-coded issue in the core of the OS. So Windows 98 comes out, those issues not present because it was a new core. Although that core had it's own issues. Even so, the viruses that used to plague home computers in the 90s, don't exist anymore because they simply can't function in the modern ecosystem. Except now we have a new paradigm: malware. Still kind of like a virus, but different enough that conventional protection doesn't catch it. Antivirus software doesn't defend against malware, although some antivirus companies are starting to release anti-malware as an addition to their antivirus. Anyway, malware is usually non-destructive, and the kind that add your computer to a zombie botnet are designed to basically do nothing to ever alert you to its existence, because if your computer started acting up, you might go looking for the problem and find it. Until the botnet is told to do something, and then your PC starts broadcasting its contribution to the DDoS attack.

So yeah, a totally new internet protocol that doesn't allow itself to be used for DDoS attacks! Sounds great, entirely possible - except you have to replace the entire current internet, with this new internet. And who will lead us to this brand new land? I'm sure every corporation has an idea, and perhaps there are a few coalitions that might form to suggest it. But you've seen how impossible it is for companies to agree on a global standard. Everyone wants to use the things they own the patent for, so that they can make money off ideas. It's a mess.

I sometimes think the only reason the internet exists as it does today, is because it was lucky enough to be born before anyone could really claim ownership of it. But that means it has no steward, nobody is responsible for it, or takes care of it. And therein lay our problem.

We need to replace it, but can't.
Click to expand...

Thanks, a pretty nice reading and well, the idea of creating a whole new internet is pretty amazing, but I prefer that no one really owns the internet (or takes the responsibility to bring us a new internet) and everybody is responsible of their own castle.
 
Fix The Scientist said:
Ground Zeroes and LBP3 just flat out freeze for me if i haven't disabled internet connection. It's a serious flaw in the system that should have been fixed by now. kids on christmas won't know what the fuck is wrong with their single player games.
Click to expand...

The exact same thing happened to me last night while playing Alien Isolation on Xbox One when Live started dropping again. Just lag and freezes.
 
Two quick question guys:

Is Internet2 more secure than the standard internet everyone uses?

Is it conceivable that we could all be gaming over Internet2 connections by the time the next generation of consoles are in place (by say 2020) ?
 
Miktar said:
The reason why DDoS works, is because it uses the way the internet "talks", the Transmission Control Protocol, against itself. TCP is one of the most fundamental building blocks of the Internet (it's a part of the Internet Protocol Suite, or IP). That's where "TCP/IP" comes from.

The basics of TCP come from the Institute of Electrical and Electronic Engineers, from a paper published in 1974. It was a genius bit of work, but it didn't anticipate the sheer size of the internet today, how reliant people would be on it, and how easily it could be subverted.

There isn't just one style of DDoS attack, there are many, that's how numerous the issues with the TCP protocol are. And the best people can do, for now, is "mitigate", lessen the effects, slow things down and try to filter out the junk, etc. But it's a war that can't be won, because as long as TCP has its fundamental issues, people can abuse it.

The solution would be - write a new, modern protocol. In a way, that's not unlike how operating systems improved over the years. Windows 95 had so many exploitable issues, some got patched, but others were a hard-coded issue in the core of the OS. So Windows 98 comes out, those issues not present because it was a new core. Although that core had it's own issues. Even so, the viruses that used to plague home computers in the 90s, don't exist anymore because they simply can't function in the modern ecosystem. Except now we have a new paradigm: malware. Still kind of like a virus, but different enough that conventional protection doesn't catch it. Antivirus software doesn't defend against malware, although some antivirus companies are starting to release anti-malware as an addition to their antivirus. Anyway, malware is usually non-destructive, and the kind that add your computer to a zombie botnet are designed to basically do nothing to ever alert you to its existence, because if your computer started acting up, you might go looking for the problem and find it. Until the botnet is told to do something, and then your PC starts broadcasting its contribution to the DDoS attack.

So yeah, a totally new internet protocol that doesn't allow itself to be used for DDoS attacks! Sounds great, entirely possible - except you have to replace the entire current internet, with this new internet. And who will lead us to this brand new land? I'm sure every corporation has an idea, and perhaps there are a few coalitions that might form to suggest it. But you've seen how impossible it is for companies to agree on a global standard. Everyone wants to use the things they own the patent for, so that they can make money off ideas. It's a mess.

I sometimes think the only reason the internet exists as it does today, is because it was lucky enough to be born before anyone could really claim ownership of it. But that means it has no steward, nobody is responsible for it, or takes care of it. And therein lay our problem.

We need to replace it, but can't.
Click to expand...

thesimpsons-what-a-time-to-be-alive.png
 
system11 said:
Judging from the current attacks as published, they could drop all traffic from China at their upstream providers to get rid of most of it. Pretty drastic. I'd be doing it.
Click to expand...

If USA companies and servers keep getting attacked from China Botnets then maybe this could happen and USA could throttle all internet coming from China / Korea ?
 
dacalo said:
Totally unrelated.
Click to expand...

How positive are we of that the hackers that attacked Sony Pictures said specifically they had something BIG planned for Christmas. For all we truely know it was neither North Korea that attacked Sony Pictures nor Lizard Squad attacked SOE. And this could easily be part of that since its all in the same server farm. All I'm saying is don't jump the gun yet. Not till Sony explictly makes some offical statements.
 
Hello offline, my old friend
I've come to play with you again
Because a vision softly creeping
Left its connection while I was sleeping
And the vision that was planted
In my brain still remains
With the sound of silence
 
You must log in or register to reply here.

Similar threads

PSN is down (Update: Back up)
19 20 21 22 23
1K
68K
Negotiator replied
  • Locked
Ubisoft to release Assassins Creed Shadows on the same date as the biggest terrorist attack in Japan's history
2
67
4K
Complistic replied
The First Berserker: Khazan Demo Live on PSN/XBL/Steam - Progress Carries to Full Game
2
65
4K
Dorfdad replied
Angry From Software fan attacks Shuhei Yoshida, Shu replies back
Drama Community Cringe 
31
2K
near replied
Why has the narrative switched from just buy a PC to a sudden attack on PC gaming?
2 3 4
173
8K
Thebonehead replied
Top Bottom