Support NeoGAF

[pablonerru]

Saw this, found it slightly amusing

 

[biteren]

the whole flight ordeal made the local news here, FBI said they're looking into this, so its on now.

 

[213372bu]

And the situation gets even more interesting as Unknownsec (what seems like a Grey Hat group) goes after Lizard Squad: https://www.facebook.com/unknownsec

This could so be a movie.

 

[Hidden One]

Internet war.

It's just like Watch Dogs

 

[Two Words]

Don't get why people who have no knowledge on network security are trying to make such specific claims about network security.

 

[Ambition]

http://gotgame.com/wp-content/uploads/2014/05/rrc1594.gif[IMG]

Saw this, found it slightly amusing[/QUOTE]
I don't get it.

 

[Daemul]

I shouldn't even be here, it's my Titanfall play time, but this thread just doesn't stop giving.

 

[shem935]

Which I would....if...you know.

Is there a way you can do that on the web? Might solve your issue.

 

[ItWasMeantToBe19]

Guns is what I'm getting from this post.

The only way to stop a bad guy with some computer skills is a good guy with a gun.

 

[gogogow]

enlighten us

and the rest of the world

master internet engineer gogogow

Wellwe'rewaiting.gif

Also yes gif. None of this jif nonsense.

Gotta love them anti-DDoS toasters.

Guns is what I'm getting from this post.

Don't you guys have google or something?

DDoS Mitigation
Given the growing number and scale of DDoS attacks, planning for DDoS attack detection and mitigation is a critical IT function. Since it's virtually impossible to build out sufficient infrastructure to scale in response to a large DDoS attack, solutions like Akamai's Kona Site Defender are increasingly being deployed by owners of Web properties across virtually every industry. Cloud-based solutions like Kona Site Defender offer built-in scalability and global reach to defend against most common types of DDoS attacks, as well as attacks against web applications (SQL Injections, Cross Site Scripts, etc.) and direct-to-origin attacks.

How Kona Site Defender Blocks DDoS Attacks
Kona Site Defender mitigates DDoS attacks by absorbing DDoS traffic targeted at the application layer, deflecting all DDoS traffic targeted at the network layer such as SYN Floods or UDP Floods, and authenticating valid traffic at the network edge. This built-in protection is "always on", and only Port 80 (HTTP) or Port 443 (HTTPS) traffic is allowed. Bursting fees can be capped so users are protected from DDoS traffic running up service fees, and flexible caching maximizes offload from origin.
For added protection, many organizations add a defense layer that protects the Domain Name Server from being overloaded and compromised by Denial of Service attacks, such as Akamai's eDNS solution. Both of these solutions leverage the power of the Akamai Intelligent PlatformTM, which consists of more than 100,000 servers deployed across over 1,000 networks in more than 70 countries.

* Specialized On-Premises Equipment. This is similar to “Do It Yourself” in that an enterprise is doing all the work to stop the attack, but instead of relying on scripts or an existing firewall, they purchase and deploy dedicated DDoS mitigation appliances. These are specialized hardware that sit in an enterprise’s data center in front of the normal servers and routers and are specifically built to detect and filter the malicious traffic. However, there are some fundamental problems with these devices:

• They are costly CAPEX purchases that may sit around and do nothing until you get attacked. They also can be expensive to operate. You need skilled network and security engineers to work these devices - there is no magic “mitigate DDoS” button.

• They must be constantly updated by the operations team to keep up to date with the latest threats. DDoS tactics change almost daily. Your team must be prepared to update these devices to the latest threats.

• They can’t handle volumetric attacks. It’s unlikely that an enterprise would have enough bandwidth coming in to handle the very large DDoS attacks occurring today. These hardware appliances don’t do any good when the attack exceeds network capacity.

* Internet Service Provider (ISP). Some enterprises use their ISP to provide DDoS mitigation. These ISP’s have more bandwidth than an enterprise would, which can help with the large volumetric attacks, but there are three key problems with these services as well:

• Lack of core competency: ISP’s are in the business of selling bandwidth and don’t always invest in the required capital and resources to stay ahead of the latest DDoS threats. It can become a cost center to them - something they have to provide, so they do it as cheaply as possible.
Resources


• Single provider protection: Most enterprises today are multi-homed across two or more network providers to remove the single point of failure of a provider. Having two providers is a best practice to maximize uptime. ISP DDoS mitigation solutions only protect their network links, not the other links you might have, so now you need DDoS mitigation services from different providers, doubling your cost.

• No cloud protection: Similar to the above, a lot of Web applications these days are split between enterprise-owned data centers, and cloud services like Amazon AWS, GoGrid, Rackspace, etc. ISP’s can’t protect traffic on these cloud services.

* Cloud Mitigation Provider. Cloud mitigation providers are experts at providing DDoS mitigation from the cloud. This means they have built out massive amounts of network bandwidth and DDoS mitigation capacity at multiple sites around the Internet that can take in any type of network traffic, whether you use multiple ISP’s, your own data center or any number of cloud providers. They can scrub the traffic for you and only send “clean” traffic to your data center.

Cloud mitigation providers have the following benefits:

• Expertise: Generally, these providers have network and security engineers and researchers who are monitoring for the latest DDoS tactics to better protect their customers.

• Lots of bandwidth: These providers have much more bandwidth than an enterprise could provision on its own to stop the biggest volumetric attacks.

• Multiple types of DDoS mitigation hardware: DDoS attacks are extremely complex. There is a need for multiple layers of filtering to be able to keep up with the latest threats. Cloud providers should take advantage of multiple technologies, both commercial off the shelf (COTS) and their own proprietary technology to defend against attacks

Cloud mitigation providers are the logical choice for enterprises for their DDoS protection needs. They are the most cost effective and scalable solution to keep up with the rapid advances in DDoS attacker tools and techniques.

 

[AmaterasuOni]

This could so be a movie.

Yeah. They're 4chan/Anonymous Grey Hats: https://twitter.com/Unkn0wnsec

 

[Anion]

I made a death note joke a few pages back and no one saw it.

I guess not a lot of people in this thread have seen Deathnote

 

[Bold One]

It's just like Watch Dogs

but even more lame

 

[grizzelye]

enlighten us

and the rest of the world

master internet engineer gogogow

Depending on what is being overloaded .. it could be CPU (if the packets need to be punted to the CPU), or the bandwidth of the internet facing links (lets say Sony have 1GB internet circuit x 10)

edit: You could do two things to lower the impact of the DDOS, e.g. you can preserve 10% of your bandwidth so that the network engineer and still keep the system running using QOS / Policing.

If you setup Blackhole routers, that can redirect the malicious traffic into routers which just dump the packets into a router that goes nowhere, saving some network resource.

Can't stop it though, unless you have the bandwidth to take in all that traffic, and have network devices that process via hardware asics.

 

[Asgaro]

HAVE A INFINITE AMOUNT OF SERVERS

Getting a bit cloudy here.

 

[CreeperBlocks]

Yeah. They're 4chan/Anonymous Grey Hats: https://twitter.com/Unkn0wnsec

What are Grey Hats?

 

[Abylim]

Don't you guys have google or something?

You going to reply to the guy who proved you said sony was hacked, or just going to keep ignoring it and acting like you didnt just google DDoS after being called out on it?

 

[Hidden One]

I guess not a lot of people in this thread have seen Deathnote

http://www.neogaf.com/forum/showpost.php?p=126874778&postcount=3250

 

[figadapaura]

Don't you guys have google or something?

Never heard of it.

 

[dubq]

What are Grey Hats?

Tweeners.

 

[AmaterasuOni]

What are Grey Hats?

http://en.wikipedia.org/wiki/Grey_hat

They use questionable means to do good things. Like Anonymous.

 

[SliceSabre]

I know what this is. Don't do it.

Let me guess you call the number, they get your phone number and set your ass up for a visit from certain three lettered US agencies?

 

[Y2Kev]

Is there like someone standing behind some posters with a gun to their heads saying POST ABOUT NETWORK SECURITY OR I WILL SHOOT YOU

lol

 

[Kade]

Don't you guys have google or something?

And do you think that is effective enough to protect something the scale of PSN?

 

[OldGangWarily]

Nope you would probably need to make it primary.

Yeah, I guess I'm stuck waiting for it to be back as this is a friend's PS4. :/

Oh well! Thanks for the help everyone.

 

[Alucrid]

Don't you guys have google or something?

You can bypass WAFs

 

[shem935]

Don't you guys have google or something?

Fuck. What's a google?

 

[Poodlestrike]

What are Grey Hats?

Black hats are bad guys, white hats are good guys, grey hats fall somewhere in the middle. Not entirely lawful (or particularly nice) but they generally do good deeds.

 

[213372bu]

I guess not a lot of people in this thread have seen Deathnote

I was going to watch it but then I saw

and threw up a bit

 

[gogogow]

You going to reply to the guy who proved you said sony was hacked, or just going to keep ignoring it and acting like you didnt just google DDoS after being called out on it?

I never said Sony was hacked. They were hacked in 2011. And no I didn't google ddos. I did google about ddos protection and defending from them.

 

[Awntawn]

Fuck. What's a google?

is that kind of like bing

 

[Dodecagon]

Is there like someone standing behind some posters with a gun to their heads saying POST ABOUT NETWORK SECURITY OR I WILL SHOOT YOU

lol

No of course not, why would you think that?

Spoiler

Send Help

 

[dubq]

Black hats are bad guys, white hats are good guys, grey hats fall somewhere in the middle. Not nice (or entirely lawful), precisely, but not destructive.

They're a buncha bah gawd Stone Cold Steve Austin's bah gawd!

 

[nynt9]

I don't get it.

There's nothing to get. Unless you really like Xbox One and no other system, I guess.

Don't you guys have google or something?

See the "mitigation" word there? See how both of those products state they can only handle the most common types of attacks and not all types?

 

[1.21Gigawatts]

I don't get it.

That gif is from back when Phil Spencer took over the Xbox division.
I don't know why its beeing posted again now.

 

[Toki767]

Is there like someone standing behind some posters with a gun to their heads saying POST ABOUT NETWORK SECURITY OR I WILL SHOOT YOU

lol

All according to keikaku?

 

[DidntKnowJack]

Don't you guys have google or something?

I like the part in there that says "Since it's virtually impossible to build out sufficient infrastructure to scale in response to a large DDoS attack..."

 

[krypt0nian]

No, seriously, do you understand what a DDOS is?



Do tell.

It's clear he's going to see what he went in to see.

 

[Ryuuga]

Eh.....there are ways, appliances etc. to fight and defend against ddos attacks, but whatever.

Is it this?

 

[Admiral Woofington]

All according to keikaku?

All according to Kotaku

 

[test_account]

Why doubt him? These people crave attention so if it's not him then he's really on point taking credit for everything with exposing the Lizards and then making his video on YT and everything. If it's not him or he's not involved at all then you'd think the person actually doing it would step up and do the same thing Fame did to the Lizards.

People, me included, have noticed some slow downs and disconnects on XBL but for the post part it's up and running as usual. Are we supposed to be naive enough to think it's just a coincidence and not just a failed attempt at the same thing when the guy said he was going to try? Why would MS be left alone when a bunch of other companies in the industry are getting hit by it?

I doubt him because its so easy to do talk like this. For example, have anyone verified that the IPs he posted earlier are the actual IPs of those lizard guys? Its possible that he is the one doing the DDOS attack, that i can believe, but i have big doubts about anything else of the technical stuff that hes saying.

That said, i dont know how the DDOS attacks are affecting PSN and Xbox Live differently, so i cant really give any good answer to that unfortuantely.

 

[Anion]

I was going to watch it but then I saw

and threw up a bit

Lol, that's why you watch the fully animated version

http://www.neogaf.com/forum/showpost.php?p=126874778&postcount=3250

Haha

 

[SirMossyBloke]

Is there a way you can do that on the web? Might solve your issue.

Hmmm. Good question. Gonna scout.

Edit: nope

 

[everyday math]

I can't even enter my profile on my ps4 now. The console just freezes.

I can bypass it by entering as a guest then switching user.

I'll turn off network connect. Maybe that will help.

Have no idea if this issue is causing my problem. Just that it's started after all this happened.

 

[CambriaRising]

Fuck. What's a google?

Someone should tweet yosp and let him know about this revolutionary tool.

Spoiler

Read earlier that SOE already uses Akamai, so they had protection. It's just not enough at some point. It's impossible to completely handle a DDOS unless you actually have the bandwidth.

 

[Dodecagon]

I never said Sony was hacked. They were hacked in 2011. And no I didn't google ddos. I did google about ddos protection and defending from them.

And now you are an expert and have an insight into Sony's network and security implementation.

 

[ethomaz]

Live is down too?

 

[CreeperBlocks]

Black hats are bad guys, white hats are good guys, grey hats fall somewhere in the middle. Not entirely lawful (or particularly nice) but they generally do good deeds.

Huh.I learned something new today. Thank you all

 

[RexNovis]

Wow, seems Sony didn't learn shit since the 2011 PSN hack. Fucking pathetic. A lot of people saying how these hackers are amateurs, but yet they crippled the entire PSN servers for at least a day, really shows how Sony didn't do squat to upgrade and protect their servers for amateuristic ddos attacks.

What some people? Sony got hacked to hell in 2011 and got personal information from 77 million accounts stolen and yet their servers are still so easy to get crippled. I don't give a shit about the video, what I do know is that I can't sign-in into PSN and play the games I want to play for an entire day. The fact that other sites got easily hacked too doesn't mean it's okay for Sony's to be slacking with their servers. Some people...

You are trying way too hard. Microsoft has a wide reaching server business that can offload traffic to limit the affects of DDoS attacks. Sony is not in the server farm business they have fewer available servers to handle traffic. This has nothing to do with security it has to do with brute force traffic spams. So how about you just stop using something you clearly have no clue about to claim "LOL SONY HAZ NO SECURITIEZ LOLOLOLOL."

 

[Dart]

LTTP What's going on? PSN down? Hacked, DDoS? Is this a UK thing?

Can someone recap? I gots to know!