DDOS prevention. Something to look at maybe?

First Riot Post
Comment below rating threshold, click here to show it.

Bottt

Senior Member

02-18-2014

I'd like to know if these past few days are similar lag issues to the ones we're having now, if it is it must be pretty complicated to find a solution.


Comment below rating threshold, click here to show it.

MVP July

Senior Member

02-18-2014

hmmm im sorry im not a computer specialist... so i dont really unsderstand what you are sayin but ...

are you trying to say that it is ddos attack that is bringing down the server recently?


Comment below rating threshold, click here to show it.

Merp Island

Senior Member

02-18-2014

What's the long-term solution to this problem?


Comment below rating threshold, click here to show it.

pro4never

This user has referred a friend to League of Legends, click for more information

Senior Member

02-18-2014

Quote:
Originally Posted by Withthegoodrice View Post
Although you may not be at liberty to discuss this, if you are, are these attacks specifically aimed at Riot?
They do not seem to be affecting any other servers.

Riot is pretty much attacked every hour of every day and have been for years. The difference is these attacks are massive in comparison and so actually effect services from time to time (yes, it seems like a lot but it's still a relatively small percentage of time when things are being effected)

Hate to bring attention to them but if you want some background on some of the more publicized recent attacks, Derp (and their trolling of phantomlord) would be a good place to start your search.


Quote:
Originally Posted by MVP July View Post
hmmm im sorry im not a computer specialist... so i dont really unsderstand what you are sayin but ...

are you trying to say that it is ddos attack that is bringing down the server recently?

The servers themselves are almost never down. The issue is massive attacks clog up all available bandwidth causing your connection to to the servers to be unreliable/intermittent.

But yes, it's been attacks which is what people have been explaining for weeks.


Comment below rating threshold, click here to show it.

GroveStr33tOG

Senior Member

02-18-2014

As inconvenienced as I am, i'm glad you guys are taking a look at it.


Comment below rating threshold, click here to show it.

Tsuki Pichu

Member

02-18-2014

Quote:
Originally Posted by RiotGradius View Post
Hello, just wanted to see if I could drum up some conversations about the nature of DDOS attacks and what kind of scale we're seeing. The attacks that have recently taken place on many different Internet services are quite large because of a very specific flaw in the NTP protocol. These attacks are called reflection attacks. (http://en.wikipedia.org/wiki/Denial-...Spoofed_attack).

What's difficult to deal with when it comes to DDOS attacks is that the larger the attacks become, the easier it is for the attacker to completely consume all bandwidth available for a specific provider. What this means is that any Internet service that this provider has under them is also unable to communicate back to the Internet. As the attacks become larger, we block them farther and farther up the provider levels, until we're working with Tier 1 ISPs to implement access control lists that prevent these attacks. Here's some more information from Cloudflare about the recent NTP Reflection DDOSes (http://blog.cloudflare.com/understan...d-ddos-attacks)

Us networking guys at Riot are not only working internally to find a solution to this problem, but we're also working with the Information Security industry as a whole to improve the situation. We're working to find a tech solution to block the attacks as they're ongoing, and fixing the underlying problem of open/unpatched NTP servers on the Internet.

Please feel free to toss any questions my way that you might have, I would love to have a chat with everyone about this and answer as much as I can.
my entire team dc'd and i didn't get a loss prevented

wtf are you gonna do to fix this


Comment below rating threshold, click here to show it.

RiotGradius

Associate Information Security Engineer

02-18-2014
3 of 17 Riot Posts

Quote:
Originally Posted by UnoDosMoltres View Post
You can't start your own thread?
It's been an idea, but I've decided rather than posting a blanket announcement, I would rather reply to multiple threads and try to explain as many aspects of the situation as possible, and address the concerns at multiple levels, rather than potentially driving the conversation myself.


Comment below rating threshold, click here to show it.

chaser676

Senior Member

02-18-2014

Quote:
Originally Posted by RiotGradius View Post
Yup, I've wanted to find the right post to start a conversation in... but so many of them are "RIOT FIX YOUR SERVERS" .. and I really wanted to have a dialog, rather than a storm of that sort of message.

I don't mind chatting with you all (I'd actually prefer it over staying quiet), and I'd really like to address any questions that I can. I'll be honest, it's a ****ty situation to be in, and myself along with a lot of other Rioters, as well as other industry professionals are trying to solve this problem as a whole rather than slowly crawling our ACLS up our provider lists. It really does make me sad that any of your games get ruined because of a DDOS, which is even more motivation to kick our butts into high gear and get this problem solved.
You likely won't be allowed to answer this question, but the group claiming responsibility have said they would stop if you asked them to stop. At what point does this become an option?


Comment below rating threshold, click here to show it.

Only Gnar Ever

Senior Member

02-18-2014

I don't know much about DDoSing but isn't it highly illegal when you disrupt a service like this? Is it really that hard to catch people who things like this that most people don't bother going after who was responsible?


Comment below rating threshold, click here to show it.

Manly Mudkip

Junior Member

02-18-2014

To be honest im glad you are posting here as next year i will be starting my college to become a network security engineer