DDos or how we lost our games to a Lizard

@JPT @Grall

I cant find the source of where I first read it, it was a Twitter source before that article even went up, but one place said that LizardSquad hacked a few of the routers used on the underwater transcontinental connections. That sounds like it would have a metric ton of bandwidth available to abuse.
 
@JPT @Grall

I cant find the source of where I first read it, it was a Twitter source before that article even went up, but one place said that LizardSquad hacked a few of the routers used on the underwater transcontinental connections. That sounds like it would have a metric ton of bandwidth available to abuse.

It has bandwidth to use, but it does not have the cpu cycles to create it, if that makes any sense :)

A router is basically a specialized computer, that is designed to do a few things very well and that is mainly move packets from point a to b based on certain rules. But creating/generating data/traffic is not what is considered a priority, so it does not do it very well or have cycles todo it.
Without ever having played with the really big stuff, I doubt that you can create very much data with a router. SNMP is a possible amplification attack vector, but all devices I have ever come across, things like that has had much lower priority to resources.
Its a waste of resources doing that compared to using those cpu cycle to fulfill its primary task, route packets. And if they did that, the routing performance would probably suffer.
Look up any manual on any decent networking gear, there are pages upon pages saying, if you turn on this feature, there will be a performance penalty or this feature with that feature will basically kill the 3rd feature over there.

I am very open to be very wrong about this, but its nothing that makes sense to me, with the information that is currently available.
So I have my doubts that controlling those routers helps much, other than maybe stopping people from accessing and using them to block traffic.
And if you have control over those routers, why #$%"#$% use it in a what looks like a kiddie DDoS? You basically got NSA access to traffic going across the oceans. *puts on tinfoil hat* unless the DDoS on PSN/XBL is a distraction for something else.....

Edit:

Routers today got lots of hardware acceleration, think gpu's vs software rendering etc. But as with a gpu its very specialized because it has a limited taskset to handle. So you save money by not putting stuff in silicon to do things that are not deemed a high priority. And any traffic/data a router creates is just monitoring/management data going to the operator, its very very low volume compared to what it routes.

Now if you mirror data or do multiple copies of it, then its a different matter, but that should be easy to filter out on the way. SFlow, Netflow, span/mirror traffic and what not does not need to traverse the network borders. And it will induce a performance hit on the router.
Also core equipment like that most likely have replace routines in place, so even if they own a router, it can be replaced by another one fairly quickly, Unless they have owned the whole infrastructure with config backups etc.
 
Last edited:
blargh now i cant connect to PSN at all although people on reddit says they starting to be able to connect
 
Not surprising that they're scornful of Sony.

Also, its not at all clear that MS and Sony are/were being attacked with same ferocity. The original attacks were on Sony.
Why is it not surprising?

The surprise is that these kids don't learn, they will end in jail and their life is essentially ruined.
 
I found a PSN "fix" in order see friends and play online (but not PSN store which is still down):

PS4 -> network settings -> MTU set to 1473

I even was able to play one MultiPlayer race (just finished now) in Driveclub, crazy! :LOL:

Found in Gaf: http://neogaf.com/forum/showthread.php?t=960043

Wow, that actually worked, I was able to login to PSN, but Destiny is not able to verify that I am logged in.

So then PS4 does not send packets that gets fragmented enroute to PSN and since it works for people around the world, it seems the fragmentation is located very close to Sony or in their data centers.
More speculation, is that something fragments it and then after that something, there is another something that does not get all the fragments and your connection times out. Dropping out of order fragments or just plain old fragments is a DoS protection technique.

Did somebody turn their own DoS protection against them?
And then how what where does the fragmentation happen? Now if we speculate without any real proof again, is this what the DDoS'er did with the core components in the network. Lowered the MTU on the links to get the routers to fragment all the traffic going to Sony?

Okay, the sophistication went up a bit in my opinion now.
 
Last edited:
I think this works cause PSN is now working :p for me at least.

I tried to sign out and then go back to 1500 and sign in again, did not work, but if I went back to 1473 it worked.....
But if it works for you great, can you get on Destiny to?

Edit

And now I got on Destiny to....
 
Did somebody turn their Sony's own DoS protection against them?
...
Okay, the sophistication went up a bit in my opinion now.
Does this perhaps explain the difference with MS, that MS's security couldn't enable such fragmentation?
 
Does this perhaps explain the difference with MS, that MS's security couldn't enable such fragmentation?

Or as was posted earlier that MS patched their routers to fix this setting earlier.

BTW: The MTU setting on the Xbox One for me is 1480.
 
Or as was posted earlier that MS patched their routers to fix this setting earlier.

BTW: The MTU setting on the Xbox One for me is 1480.


My MTU is the same as yours and other than a brief period, I've been on XBL the whole time. Other than the hour or so down, I've only had minor issues. Streamed Twitch and Youtube a lot Christmas and yesterday.

I was watching a Twitch stream for KI where the host was having difficulty getting ranked matches though. I haven't played MP matches since X-mas eve, so don't know if that was also an issue on my end.
 
I cant find the source of where I first read it, it was a Twitter source before that article even went up, but one place said that LizardSquad hacked a few of the routers used on the underwater transcontinental connections.
Yes, it was in an interview with one of the purported Lizards on...uh, I can't recall. But, I saw it too, and I'm not entirely convinced I believe it.

A; why would you put routers under the ocean? The underwater cables are just cables, they're not cross-connections. Sticking a lot of complicated hardware down there would seem like creating unneccessary problems for yourself. You probably need repeaters, but routers? *shrug* I could be wrong here, I dunno, gods know it wouldn't be the first time. :)

2 - IF you have routers under the ocean, wouldn't you like, super-harden them, considering how critical they are and the amount of money sunk (literally!) into the entire cable connection. It's probably running into (several?) hundred millions of $'s for a transatlantic cable. SO, if someone hacks your super duper important and even super duperer expensive transatlantic cable connection router - and not just HACKS it, but alledgedly using it for destructive, nefarious purposes for hours if not days - wouldn't you do everything in your power immediately to take back control of it?

I personally feel this is bragging and mouthing off to seem more important than is the case. *shrug* They have SOME source of bandwidth, but I don't think it's internet infrastructure itself. If these assclowns really could hack core routers and shit like that and commandeer them at will they could wreak a lot more havoc than just screwing up PSN and XBL for a few days. So I don't think that's within their power. They probably sit on a fat zombie botnet and is spouting bullshit in media and twitter as misdirection (and ego-hype.)
 
Or as was posted earlier that MS patched their routers to fix this setting earlier.
JPT felt earlier that the patched router idea was gobbledegook. So I'm asking him if he thinks the security and fragmentation could be the difference, in his opinion. Perhaps for PR purposes, the security differences are boiled down to simply saying, "we patched the router," where the reality is something very different? If the issue can be circumnavigated by just 'patching a router', surely the two companies would be on fairly equal footing regards their ability to deal with it?

Does anyone know if Sony handles their own network infrastructure and just rents server space, or if they commission a network company to handle the infrastructure for them?
 
I have to say it's still annoying that some games seem to fail to start-up unless I pull the chord/disable internet altogether, then they work fine. That could be more elegant for sure. Has been up for me since yesterday evening though.
 
I'm confused. Are we saying offline games are failing to start when launched?

Not here. PSN's been down for us most of Christmas and these games have all been played without issue:
  • Infamous Second Son - digital version
  • Call of Duty Advanced Warfare - disc version
  • GTA V - digital version
  • Assassin's Creed IV Black Flag - digital version
  • Shadow of Mordor - disc version
  • The Last of Us Remastered - disc version
  • Tomb Raider Definitive Edition - digital version
  • Lego Marvel Super Heroes - digital version
  • Far Cry 4 - disc version
  • Pix the Cat - digital.
 
The issue is that many games seem to call home if Internet is enabled. Could be checking for updates, doing something with trophies, leaderboards, whatever. But the network calls appear to be blocking so if they hang, the game hangs. If you disable Internet then the calls don't block.
 
Under-sea routers? Sounds like bullshit.

For the brief time I had issues with connection to Live on Christmas day, I just put my Xbox One in offline mode and everything was fine.

Also, it was Christmas day. Maybe gamers should have stopped being babies and spent the day with their families instead of worry about whether they could play online. Lizard Squad wanted people to get outraged on twitter, forums etc. They're trolling. Crying about it is them winning. Can't believe some of the stuff I read from gamers. It's one day - a day that should be about family and friends.
 
PSN has been good to me all day now , played lots of BF . The only thing not working is the News feed - I guess it`s been disabled to have less traffic like they did at Launch ?
 
Back
Top