DDoS – Nalates’ Things & Stuff

DDoS Attacks of February 2018

2018/02/28 by Nalates Urriah

The previously reported (Second Life DDoS Attack) DDoS is mostly over… for now. Oddly, I am having to search for news of the attack(s). It is there, but the media does not seem interested. On the net, you can find information. Like:

I suspect the reason for the lack of coverage is this type of information is too techy for most newscasters and writers to handle… maybe even understand.

Warriors... come out to play — Warriors… come out to play

From Internet searches, we can see a lot of people knew this type of attack was coming way before it happened. But, those that failed to protect their servers from misuse apparently didn’t. This failure of people to prepare for a known possibility is rampant in society.

Those of us that want solid Internet connections can take some steps to mitigate the impact such attacks have. The attacks often target the DNS servers, the units that translate secondlife.com into something the computer can use, IPv6 = 2001:578:3f::30 or IPv4 = 216.82.8.56. The bad actors get the most impact for their clicks by taking down DNS servers as without them your computer can’t find the machine addresses and cannot connect. Fail.

News Update 2018 w09

2018/02/282018/02/27 by Nalates Urriah

Earlier I reported (ref) on the DDoS attack and linked to the Linden post on the subject. Things seem to be getting better. Concurrent use was back to the mid 40k users. In the Server-Scripting UG meeting, Simon Linden told us this has been on-going for about 24 hours. April Linden tells us the same … Read more

Second Life News 2018 w09

2018/02/282018/02/27 by Nalates Urriah

The last few days we have had some people complaining about login issues. I’m one of them. But, the problem is so erratic and apparently random I can’t put any useful information in a JIRA.

This morning there was some issue with logins. Only 17,000+ were on when I logged in at 10:45 Am SLT. On my trackers next update, 19,000+ were on. That 17k is an extraordinarily small number. The low for the day is about 7,000… but it may have been zero. My tracker only grabs data every 10 minutes. A lot can happen in the computer world and RL in 10 minutes.

Lauressa - Close-up — Lauressa – Close-up

I currently show 3,000 to 2,000 people logging in every 10 minutes. This is indicative of some grid wide problem.

Status only says they are investigating intermittent login issues.

Update 11:00 AM SLT – Seems the problem is a DDOS attack. See Unscheduled DDoS. This is not a Linden Lab specific attack. Early indications, often wrong, suggest it is possibly an attack on America. I would not be surprised to trace it back to North Korea. They will likely react to the sanctions just placed on the Democratic People’s Republic of Korea. So, appease them now and face a nuclear attack later or deal with them now?

Did you know the average duration of a mass shooting is three minutes? What is the response time of the police in your neighborhood, to your sports arena, movie theater, or school?