The previously reported (Second Life DDoS Attack) DDoS is mostly over… for now. Oddly, I am having to search for news of the attack(s). It is there, but the media does not seem interested. On the net, you can find information. Like:
I suspect the reason for the lack of coverage is this type of information is too techy for most newscasters and writers to handle… maybe even understand.
Warriors… come out to play
From Internet searches, we can see a lot of people knew this type of attack was coming way before it happened. But, those that failed to protect their servers from misuse apparently didn’t. This failure of people to prepare for a known possibility is rampant in society.
Those of us that want solid Internet connections can take some steps to mitigate the impact such attacks have. The attacks often target the DNS servers, the units that translate secondlife.com into something the computer can use, IPv6 = 2001:578:3f::30 or IPv4 = 18.104.22.168. The bad actors get the most impact for their clicks by taking down DNS servers as without them your computer can’t find the machine addresses and cannot connect. Fail. Continue reading →
Earlier I reported (ref) on the DDoS attack and linked to the Linden post on the subject. Things seem to be getting better. Concurrent use was back to the mid 40k users.
In the Server-Scripting UG meeting, Simon Linden told us this has been on-going for about 24 hours. April Linden tells us the same in the SL Blog post.
However, from a credible source, I understand the SL Forum went nuts with fake news. So, be aware there are nuts posting on the forum that enjoy creating havoc. The sad part is some believe what they are saying and think they know something. Others know they are deliberately making mischief.
How do you tell which is real? If you go into the Answers section of the forum and look at the 3 to 6 posts threads, you will find a small number of people consistently answering questions. Those people are mostly trustworthy. When they don’t know, they have been known to say so…
So, the statement the asset servers went down and all SL content was lost was totally bogus. I’m not sure why anyone would make that statement. There are those always wanting to harm the Lab. Others think it fun to scare people. Others seem to believe whatever pops into their head.
I understand some new people will believe anything about SL and the Lab. But, I have the idea that with all the fake news, propaganda, and spin people would be more skeptical of what they hear. Silly me.
The last few days we have had some people complaining about login issues. I’m one of them. But, the problem is so erratic and apparently random I can’t put any useful information in a JIRA.
This morning there was some issue with logins. Only 17,000+ were on when I logged in at 10:45 Am SLT. On my trackers next update, 19,000+ were on. That 17k is an extraordinarily small number. The low for the day is about 7,000… but it may have been zero. My tracker only grabs data every 10 minutes. A lot can happen in the computer world and RL in 10 minutes.
Lauressa – Close-up
I currently show 3,000 to 2,000 people logging in every 10 minutes. This is indicative of some grid wide problem.
Status only says they are investigating intermittent login issues.
Update 11:00 AM SLT – Seems the problem is a DDOS attack. See Unscheduled DDoS. This is not a Linden Lab specific attack. Early indications, often wrong, suggest it is possibly an attack on America. I would not be surprised to trace it back to North Korea. They will likely react to the sanctions just placed on the Democratic People’s Republic of Korea. So, appease them now and face a nuclear attack later or deal with them now?
Did you know the average duration of a mass shooting is three minutes? What is the response time of the police in your neighborhood, to your sports arena, movie theater, or school? Continue reading →