Quote:
Originally Posted by salimoneus
[You must be logged in to view images. Log in or Register.]
I just don't understand why this is causing the entire system to go down. I mean, the actual game server should only accept requests from IP addresses that have been authenticated already, no? So someone spamming a login server or whatever, should have little effect on the active "good" player connections with an established login who are communicating with the game server not the login server. Are the two not separated in such a way? I'm sure there are many limitations placed on the system due to the client, perhaps that is big hangup in finding a good solution to this? Please edumucate muh as I am not network savvy.
|
DDoS attacks will typically be legitimate traffic. Firewalls will match traffic type and do deep packet inspection, but if the packets are legitimately constructed it'll let them on through. IP based filtering is basically useless especially against a DDoS attack because the slave/zombie computers will be located all over the place, and IP addresses change. It would be basically impossible to maintain a whitelist for something like this.
There is simply no way to mitigate a strong enough DDoS attack. Microsoft, Amazon, Google, Apple, etc have all been hit and brought down. There is some pretty kick ass stuff that can mitigate it upstream but we're talking hundreds of thousands of dollars for the gear. And even that isn't a silver bullet.