Is Someone Ddos Skyblock.net

I have recently realized that skyblock.net has been going offline.... then online then ofline... then online and so on. I have been Ddosed before so i know what happens when you do get Ddosed.
Im not 100% sure that skyblock is getting Ddosed but i would like someone to explain to me what is really happening if this server isnt getting Ddosed.

 

I can't login to .net too! Lucky to see that not only I have this situation.

 

what's ddosed?

 

TL;DR: Yes. (But the attackers have gradually been getting v&. )

[Warning: tech babble below.]

Skyblock and many other top servers are taking a 400Gbit+ SSYN flood beating from a botnet right now. Earlier this year, attacks of such magnitude could only be carried out with a more rarefied type of attack - known as an amplification or reflection attack - that tricks DNS, NTP, and/or SNMP servers into flooding the target. This attack, in fact, is potentially record-breaking.

Minecraft server hardware is rented from resellers who have arrangements with massive data center operators like Voxility and OVH. For the past several days, a group of punks calling themselves PutinSkqad have been targeting servers like Mineplex as part of some personal vendetta, and using Mojang's recently emboldened stance on EULA enforcement as their scapegoat.

Unfortunately, they have enough power to saturate the data centers' DDoS filtration hardware, so when they target a server hosted by Voxility for example, (or one of its resellers,) many other servers also become unreachable. Likewise, Voxility's other customers suffer -- websites, businesses, etc. The ultimate goal is to cause physical damage to the hosts' hardware by overheating it or otherwise wearing it out in a short time, so that the host will have no other choice but to terminate the target customers accounts.

They turned their focus to OVH earlier tonight, but it turns out they don't have enough gunpowder in their cannons to keep OVH down, so they're back to firing at Voxility customers. It seems they also have enough power to knock Minecraft's session servers offline from time to time.

 

Noobcrew, it could be worse. They haven't mentioned you or Skyblock as a direct target!

Hidden Content:

**Hidden Content: Content of this hidden block can only be seen by staff members**

 

Hidden Content:

**Hidden Content: Content of this hidden block can only be seen by staff members**

 

For anyone who's curious what a DDoS "looks like," here's an interactive map: DigitalAttackMap.com

 

how do you hide?

 

[ hide]Something you want the staff to know, but isn't appropriate for all ages or is otherwise not directed towards all forum members.[/hide]

 

Are you sure it's a SYN Flood? That type of attack is old and there are many measures available to mitigate that sort of attack.

 

They did claim SYN flood at 400Gbit capcaity on Twitter, which would make enough sense if they are indeed using a botnet, and DigitalAttackMap showed massive amounts of SYN traffic entering the US during the attacks.

There's no way I can be 100% positive about that, though. A DNS amp attack would be much more believable, since those easily can reach 400Gbps with only a single 10Gbit link on a single misbehaved edge router.

Although a SYN flood on that scale is almost unimaginable, it would explain why they were only holding servers down when applying full force. A common method of mitigation is for the vacuum proxies to reply to SYN floods with a SYN cookie -- a challenge hash that needs to be parsed by the originator and replied to, or else the session is dropped. As long as the proxies had enough CPU, memory, and bandwidth headroom to breathe, they could continue passing legitimate sessions; something that might explain why small numbers of people were still able to get online at times throughout the attacks.

 

Because we all know what this means

 

Explain in English please

 

Borderline English:

Assuming PutinSkqad/lelddos was being truthful about the type of attack they used, they had enough firepower that concentrating it all on one host at once was enough to defeat million-dollar hardware installations that were designed to block large-scale DDoS whilst allowing legitimate users through.

If they were using that DNS amp attack I mentioned, then there's nothing that could be done about it except for thousands of ISP technicians around the world (*cough*China*cough) to reconfigure their gear correctly.

:3

 

That I understand, Was anything done about this by chance?

 

so basicly ur daying that a guy had enough power to break through all of our dDos walls?

 

Well, yes and no.

The host that handles Skyblock, Mineverse, and several other enormous servers surely worked their butt off to identify and block the attackers' computers, and is probably considering investing in more DDoS prevention hardware right about now.

Unfortunately, a large problem here is that so many large Minecraft servers are hosted in just a few data centers, so it would help immensely if servers were spread out among more around the world. Operators of large servers don't have all that much choice in that matter, but at least hosting is an ever-growing industry, so that's bound to change.

Presumably. Attacks like this are why viruses are bad news even if they don't manage to steal Facebook passwords or bank account numbers.

 

Sooooo basically the bad people turned off the internet?