In an effort to differentiate this thread from a previously existing thread asking the simple question of "Who is behind the DDOS attacks?", I will ultimately pose a more unique inquiry, as nobody seems to have any sort of idea who did this.

There's no denying that it caused what I would essentially refer to as one of the most unheard of down times for a live/maintained server in the history of my MMO gaming time. The server was down for a week and some odd hours, correct? That's crazy. This is either a sign of how weak SEGA is, or a sign of the impending strength of whomever committed this attack.

So let's make some observations...

- SEGA was DDOS'd resulting in major server down time. I almost want to say that a live MMO being down for more than a week, years after it went live is kind of unprecedented, I can't even really think of another MMO where I've seen that happen and I've played a lot of MMOs.

- Whatever solution was instated has caused a huge snag for only foreigners. Many local players experienced minor connectivity issues in the opening day (as per usual for a "servers up" day) but that all but disappeared within 1-2 days, give or take.

My concern : This can happen again. At any time.

Right now everyone just wants to get the ability to log back in, but let's say that does come to pass and we go right back to the way things were. How can we be sure this doesn't happen again? The kind of inconvenience this has caused for you as dedicated gamers, I couldn't imagine you'd be willing to deal with this more than once.

You have absolutely no way of knowing if the person/people who did this have the ability to do it again, you have no way of knowing if SEGA has bulletproof methods of making sure this isn't an issue repetitively, and if it were to be, I think we can all agree that SEGA wouldn't hesitate to drop the real IP block.

So...the discussion is as follows. How can you be sure that this will not happen again? Do you think it would be beneficial to attempt to discover who was at fault for this? Wouldn't it be more accurate to say that after this, that you should be more concerned with your seemingly temporary status on the JP servers?

Of course, if your ISP's never relinquish your ability to login...this discussion is rendered a bit inert. If the day comes that everyone is able to log back in...does it really make sense to just forget this ever happened and cross your fingers that whoever did this doesn't come back for a rebound laugh? I'm typically the person who feels as though they should try to do things when bad things happen...so that's kind of the idea behind this thread. What can we (or more specifically you, as foreigners) do, in order to ensure to ourselves that we are not walking thin ice, and that this won't be a returning dilemma that you will ever have to experience again?

It can definitely happen again and after all the issues coming after and the general opinion of there being a permanent block, it's more than plausible. Sega has a history of being somewhat anti-consumer over the last several years in regards to releases and responses to problems so they certainly have a string of enemies willing to strike them whenever there's an opening.

It's gotten to the point where you have to ask yourself if you're willing to continue supporting them at the risk of losing hundreds of hours worth of work, or to move on to greener pastures?

Yeah, that's been a concern on my mind for a while; if it happens again, the chances of SEGA locking the doors would be significantly higher.

Unfortunately I am rather ignorant on how DDoS works on a more specific level, much to my regret. However, I'd be more than willing to learn more about DDoS if it means preventing issues like these from arising once more, not only for PSO2, but also other foreign MMOs that don't already have the IP ban(not that I know of any outside of KR Nexon, and their account creation procedure is basically as effective as an IP ban).

Yeah, that's been a concern on my mind for a while; if it happens again, the chances of SEGA locking the doors would be significantly higher.

Unfortunately I am rather ignorant on how DDoS works on a more specific level, much to my regret. However, I'd be more than willing to learn more about DDoS if it means preventing issues like these from arising once more, not only for PSO2, but also other foreign MMOs that don't already have the IP ban(not that I know of any outside of KR Nexon, and their account creation procedure is basically as effective as an IP ban).

basic diagram of DDoS. if the incoming signals from the bot/zombies combines into something that disrupts the rest of the internet, essentially hogging a backbones bandwidth in the targets area, ISPs may take action and block traffic to the target closer to the attackers location, if a bot is blocked on it's own backbone, then the signal can't join up with the rest of the attack+^_^+ (analogy, if you place a small dam on every small steam that enters the Nile, by the time it reaches Egypt it would only be a tiny stream with a wide open riverbed)

http://mmoloda.com/pso2/image/34929.jpg

EDIT: simpler diagram

EDIT 2: found PSO2 related diagram+^_^+

basic diagram of DDoS. if the incoming signals from the bot/zombies combines into something that disrupts the rest of the internet, essentially hogging a backbones bandwidth in the targets area, ISPs may take action and block traffic to the target closer to the attackers location, if a bot is blocked on it's own backbone, then the signal can't join up with the rest of the attack+^_^+ (analogy, if you place a small dam on every small steam that enters the Nile, by the time it reaches Egypt it would only be a tiny stream with a wide open riverbed)


Ah, so I assume that PCs can unintentionally partake in a DDoS attack?

And what I gather from this is that if the attack is blocked at its various sources then the severity of said attack may be drastically decreased as a result? Though that leaves us with the next problem, which would be pinpointing the source of the attack, which seems to be easier said than done. Hm...

welcome to 2014 the year with the highest rate of DDOS attacks ever recorded many people have never heard of DDOS attacks because they were extremely uncommon til 2 years ago

now let me list 2 known hacker groups that use DDOS attacks
Anonymyous use them as a form of internet protesting
Derp uses them just to get kicks out of all the rage from the playerbase not being able to play
did either of those 2 groups hack PSO2 nobody can say are they a possibility yes

could some angry player pay off a hacker group to DDOS a server very likely
until you locate the actual hacker that attacked the server you honestly can't put a Motive behind it

it's really like trying to put a Motive behind a killer who killed somebody in the woods and left no evidence of who did it

you don't know if the killer just happened to have a bad day was insane or was a friend of the person they killed or was hired to kill that person to keep there mouth shut

Ah, so I assume that PCs can unintentionally partake in a DDoS attack?

And what I gather from this is that if the attack is blocked at its various sources then the severity of said attack may be drastically decreased as a result? Though that leaves us with the next problem, which would be pinpointing the source of the attack, which seems to be easier said than done. Hm...

yes, usually PCs infected with a virus or some type of malware perform the attack. the virus/malware can then receive instructions from the attacker and attack the target. when you have literally 100s of 1000s of these infected machines doing it, and all those packets going to the same place at the same time... it's like sending logs down a river and they all jam up+^_^+
you'd be surprised how many users don't have adequate anti virus, let alone antimalware programs... I've met more then a fair share of people running bootlegged unactivated versions of windows that don't have the windows updates needed to keep it secure, and people that think windows defender is an antivirus when it really isn't...
most of these users will never now their computers were part of a DDoS, only that their Facebook page took and extra second to load up on a particular day.... oh and maybe their CCs get some odd $1.50 peercoin purchases they never bought, but choose to let it go cause, well, it's only a $1.50+^_^+
Tracking the bots is easy, but the attacker, not so much, since the only evidence is the virus/malware that most likely doesn't point anywhere....

yes, usually PCs infected with a virus or some type of malware perform the attack. the virus/malware can then receive instructions from the attacker and attack the target. when you have literally 100s of 1000s of these infected machines doing it, and all those packets going to the same place at the same time... it's like sending logs down a river and they all jam up+^_^+
you'd be surprised how many users don't have adequate anti virus, let alone antimalware programs... I've met more then a fair share of people running bootlegged unactivated versions of windows that don't have the windows updates needed to keep it secure, and people that think windows defender is an antivirus when it really isn't...
most of these users will never now their computers were part of a DDoS, only that their Facebook page took and extra second to load up on a particular day.... oh and maybe their CCs get some odd $1.50 peercoin purchases they never bought, but choose to let it go cause, well, it's only a $150+^_^+

Yeah, it's actually pretty cringe-worthy, and it appalls me that people still are ignorant about these things...Well, not knowing, I suppose, is excusable, as long as they are willing to learn. Well, supposedly that is the real question: ARE they willing to learn? I mean, not only for the predicament we're currently in, but more so for the condition of their own computer. Also, having money taken out of what's basically your own pocket without your own intention should be a bit of a concern; it's surprising that people would just shrug it off.

Yeah, it's actually pretty cringe-worthy, and it appalls me that people still are ignorant about these things...Well, not knowing, I suppose, is excusable, as long as they are willing to learn. Well, supposedly that is the real question: ARE they willing to learn? I mean, not only for the predicament we're currently in, but more so for the condition of their own computer. Also, having money taken out of what's basically your own pocket without your own intention should be a bit of a concern; it's surprising that people would just shrug it off.

the money stealing thing is more rare, but if you have one piece of malware on your PC, then you probably have others, and with PCs having more CPU power, more RAm, faster HDDs.... those PCs can run more malwares before they impact the PCs ability to function, considering how specific this attack was, it was likely paid for, there are groups of people that "rent" out DDoS attacks for a price+^_^+

(going after bumped and PSO-W makes me think this was targeting the EN community more then anything, of course that doesn't narrow it down at all, on IPViking the US attacks itself more then china attacks the US)

Well I for one would rather see the DDoS'er get caught. But when I tell people to calm down, and let Sega fix the problem and be patient, all they seem to care about is getting back to the game and playing not thinking there's a possible chance that this can, and probably will happen again. I worked too hard on my characters in this game to let them go to waste. Granted I've been disappointed by Sega in the past, To be more accurate Sega of America, who's been messing shit up since 32X (some might even say Sega CD) They had a great thing going, and they blew it, and after that it's been nothing but one upset after another. So being this is my first time playing a JP MMO, and first time dealing with Sega of Japan. Hell I love it, and the biggest thing that Sega of Japan is they totally have my respect. For the simple fact of they could of banned us at any time cause of the ToS, and they haven't. Quite honestly I really don't think the DDoS was to get at Sega, cause what's hurting more right now? Take a look at all the threads in this forum, all the players having issues connecting to the game, PSO2 may not be back to 100% but it seems to me the DDoS did more damage to this community than it did to the game itself. Half the time I sit there, and see people blaming Sega for this. Sega isn't at fault here people. They're doing what they can to keep the DDoS from happening again. Meanwhile while they're busy doing that, a bunch of you on here and sitting there complaining that you can't connect. Is the game that damn important to you, that you don't care if it gets DDoS'ed again, followed by an actual IP ban? Sure I may be able to play the game, but lately I've spent my time in my room, not even playing cause I don't dare to. For fear the servers are going to get DDoS'ed again. *sigh* But most likely my words will fall on deaf ears like they always do. But I firmly believe the DDoS attack was to get at this community, and I'm pretty damn sure the DDoS'er is sitting back enjoying every damn minute of it, cause a lot of you supplied them with exactly what they wanted to see. I'm gonna stop here before I start pissing people off. I said my peace.

Hello, fellow team member!

To sort of expand on what Lashette said, it's great that we were allowed to play for so long, and I'm definitely grateful for that. But my attitude from the get-go was that this could be taken away at any moment, and I feel this should have been the same for everyone. Whether or not we're allowed back is another matter, but it shouldn't come as much of a surprise that when something finally went wrong that they pulled the plug on a majority of foreign connections.

On the bright side, maybe we will be able to connect again. And if not without proxies, maybe they'll be just as tolerant with usage thereof as they were before this happened. Only time will tell.

In a more direct response to the OP, I don't think finding out "who did it" would be beneficial in any way. Who cares? What're we gonna do, DDoS them back? That would do about as much good as the initial DDoS did in the first place; not to mention how childish it would be.