Support NeoGAF

[Copen]

No, they are more live accounts than psn.

So despite PS3 and Vita PSN still to this day being free and more PS4's sold than Xbox Ones you really believe what you're saying? Sony has more platforms and with that more customers to restore service to I think that's just common sense. But despite all that this isn't and shouldn't be a PS vs MS shit throwing contest. Both services went down and for SOME XBL is still down and even when up not fully functional so neither company is infallible as far as services are concerned. I own both consoles but primarily play most games on my PS4 and because of that choice I can't get online and play but hey that's the choice I made so I am stuck with it. My main gripe is since we are now paying for PSN on the PS4 I feel like Sony owes us not only a detailed explanation of what took place but what they are doing to resolve the issue. As paying customers I expect that not only of Sony but MS as well they BOTH need to be held accountable despite the attack not being their fault and I do understand this but again they have our money and we don't have the services we paid for.

 

[HawksWinStanley]

PSN is up for some. Watching Live from Playstation right now.

Care to log in for me and upgrade my Gjallarhorn while you're on?

 

[Kabuki Waq]

Wow i really thought psn would be up by now. Xbl was back up within 24 hours right?

 

[shysaursoft]

That doesn't change the fact that Sony's DDOS mitigation technology is absolutely terrible. They don't seem to have any kind of load balancing or automatic scaling (ie. server spin up or spin down based on traffic levels) as far as I can tell.

See below.

Sony/PSN is using prolexic for DDOS mitigation.

At this moment all auth requests are being blackholed behind prolexics servers. There could be several reasons for this.
* The auth server going offline on Sony's side.
* The auth server being overloaded
* Prolexic actively filtering traffic because of an ongoing attack.
* Some problem at prolexic (perhaps they can't handle the load either)

PSN also uses Amazon EC2 for their applications/multiplayer servers. And Akamai for game downloads, updates, firmware, etc. EC2 and Akamai also seems to be stable and explains why folks can get downloads and even play Online ( if they managed to login ) since those services are running in EC2 or over Akamais CDN.

When snooping traffic it's clear that the auth server is responding sporadically... and sometimes not at all. Which implies that it is at least alive but struggling.

It should also be noted that when a DDOS mitigation is done by first attempting to filter out offending traffic based on content... when that fails (IE: the attack is sophisticated enough) IP ranges begin to be blackholed altogether. This causes some regions to appear completely offline while others are fine. Those filters are then refined to allow legitimate users in. (Assuming the mitigation service is not overloaded). This is never perfect and extremely time consuming. ( BTW Mitigation services are EXPENSIVE ) To say Sony is not spending enough on infrastructure is a bit presumptuous.

The real problem is zombied edge devices. My little itybitty server in the corner of the internet gets 10s of thousands of hits from zombied IPs a day looking for vulnerabilities in my server. 1/2 the time I look it's from a Cheap wireless router that's been rooted and has an open telnet/ssh port or botnet client on it. ( It's so tempting rm -rf / and then burn the flash out on those things to kill them!! ) So it's not just infected enduser PCs anymore... it's all the cheap, insecure other crap people buy and plug into their internet connection. For all I know many of the folks here are running zombies without even knowing it and contributing to the problem. Perhaps while waiting for Sony to get PSN up and running folks should go see if their own gear has been compromised. :O

 

[kitch9]

Wow i really thought psn would be up by now. Xbl was back up within 24 hours right?

No, not for everyone. Can we stop posting this bollocks?

 

[Live Free or Die]

In hindsight, I think a seperate thread for the Great Christmas Outage would probably have served everyone better, operated by someone who would actually update the OP with relevant information and status updates. Instead, we had this thread, almost 200 pages of the same looping questions. Derp.

You should make a new thread. You know what you are talking about and have posted a lot of good information. *thumbs up*

 

[jeffc919]

PSN is up for some. Watching Live from Playstation right now.

The android app shows I have a few friend online (when it doesn't time out that is). I don't know what systems they are playing on though. Could all be PS3 for instance.

 

[Quadraphonic]

That doesn't change the fact that Sony's DDOS mitigation technology is absolutely terrible. They don't seem to have any kind of load balancing or automatic scaling (ie. server spin up or spin down based on traffic levels) as far as I can tell.

Who's to say they didn't already try that and everything got overloaded?

More servers = more cost. And if they're all still getting swamped, it's wasted money.

 

[ironcreed]

Wow i really thought psn would be up by now. Xbl was back up within 24 hours right?

Less than that for me. Went out Xmas afternoon and was back up the next morning.

 

[matrixman92]

I really hope this gets fixed before the 29th. I want to buy dragon age for the sale price, with some psn money I got for Christmas. The website just infinitely loads for me, the app doesn't work, and on the console definitely doesn't work.

 

[dukeoflegs]

Sony/PSN is using prolexic for DDOS mitigation.

At this moment all auth requests are being blackholed behind prolexics servers. There could be several reasons for this.
* The auth server going offline on Sony's side.
* The auth server being overloaded
* Prolexic actively filtering traffic because of an ongoing attack.
* Some problem at prolexic (perhaps they can't handle the load either)

Perhaps while waiting for Sony to get PSN up and running folks should go see if their own gear has been compromised. :O

How would someone go about finding if their router or something else was compromised?

 

[hemo memo]

Sony/PSN is using prolexic for DDOS mitigation.

At this moment all auth requests are being blackholed behind prolexics servers. There could be several reasons for this.
* The auth server going offline on Sony's side.
* The auth server being overloaded
* Prolexic actively filtering traffic because of an ongoing attack.
* Some problem at prolexic (perhaps they can't handle the load either)

PSN also uses Amazon EC2 for their applications/multiplayer servers. And Akamai for game downloads, updates, firmware, etc. EC2 and Akamai also seems to be stable and explains why folks can get downloads and even play Online ( if they managed to login ) since those services are running in EC2 or over Akamais CDN.

When snooping traffic it's clear that the auth server is responding sporadically... and sometimes not at all. Which implies that it is at least alive but struggling.

It should also be noted that when a DDOS mitigation is done by first attempting to filter out offending traffic based on content... when that fails (IE: the attack is sophisticated enough) IP ranges begin to be blackholed altogether. This causes some regions to appear completely offline while others are fine. Those filters are then refined to allow legitimate users in. (Assuming the mitigation service is not overloaded). This is never perfect and extremely time consuming. ( BTW Mitigation services are EXPENSIVE ) To say Sony is not spending enough on infrastructure is a bit presumptuous.

The real problem is zombied edge devices. My little itybitty server in the corner of the internet gets 10s of thousands of hits from zombied IPs a day looking for vulnerabilities in my server. 1/2 the time I look it's from a Cheap wireless router that's been rooted and has an open telnet/ssh port or botnet client on it. ( It's so tempting rm -rf / and then burn the flash out on those things to kill them!! ) So it's not just infected enduser PCs anymore... it's all the cheap, insecure other crap people buy and plug into their internet connection. For all I know many of the folks here are running zombies without even knowing it and contributing to the problem. Perhaps while waiting for Sony to get PSN up and running folks should go see if their own gear has been compromised. :O

Thank you.

 

[shysaursoft]

You should make a new thread. You know what you are talking about and have posted a lot of good information. *thumbs up*

But I want to have my life back. ;..; While I'm glad I helped a few people, it does feel like I've wasted too much time here.

 

[system11]

Shame. I thought the nightmare was over this morning, everything on PSN seemed to be working perfectly, even the store. That was about 8 hours ago. I see the lizard idiots are tweeting 'PSN offline' again but you can't trust anything they post on Twitter (also people, please stop following and retweeting them, you're feeding the beast).

 

[BoboBrazil]

The android app shows I have a few friend online (when it doesn't time out that is). I don't know what systems they are playing on though. Could all be PS3 for instance.

Well one guy on live from playstation is playing GTA5 PS4 multiplayer with over 2,000 viewers.

 

[Live Free or Die]

It looks like they have turned off logging in for the time being. https://account.sonyentertainmentnetwork.com/login.action?request_locale=en_US

 

[Mik317]

so....it's back down?


lame.

 

[Corronchilejano]

My brother bought himself a PS4 and the only game he bought was Destiny because Bloodborne isn't out yet.

You can guess how happy he is about the whole situation.

 

[Live Free or Die]

But I want to have my life back. ;..; While I'm glad I helped a few people, it does feel like I've wasted too much time here.

I understand. lol

 

[| Praxis |]

I just want to download Battlefield, managed to buy it when the store was up for a while last night, but it hasn't been added to my library on the ps4.

 

[kitch9]

That doesn't change the fact that Sony's DDOS mitigation technology is absolutely terrible. They don't seem to have any kind of load balancing or automatic scaling (ie. server spin up or spin down based on traffic levels) as far as I can tell.

You appear to have no idea what you are talking about and regurgitating some marketing bollocks you have been spoon fed instead.

 

[LegendofDragoonLives]

This might make me unpopular but I'd rather PSN stays offline if it means that when it comes back it's in better shape in future to withstand this sort of shit. I don't blame Sony for being cautious, I blame lizardsquad for being a bunch of twats.

Sony has been eating up hundreds of millions of $, and I've yet to see anything that shows they are putting in more work for PSN because of it so I don't have the same optimism that you do.

 

[Meciu]

I'm hearing reports that setting mtu to 1473 in PS settings works every time.

I can't test because I'm away at the moment.

Well, not really. Just tried it...

 

[HawksWinStanley]

Sony has been eating up hundreds of millions of $, and I've yet to see anything that shows they are putting in more work for PSN because of it so I don't have the same optimism that you do.

Somehow PSN has gotten worse this gen so yeah, I'm wondering what our subscription money is going towards too.

 

[Zach]

My brother and I are trying to play Madden on Xbox One and I can't seem to connect to the EA servers. Is this related to the attack? Anyone having a similar issue?

 

[kitch9]

Well, not really. Just tried it...

Ah, that's, that then.

 

[SmokedMeat]

The hackers aren't the only bad guys here.

What about all those computers being part of a botnet?
Seriously, if you are too stupid to run and update an antivirus and scan from time to time, you should get fined.
(edit: and besides that, also have a firewall and for example Malwarebytes Anti Malware.
The thing with a lot of firewalls is that they don't monitor OUTGOING traffic because they take the stances that the user knows that all the programs on his/her PC are safe.
They only monitor INCOMING traffic since that traffic can be malicious.
If for whatever reason you have a botnet component on your PC, and you are part of a botnet, your firewall won't notify you of the OUTGOING traffic that you are generating.)

If botnets didn't exist, DDoS attacks would become a lot more rare.
Since DDoS attacks are hard to mitigate I think we should focus our attention to the scrubs that don't know shit about computer security.

The funny thing is that a lot of console gamers don't really know anything about PCs - it's why they prefer gaming on consoles over on PC - and it's perfectly possible some console gamer's PC right now is actually part of the botnet attacking their precious game providers.

I have thought about this in the past and I'm gonna say it here:
Anyone who wants to get access to a PC, should do a mandatory exam.
Same as when you want to drive a car, you have to study and do an exam.
The same should be done for getting access to a PC. We would remove a lot of annoyances from our current lives.

Because don't think DDoS attacks are a dying breed. These things will happen more and more.
Same for hackings where data gets stolen. All companies should be forced to allow an independent firm to do a security audit on their networks.


By conclusion I want to say that 2014 was again a year filled with reports of company networks getting breached and networks getting attacked by DDoS attacks.
I feel every year you hear more and more about all kinds of cyber security violations.
I can't wait to see what 2015 brings but chances are high I won't be disappointed.

Sounds like PCs are the real problem. There should be a cash for clunkers program where people trade in their old desktops towards new tablets.
Those that need them for work can apply for a license like you said.

 

[DrM]

My brother and I are trying to play Madden on Xbox One and I can't seem to connect to the EA servers. Is this related to the attack? Anyone having a similar issue?

According to forums worldwide, EA servers are in snail mode today.

 

[ThirdMartini]

How would someone go about finding if their router or something else was compromised?

There are several sites on the internet that will run a port scanner/vulnerability scan on your firewall. Take your pick. ( search for "nmap online scan" )

In general:
* Update your virus scanners
* Google your firewall/router/ap model number + vulnerabilities
* Run a remote scan of your internet facing ip.

 

[nubbe]

seems like the Multiplayer part of PSN is working, store is no longer working for me

 

[PodcastFips]

My brother and I are trying to play Madden on Xbox One and I can't seem to connect to the EA servers. Is this related to the attack? Anyone having a similar issue?

Well I've seen a few people complaining about PvZ and FIFA too, so maybe they are using the outages for their own maintenance?

 

[Osaka15]

It looks like they have turned off logging in for the time being. https://account.sonyentertainmentnetwork.com/login.action?request_locale=en_US

i taught this attack was just a minor thing :/. I guess it affected Sony more than I taught. Hopefully, it will be back by next Saturday.

 

[Zach]

According to forums worldwide, EA servers are in snail mode today.

Got ya. Just making sure it's not me. Thanks.

 

[Lakerchick4life]

Just got up..charging my XBOX ONE controller and will be powering it on for the first time, just been waiting for all this craziness to be resolved..is it back, xbox live it shows everything is back online on their web site but wasnt sure if it was accurate

 

[ThirdMartini]

The other issue with DDoS is that the darn things are growing in volume and bandwidth every few months. You never know how much you need to scale your infrastructure until the next big one happens and hope you planned well. If not.. *sigh* ... it's a never ending chicken and egg game at this time.

See:
http://www.stateoftheinternet.com/resources-web-security-2014-q2-global-ddos-attack-report-infographic.pdf

 

[Marvel]

Wow i really thought psn would be up by now. Xbl was back up within 24 hours right?

For me, yes.

But that's just my experience with it, I had XBL back up and running at around 10pm I think on the 25th after around 3 or 4 hours of down time. Been perfect ever since.

 

[Live Free or Die]

i taught this attack was just a minor thing :/. I guess it affected Sony more than I taught. Hopefully, it will be back by next Saturday.

I'm sure it will be back up in the next day or two.

 

[PintSizedSlasher]

I managed to purchase Ground Zeroes last night on the webstore, but can't play it today because it can't connect to a server to verify my license. This is the sort of shit that drives me nuts.

Yes I've tried going offline, yes I have my PS4 set as my primary console.

Same here. Purchased and downloaded three games today, no problem whatsoever. Everything installed, ready to go.: Can't verify license... Bla bla bla..

 

[breakfuss]

So despite PS3 and Vita PSN still to this day being free and more PS4's sold than Xbox Ones you really believe what you're saying? Sony has more platforms and with that more customers to restore service to I think that's just common sense. But despite all that this isn't and shouldn't be a PS vs MS shit throwing contest. Both services went down and for SOME XBL is still down and even when up not fully functional so neither company is infallible as far as services are concerned. I own both consoles but primarily play most games on my PS4 and because of that choice I can't get online and play but hey that's the choice I made so I am stuck with it. My main gripe is since we are now paying for PSN on the PS4 I feel like Sony owes us not only a detailed explanation of what took place but what they are doing to resolve the issue. As paying customers I expect that not only of Sony but MS as well they BOTH need to be held accountable despite the attack not being their fault and I do understand this but again they have our money and we don't have the services we paid for.

Yeah, because I'm sure all those Vita owners are really clogging the network right now. And if you're going to count PS3 throw 360 in there as well. People always making excuses for PSN.

I'm not even so much upset at this incident as I am the amount of time its taken to recover. It just boggles the mind, honestly. How can this shit still be down?! How is that possible?!? lolol, my my my. What if this was Sony's primary source of revenue? They'd be screwed.

 

[kitch9]

i taught this attack was just a minor thing :/. I guess it affected Sony more than I taught. Hopefully, it will be back by next Saturday.

It will have triggered a load of failsafes and shutdowns for various networks, isps and ancillary bodies not just Sony and it will all have to be brought back up again and tested.

 

[Alligatorjandro]

Can't play EA games on the Xbox One. Anyone else having problems?

 

[BronsonLee]

For me, yes.

But that's just my experience with it, I had XBL back up and running at around 10pm I think on the 25th after around 3 or 4 hours of down time. Been perfect ever since.

Don't listen to this roided out freak! His experience is anecdotal!

Spoiler

XBox Live seems to have come up pretty quickly after the attack

 

[DrM]

Can't play EA games on the Xbox One. Anyone else having problems?

Check this and previous page for the answer

 

[LookAtMeGo]

Sony has been eating up hundreds of millions of $, and I've yet to see anything that shows they are putting in more work for PSN because of it so I don't have the same optimism that you do.

I don't know about you but I saw a huge difference in PSN from PS3 to PS4. I have not seen much of any difference in the last year though except for services relating to Gaikai.

 

[AlphaDump]

I cant believe how active ip viking still is.

more interestingly enough, ip viking isn't focused on sony and microsoft servers. there is something else bigger going on, perhaps not related, but it seems to be significant.

 

[lordxar]

Lizards back at it or what?

 

[Demoskinos]

I managed to purchase Ground Zeroes last night on the webstore, but can't play it today because it can't connect to a server to verify my license. This is the sort of shit that drives me nuts.

Yes I've tried going offline, yes I have my PS4 set as my primary console.

In the same boat. Purchased Akiba's Trip on PS4 downloaded it only to find a lock icon on it. Oh well....back to playing FFXIV on the PC I guess.

 

[Tagyhag]

Maybe they should charge $5 extra a month for added security!

 

[DrM]

I cant believe how active ip viking still is.

more interestingly enough, ip viking isn't focused on sony and microsoft servers. there is something else bigger going on, perhaps not related, but it seems to be significant.

Saint Louis / Seattle are getting hammered for several days now

 

[Acorn]

I cant believe how active ip viking still is.

more interestingly enough, ip viking isn't focused on sony and microsoft servers. there is something else bigger going on, perhaps not related, but it seems to be significant.

Someone really hates St Louis