Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Ubisoft DDoS

From: Rohit Patnaik <quanticle () gmail com>
Date: Tue, 9 Mar 2010 23:02:24 -0600
Well, we don't know exactly how the servers were configured.  There might
have been some kind of issue with the coding or the configuration of the DRM
servers that wasn't noticed during testing.  After all, these sorts of
big-budget games sell millions of copies in the opening weekend.  Even
simulating that kind of load is an expensive proposition.  There might have
been some issue with the server that only became visible when there were
millions of simultaneous clients all trying to authenticate themselves
simultaneously.  Remember what happened with AT&T's iPhone activation
fiasco?  Who's to say that something similar didn't happen here?

-- Rohit Patnaik

On Tue, Mar 9, 2010 at 3:59 PM, Jan Schejbal <
jan.mailinglisten () googlemail com> wrote:


Am 09.03.2010 21:11, schrieb James Matthews:

I don't see why they didn't just block the attack. It must be more then
this.


If the attack behaved like LOTS of legitimate clients, it might have
been hard to lock out the bots while not locking out players.

The option that the attack is just made up as an excuse for too few
resources to support all the players should also not be forgotten,
although I consider that improbable.

Sincerely,
Jan

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: