I WALK AWAY FOR FIVE MINUTES
In all seriousness though, yes, this was a DDoS attack. It was not targeted on TI, but on our host.
Code: Select all
-- 2018/03/19 10:00 PM MST - NetworkOPS team at data center has been notified and is currently investigating the issue. Please use secondary IP address (66.85.147.92) to bypass latency issues at this time.
-- 2018/03/20 5:00 AM MST - NetworkOPS has reported that the IP address was subject to a 12Gbps DDoS and has been routed through a DDoS protection network adding to the additional latency.
-- 2018/03/20 8:30 AM MST - The route on the IP address has been restored and intermittent latency appears to have been resolved at this time.
-- 2018/03/20 10:30 AM MST - With the IP route restored, DDoS attacks have resumed heavily against the server. We're looking at alternative solutions. With the DDoS proteciton route off, the issue fully impacts all connected severs to the hardware.
-- 2018/03/20 11:05 AM MST - We're null routing all IP addresses and ports at this time to regain administrative access over the server. We'll begin opening IPs and ports one at a time to isolate how the DoS is occurring.
-- 2018/03/20 12:10 PM MST - Access to services has been restored and DDoS mitigations are being restored. If further events occur, all ports and IP's will be temporarily firewalled to an exclusive whitelist based upon "game connectivity" for the day. This should maintain transparent access while curbing the attack behavior. However, this also means we may not have your IP address in the whitelist at the time of event if you are just connecting for the evening. Please feel free to send us an email or ticket with your IP to be added to the whitelist if you are experiencing any connectivity issues.
-- 2018/03/20 5:00 PM MST - Server IP's 66.85.147.93 and 66.85.147.85 continue to receive intermittent DDoS traffic. We're currently tuning our firewall and blocking network CIDRs as they occur.
-- 2018/03/20 8:30 PM MST - Our data center provider has placed the 66.85.147.93 IP address on the DDoS scrubbing network again, this results in additional latency being noticable for shell environments and game ports. For swiftblade customers, please feel free to use the IP address 66.85.147.92 to connect to your shell or game ports. This is an alternate IP address assigned to the server system and is routed around the DDoS protection network. At this time, DDoS traffic spikes appear to be mostly mitigated as the protection network and our firewalls work together, but traffic on .93 will appear slow as the network continues to mitigate.
The most recent update from the host:
-- 2018/03/21 2:30 PM MST - At this time, intermittent packet loss is still on going and may be experienced as additional DDoS continues to occur. These events are generally infrequent and services have been restored. As we continue to mitigate the threat, it is believed the source is familiar with our services. Due to these circumstances we will be limiting our communication on mitigation methods. A follow up will be posted when the activity ceases. Until then, we appreciate everyones patience in the matter as we continue to make adjustments.