Log in | No account? Register!

FAQ Regarding the DDoS Attacks

Written by CM Tavaren on Wednesday 31 October 2007
A FAQ by CM Tavaren concerning the recent problems with Tibia.

What are DDoS attacks?
The letters DDoS stand for "Distributed Denial of Service". An attacker sends large amounts of data to the target server. The goal is to stop the targeted server from providing the service, thus 'denying the service' to all those who try to connect to it. Most of these attacks simply send such large amounts of data that the internet connection of the targeted server gets jammed. Simply think of it as a traffic jam of sorts. For Tibia this means that usually that the outbound connection at the provider gets jammed, while the game servers are in fact running nicely. This is also the reason why characters die during such kicks. The server keeps on running normally, which means monsters are still attacking and killing.

Since when is Tibia under attack?
Well, a better way of asking would be: When was the last time Tibia was NOT under attack. DDoS attacks occur pretty much every day. However, most of them are not strong enough to even trigger an alarm since our systems are prepared for such attacks, of course. Few ever manage to actually cause any noticeable effect, and only a small fraction of these attacks are strong enough to actually reach a point when Tibia players will notice a difference.

Is Tibia being hacked? Has the attacker access to my account data?
No, Tibia is not being hacked. DDoS attacks have nothing to do with hacking. Do not worry - nobody can get access to your account because of such attacks. Your account will be well protected as long as you follow our security hints.

When will the problem be solved?
We have a pretty clear plan as to what needs to be done to solve the problem. Setting this into a definite timeframe, however, is not possible because the implementation does not only rest in our own hands, but requires the cooperation of several of our providers. Therefore, our timeframe is largely determined by the time that our providers need to finish their share of the work. Rest assured that our technical department is working day and night to solve all issues that rest in our own hands.

Do you know the attacker?
Yes. However, please understand that we cannot give you information of any kind.

Will there be resets due to DDoS attacks?
No. As server resets affect all players on a specific world, they are quite a serious intervention to the world and its players natural development.

Which worlds are affected?
Generally speaking, all servers are under attack, although some of them suffer more than others. Most of the bigger attacks are targeted at the American servers. In addition, the main focus of the attacks is changing over time.

While hunting is too dangerous, what else can we do in the meantime?
We are quite aware that we cannot give you an answer to this question that is truly satisfactory. If a major part of the game turns out to be too dangerous, a major part of the fun in game is reduced as well. We know that and we certainly regret it. Still, we think that Tibia is not only about hunting - it is about community and communication as well.

Why do you open a Tibia Merchandise shop when you should care about kicks and lags?
CipSoft, like most other companies, consists of more than one department. The merchandise shop was mainly developed by the marketing and graphics department. In fact, nobody of the technical department - which is dealing with the current situation - was involved for a single day in the implementation of the Tibia merchandise shop.

What are your counter measures?
We are approaching the problem on 3 different levels. The first and most immediate level is to upgrade and improve our own hard- and software. Our technicians are working almost 24/7 to improve our system. On the second level, we are cooperating closely with our external partners and providers to protect our servers from malicious attacks. We have already made significant progress, but you can imagine that this takes a while, as many different people are involved. The third and final level is to take legal action. We are in close contact with attorneys, lawyers, several ISPs and international law enforcement authorities such as Interpol. At this point of time our first priority, however, is to ensure that the game is running smoothly again.

Why do the attacks have such an impact on Tibia?
You will understand that we cannot give you detailed technical information concerning this issue. However, as we have already stated in our news, we have to admit that our protective measures proved to be insufficient, for which we would like to apologise to our players. Another reason is that an internet game has to cope with completely different challenges than, say, a search engine site. It makes no difference if the website takes 2 seconds to load - you will get your search result just a little bit later. Unfortunately, 'later' is not an option for an internet game. We have to provide data this is exactly synchronised wherever Tibia is played.

Why havent we been informed earlier about the nature of the kicks?
When facing exceptional technical circumstances, the first objective is to analyse and to collect all relevant facts before publishing an official statement. We have to admit that we initially underestimated the seriousness and the extent of the attacks as well as the trouble they were able to cause. As we now have a clear view on the nature, extent and origin of the attacks, we decided to inform you as comprehensively as possible. We hope that this FAQ is an important contribution to this effort.

I get the message "You may only login with one character of your account at the same time." What does that mean?
This is not directly related to the DDoS attacks, although it might happen more often during or shortly after such attacks. You may, of course, log in again with the same character, but it is not possible to log in with another character of the same account. This is generally fixed with the following daily server save.

My character died, but the death is not listed on my account page. Why?
This is not directly related to the DDoS attacks, although it might happen more often during or shortly after such attacks. The information about your character death is simply not inserted in the list on our website.

The Highscores list isn't up to date. Why?
This has nothing to do with the attacks and has already been solved. The high score lists are again up to date.

Cm Tavaren