Cookies Disclaimer

I agree Our site saves small pieces of text information (cookies) on your device in order to authenticate logins, deliver better content and provide statistical analysis. You can adjust your browser settings to prevent our site from using cookies, but doing so will prevent some aspects of the site from functioning properly.

Unable to connect to either alpha.goblinworks.com or goblinworks.com - DDoS Attack

NikkiTheChaotic
Howdy, everyone. I'm posting this on the behalf of two of my friends that are unable to either get into the game or even bring up goblinworks.com.

I don't know what the problem is but, I figure if I put all of this out there, someone that's smarter than me ,might be able to figure this out.

Two of my friends (Bitter Thorn and Gwyndar) live about a mile from me and we all use Comcast as our ISP. Granted, their neighborhood is a little older than mine and I have a hunch that might have something to do with it, but I digest….er…digress.

They were able to access both the game and website up until sometime Sunday morning (9/14)…although, as we all know, the website was painfully slow to load.

In the afternoon, when the "patch" was released (ie: I tried to enter the game, was instructed to run the patcher yet again, etc), they became completely unable to access either….to the point that it appears that neither the game (alpha.goblinworks.com) or the website (goblinworks.com) exist as far as their computers are concerned.

I walked them through what I could on the phone, as limited as that may be ( if this were 20 years ago, I'd be on top of it…unfortunately, both technology and teenagers have progressed beyond my ability to comprehend them at this point) and since we had zero result, I finally broke down and asked my wife to drive us down there and see what she can do. She's head and shoulders above our ability to do just about anything with computers.

Both Bitter Thorn and Gwyndar have relatively new computers. Bitter Thorn's is BRAND new (my wife built it for him last week) and Gwyndar's is my old Alienware that I gave her with a fresh copy of windows. The combination of Bitter Thorn's paranoia of anything internet and the newness of their systems pretty much guarantees they're virus free….which was confirmed by my wife. She went over both of them with a fine toothed comb…even to the point of taking down their Norton firewall for a moment just to try to ping both servers with DOS. No joy. It's as if they simply don't exist.

Now, I have a hunch. Keep in mind I'm not a smart man…just old and grumpy. But, there was mention of a DDoS attack on the Paizo boards…and not knowing a thing about DDoS, I looked it up on Google.

Ok..so, here's my hunch. Tell me how far off I might be. PFO was on a "local server" until it was ported over to a regular server this weekend. I'll assume that the regular server is maintained by another company…I have a little experience with that based on other games I play online. Ok, I'm getting off track.

Distributed Denial of Service attacks are directed at server clusters, not individual users. They're designed to overload the server so it simply bogs down and freezes up, at least from what I was reading.

I have a hunch..call it a gut feeling…that PFO wasn't the intended target, just collateral damage. Unless the attacker was grossly incompetent, what would be the point of denying a handful of people here and there access to your target? I'm wondering if it wasn't PFO that received the attack but the Server Company itself. If that's the case, is it possible that those random people that still can't access either the website or the game are simply spillover from the original attack?

Either way, I wanted to let you know about this since both of them are not only Alpha players but Early Enrollment (way beyond my level of investment) and would like to resolve this problem.

Odds are good that customer service has received an email from Gwyndar (I gave her the address this afternoon), but if you come up with some kind of solution, we'd really like to hear it.

So far, besides searching for viruses and such…as well as the whole "shut down and restart both the modem and computers," we've also tried releasing/renewing the IP and several other things. They simply cannot ping either server.

Thanks
Ryan Dancey
I suspect one of two things.

1: They have an incorrectly configured NAT. For some reason both of their computers are sharing an IP address in the router and packets supposed to go to one are going to the other and that is why they can't connect to our systems.

2: They have a polluted routing table. While the systems were suffering outages its possible that routes in between us and them were added to a routing table somewhere between us and them, and those routes have failed or gone stale. This could happen in their local router, or somwhere upstream at Comcast.

The problem is very unlikely to be within our network or it would affect more users. We have lots of people connecting from the same host here at our offices so if there were some problem with multiple people behind the same firewall/NAT we would all be affected.

The next thing to test is a trace route.

Open a command prompt (start menu / run program / cmd.exe).

Type tracert alpha.goblinworks.com

Post the results here. For extra credit, do the same from the computer that is able to connect and lets see the difference in the routes between the two.
SDShannonS
I'm now unable to connect (client hangs at "Connecting to server…" ) after having been on for several hours this morning.

Tracing route to alpha.goblinworks.com [66.113.104.101]
over a maximum of 30 hops:

1 1 ms 1 ms 1 ms 192.168.0.1
2 68 ms 15 ms 8 ms cpe-76-167-80-1.san.res.rr.com [76.167.80.1]
3 9 ms 9 ms 12 ms tge7-5.sndaca7802h.socal.rr.com [76.166.2.133]
4 12 ms 11 ms 11 ms tge0-8-0-11.sndhcaax-ccr02.socal.rr.com [72.129.
2.10]
5 19 ms 15 ms 19 ms tge0-9-0-11.lamrcadq01r.socal.rr.com [72.129.1.2
]
6 15 ms 15 ms 15 ms 107.14.19.30
7 16 ms 15 ms 16 ms ae3.pr1.lax10.tbone.rr.com [107.14.19.56]
8 15 ms 22 ms 18 ms fxp0.a0.mia95.adelphiacom.net [66.109.7.38]
9 16 ms 17 ms 17 ms ae11.cr2.lax112.us.above.net [64.125.21.173]
10 34 ms 25 ms 25 ms ae1.cr2.sjc2.us.above.net [64.125.31.233]
11 40 ms 41 ms 75 ms ae9.mpr2.sea1.us.above.net [64.125.21.129]
12 42 ms 41 ms 41 ms 64.125.186.34
13 43 ms 41 ms 40 ms gi2-3.dr03.sea.opticfusion.net [209.147.112.226]

14 * * * Request timed out.
15 * * * Request timed out.
16 * * * Request timed out.
17 * * * Request timed out.
18 * * * Request timed out.
19 * * * Request timed out.
20 * * * Request timed out.
21 * * * Request timed out.
22 * * * Request timed out.
23 * * * Request timed out.
24 * * * Request timed out.
25 * * * Request timed out.
26 * * * Request timed out.
27 * * * Request timed out.
28 * * * Request timed out.
29 * * * Request timed out.
30 * * * Request timed out.

Trace complete.

EDIT: On the seventh launch of the client, it connected successfully.
Windows 7 Professional 64-bit, SP 1
32 GB RAM
Dual Crossfire'd AMD Radeon R9 200 video cards
NikkiTheChaotic
Ok, here goes.

My computer:

Microsoft Windows [Version 6.1.7601]
Copyright © 2009 Microsoft Corporation. All rights reserved.

C:\Users\Wendigo>tracert alpha.goblinworks.com

Tracing route to alpha.goblinworks.com [66.113.104.101]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms 192.168.1.1
2 9 ms 8 ms 8 ms c-67-176-88-1.hsd1.co.comcast.net [67.176.88.1]

3 11 ms 8 ms 9 ms 68.86.129.237
4 13 ms 14 ms 14 ms ae-23-0-ar01.aurora.co.denver.comcast.net [68.86
.103.54]
5 16 ms 15 ms 15 ms te-0-1-0-4-cr01.chicago.il.ibone.comcast.net [68
.86.95.201]
6 29 ms 31 ms 27 ms he-2-9-0-0-cr01.dallas.tx.ibone.comcast.net [68.
86.88.118]
7 27 ms 31 ms 31 ms pos-0-4-0-0-pe01.1950stemmons.tx.ibone.comcast.n
et [68.86.87.218]
8 29 ms 28 ms 26 ms xe-5-1-0.er1.dfw2.us.above.net [64.125.13.185]
9 27 ms 28 ms 28 ms ae8.er2.dfw2.us.above.net [64.125.29.122]
10 28 ms 28 ms 28 ms ae7.cr2.dfw2.us.above.net [64.125.20.233]
11 36 ms 66 ms 37 ms ae2.cr2.iah1.us.us.above.net [64.125.21.62]
12 62 ms 58 ms 58 ms ae3.cr2.lax112.us.above.net [64.125.21.86]
13 59 ms 60 ms 61 ms ae1.cr2.sjc2.us.above.net [64.125.31.233]
14 69 ms 68 ms 70 ms ae9.mpr2.sea1.us.above.net [64.125.21.129]
15 69 ms 70 ms 74 ms 64.125.186.34
16 68 ms 68 ms 69 ms gi2-3.dr03.sea.opticfusion.net [209.147.112.226]

17 * * * Request timed out.
18 * * * Request timed out.
19 * * * Request timed out.
20 * * * Request timed out.
21 * * * Request timed out.
22 * * * Request timed out.
23 * * * Request timed out.
24 * * * Request timed out.
25 * * * Request timed out.
26 * * * Request timed out.
27 * * * Request timed out.
28 * * * Request timed out.
29 * * * Request timed out.
30 * * * Request timed out.

Trace complete.

His computer (and keep in mind this was HARD to accomplish)

C:\Users\Steve>tracert alpha.goblinworks.com

Tracing route to alpha.goblinworks.com [66.113.104.101]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms 10.0.0.1
2 7 ms 8 ms 8 ms 107.2.228.1
3 8 ms 8 ms 8 ms 162.151.15.153
4 9 ms 9 ms 10 ms ae-23-0-ar01.denver.co.denver.comcast.net [68.86
.128.105]
5 10 ms 10 ms 9 ms he-0-10-0-0-cr01.denverqwest.co.ibone.comcast.ne
t [68.86.95.241]
6 15 ms 15 ms 15 ms he-3-8-0-0-cr01.denver.co.ibone.comcast.net [68.
86.85.185]
7 25 ms 27 ms 27 ms he-2-9-0-0-cr01.dallas.tx.ibone.comcast.net [68.
86.88.118]
8 28 ms 30 ms 27 ms pos-0-1-0-0-pe01.1950stemmons.tx.ibone.comcast.n
et [68.86.86.94]
9 26 ms 26 ms 25 ms xe-5-1-0.er1.dfw2.us.above.net [64.125.13.185]
10 26 ms 27 ms 26 ms ae11.cr1.dfw2.us.above.net [64.125.20.65]
11 34 ms 57 ms 48 ms ae1.cr1.iah1.us.above.net [64.125.20.198]
12 58 ms 59 ms 66 ms ae2.cr1.lax112.us.above.net [64.125.20.210]
13 58 ms 58 ms 59 ms ae8.cr2.lax112.us.above.net [64.125.20.218]
14 84 ms 61 ms 60 ms ae1.cr2.sjc2.us.above.net [64.125.31.233]
15 68 ms 70 ms 68 ms ae9.mpr2.sea1.us.above.net [64.125.21.129]
16 195 ms 199 ms 202 ms te1-1.cr01.sea.opticfusion.net [64.125.186.34]
17 68 ms 69 ms 69 ms gi2-3.dr03.sea.opticfusion.net [209.147.112.226]

18 * * * Request timed out.
19 * * * Request timed out.
20 * * * Request timed out.
21 * * * Request timed out.
22 * * * Request timed out.
23 * * * Request timed out.
24 * * * Request timed out.
25 * * * Request timed out.
26 * * * Request timed out.
27 * * * Request timed out.
28 * * * Request timed out.
29 * * * Request timed out.
30 * * * Request timed out.

Trace complete.

He's got a couple of weird hops in there that I don't.

Oh, and PLEASE post whatever you can think of to the Paizo board as well…They can access Paizo, just nothing that has anything to do with goblinworks.
LoneWolf
I also am having trouble. Did the trace route thing but can't post here as I can only access GW from my cell phone.
waara
For few days I've been able to log in to game but it has disconnected after few secs or few minutes at best. Now I seem to be stuck in "Connecting to Server…"

tracert alpha.goblinworks.com

Tracing route to alpha.goblinworks.com [66.113.104.101]
over a maximum of 30 hops:

1 12 ms 5 ms 5 ms 10.246.0.1
2 8 ms 5 ms 5 ms kuo2-sr2.dnaip.fi [62.78.106.30]
3 12 ms 13 ms 11 ms kuo2-tr2.dnaip.fi [62.78.108.70]
4 12 ms 11 ms 11 ms rma1-tr2.dnaip.fi [62.78.107.34]
5 20 ms 19 ms 17 ms tuk2-sr1.dnaip.fi [62.78.107.172]
6 17 ms 17 ms 27 ms te0-7-0-2.ccr21.sto01.atlas.cogentco.com [149.6.168.129]
7 18 ms 19 ms 18 ms be2397.ccr22.sto03.atlas.cogentco.com [130.117.50.129]
8 39 ms 35 ms 35 ms be2282.ccr42.ham01.atlas.cogentco.com [154.54.72 .105]
9 49 ms 50 ms 48 ms multi-use.cogentco.com [130.117.51.129]
10 48 ms 49 ms 49 ms be2188.agr21.fra03.atlas.cogentco.com [130.117.48.113]
11 48 ms 47 ms 49 ms telia.fra03.atlas.cogentco.com [130.117.14.214]
12 51 ms 49 ms 47 ms ae8.mpr1.fra3.de.above.net [64.125.26.233]
13 53 ms 51 ms 53 ms ae4.cr1.ams5.nl.above.net [64.125.32.106]
14 141 ms 130 ms 122 ms xe-10-1-1.cr2.lga5.us.above.net [64.125.20.169]
15 145 ms 143 ms 161 ms ae6.cr2.ord2.us.above.net [64.125.24.30]
16 191 ms 193 ms 230 ms ae1.mpr2.sea1.us.above.net [64.125.20.62]
17 339 ms 200 ms 202 ms 64.125.186.34
18 198 ms 197 ms 197 ms gi2-3.dr03.sea.opticfusion.net [209.147.112.226]
19 * * * Request timed out.
20 * * * Request timed out.
21 * * * Request timed out.
22 * * * Request timed out.
23 * * * Request timed out.
24 * * * Request timed out.
25 * * * Request timed out.
26 * * * Request timed out.
27 * * * Request timed out.
28 * * * Request timed out.
29 * * * Request timed out.
30 * * * Request timed out.

Trace complete.
Jazzlvraz
Since I can connect to goblinworks.com, if quite slowly, and to the Alpha, if unreliably (takes forever to get past Connecting to server… ), I thought I'd post my traceroute for comparison, in case it'll help.

Tracing route to alpha.goblinworks.com [66.113.104.101]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms 192.168.1.1
2 8 ms 10 ms 8 ms 10.39.0.1
3 10 ms 13 ms 10 ms 70.169.73.90
4 9 ms 7 ms 7 ms chndsysc01-te-8-4.ph.ph.cox.net [70.169.72.201]

5 20 ms 21 ms 21 ms 68.1.5.137
6 29 ms 21 ms 29 ms 68.105.30.150
7 22 ms 21 ms 21 ms ae11.cr2.lax112.us.above.net [64.125.21.173]
8 54 ms 32 ms 31 ms ae1.cr2.sjc2.us.above.net [64.125.31.233]
9 90 ms 46 ms 47 ms ae9.mpr2.sea1.us.above.net [64.125.21.129]
10 86 ms 50 ms 201 ms te1-1.cr01.sea.opticfusion.net [64.125.186.34]
11 48 ms 47 ms 48 ms gi2-3.dr03.sea.opticfusion.net [209.147.112.226]

12 * * * Request timed out.
13 * * * Request timed out.
14 * * * Request timed out.
15 * * * Request timed out.
16 * * * Request timed out.
17 * * * Request timed out.
18 * * * Request timed out.
19 * * * Request timed out.
20 * * * Request timed out.
21 * * * Request timed out.
22 * * * Request timed out.
23 * * * Request timed out.
24 * * * Request timed out.
25 * * * Request timed out.
26 * * * Request timed out.
27 * * * Request timed out.
28 * * * Request timed out.
29 * * * Request timed out.
30 * * * Request timed out.

Trace complete.
Ryan Dancey
The fact that you are getting to the opticfusion routers is a good sign. That's the switching fabric for our ISP. The lack of traceroute data inside that network is not necessarily a problem. Actually I'd have preferred you didn't get that far since it would have indicated a problem more local to you in the routing tables.

Now I'm thinking its a NAT problem not a routing problem. Have to give this some more investigation.
Thod-Theodum
I have at least 3 different Emerald Lodge members who report the same. Add myself and you have 4.

We are all in the UK. This problems seems much more widespread - just that some people ignore it and don't report.

It has taken me close to 10 minutes to get in here, find the post and post here. I don't assume everyone is that dedicated to tell you it doesn't work.

My son played this morning before breakfast. I tried to connect after breakfast. Midnight US, early morning UK - you wouldn't expect much traffic. I could not connect. I didn't joke when I said yesterday the new form of grinding - getting a connection to the server.

I occsionally have a connection. And actually yesterday morning I played without issues for a full hour. No crash. Able to change character. My son logged in via his account - I even had my wife in on her account.

2pm and she went down and after that I didn't manage a connection for more than 10 minutes - often taking 5-15 minutes to establish the connection.

Worse - I keep the status of my WiFi open and noticed that it resets. I browse 1 hour without issue, start up goblinworks and my connection gets reset the same moment I lose goblinworks and the game. I would assume it is my end if it would be only me - but I changed from WiFi to cable - took me 20 minute to boot up, get a connection and was thrown out after 5 sec after opening a door.

I know it must be frustrating on your side as it seems you don't know what is going on either. But it doesn't seem the ISP. Could anti-DDOS measures affect us and mistake us for DDOS attackers and throw us out? That would make sense with what I see as it seems I'm kicked out by the network.
Thod/Theodum are the OOC/IC leaders of the Emerald Lodge - a neutral settlement in the center of the mal that tries to the first to explore the Emerald Spire - should that part of the game ever become available. We have a strong in game and out of game relationship with the Pathfinder Society.
We welcome both hard core players as well as casual players with or without tabletop experience. We have a strong group in Europe and are slowly expanding into the US. We are predominately PvE as our neutral political stance means that we tend to use PvP only in self-defence. We are not anti-PVP - but expect limited PvP opportunity with us.
waara
I also have 2 friends here in finland that have same problems.
 
You must be logged into an enrolled account to post