[QUOTE=LuaChobo;43357060]did you even read what i said, the owner generally uses a master server IE the orders come from that, not from him.
you have to be the most retarded fuckin' dude to use your own connection to send the orders.[/QUOTE]
Since you a jerk I'm going to pull you apart. It doesn't matter if you use a server or your own connection. Every IP address is registered (unless falsified temporarily). Yes, if you don't use your own IP it will take longer to track you down. The best thing to do as a DDoS is to console into someone else's server (physically be there) and start the attack. Everything remote can be traced with the right forensics team. If you OWN that server and it is hosted in someones data-center then yes, they can track it to you. Because to own a server in someone else's data-center, that data-center likely has some financial transactions or log of who owns what server.
If the IP is falsified, routers still hold these forwarding database tables (mac/IP listing) generally for 3 days or until their table fills up.
Even VPNs can technically be traced. If you use a VPN you are given an IP address from a DHCP server. That DHCP server creates a log of who has what IP. The thing with VPNs is that most people who host them delete these records frequently. But if they trace it to a server, hack into it and start exporting these entries as soon as it gets in, then they could find out who you are if you disconnect/reconnect.
How about you quit talking.
I should add the reason why it is extremely difficult to trace it back to the user is because there are different administrators across different networks and coordinating a trace within the time that the information is expired/deleted is not possible without some planning.
Here's an idea, why don't Garry change from uLink to some other provider :/
[QUOTE=uperkurk;43359187]Here's an idea, why don't Garry change from uLink to some other provider :/[/QUOTE]
I seriously doubt that it would be as simple as this. You can't just plop in a different piece of software and expect it to magically work.
[QUOTE=Sievers808;43359199]I seriously doubt that it would be as simple as this. You can't just plop in a different piece of software and expect it to magically work.[/QUOTE]
Hi Sievers!
I agree. Much like infrastructure devices. My network was all Cisco at one time. Some idiot in my chain of command decided to "save money" by moving to Nortel Networks (which went under and got bought out by Avaya) when the tech-refresh came up. All of the technicians needed to learn the new command-line/code, not to mention that we had Cisco proprietary protocols running between servers and switches (ether-channel) and the software on the new stuff was extremely buggy and couldn't run LACP-and my leadership said, "Well... make it work..." FML.
[QUOTE=OneBadPanda;43359318]Hi Sievers!
I agree. Much like infrastructure devices. My network was all Cisco at one time. Some idiot in my chain of command decided to "save money" by moving to Nortel Networks (which went under and got bought out by Avaya) when the tech-refresh came up. All of the technicians needed to learn the new command-line/code, not to mention that we had Cisco proprietary protocols running between servers and switches (ether-channel) and the software on the new stuff was extremely buggy and couldn't run LACP-and my leadership said, "Well... make it work..." FML.[/QUOTE]
Hi Panda! :D
Also, this. ^^
Granted, Rust is developed in Unity, which I don't know much about but I understand that a lot of it is rather plug-and-play (for lack of a better term) so changing out the uLink stuff probably wouldn't be as absolutely horrible as it could be but still... That's a lot of work and then bugs and then who knows what other exploits would come of it.
Does this fix actually work?
On that note, I was able to get into my server just fine without any lag.
Maybe things are now fixed? Try it out yourselves.
[QUOTE=Ravin;43359450]On that note, I was able to get into my server just fine without any lag.
Maybe things are now fixed? Try it out yourselves.[/QUOTE]
I ran the update on my server as well, but haven't been able to test yet and haven't received word from anyone whether it's working or not...
But damn I sure hope it works xD
Lol the laypeople just hearing the buzzword DDOS and applying it to everything and arguing on the internet about how to solve it between two interfaces they don't know :|
[QUOTE=vehementix;43359473]Lol the laypeople just hearing the buzzword DDOS and applying it to everything and arguing on the internet about how to solve it between two interfaces they don't know :|[/QUOTE]
This doesn't have anything to do with the OP and doesn't help anyone. Why post this just to bash ppl?
It doesn't effing matter what it's called, DDoS or exploit or "stupid french ppl" (which i disagree with but w/e) everyone knows that they're talking about so it's not a big deal.
[QUOTE=thomasfn;43357454]These actually aren't bad ideas. Are you sure the exploit is zero-length packets?[/QUOTE]
Unless it has changed in the last day then im pretty sure, many people have reported it to being a zero packet
[editline]30th December 2013[/editline]
[QUOTE=Ravin;43359450]On that note, I was able to get into my server just fine without any lag.
Maybe things are now fixed? Try it out yourselves.[/QUOTE]
Not all server seem ok? Maybe some need restarting
[QUOTE=Ussyless;43356677]invade france[/QUOTE]
Come at me.
The guys behind the attacks are preparing something, they will make an announcement in 10 minutes.
Edit: It's gonna take a bit more time, there was an unexpected update to Rust.
Where are you hearing that?
[QUOTE=Packard;43360891]Where are you hearing that?[/QUOTE]
On their TeamSpeak; I can speak French so I understand everything they're saying.
They've apparently tricked Garry into thinking he could fix the exploit, when he actually couldn't; and now they've brought the servers down again. Some servers may not be down, because they weren't updated.
[QUOTE=Loadingue;43361060]On their TeamSpeak; I can speak French so I understand everything they're saying.
They've apparently tricked Garry into thinking he could fix the exploit, when he actually couldn't; and now they've brought the servers down again. Some servers may not be down, because they weren't updated.[/QUOTE]
if u are on their teamspeak why dont u tell us how they do it. maybe that would help fix the exploit....
[QUOTE=vehementix;43359473]Lol the laypeople just hearing the buzzword DDOS and applying it to everything[/QUOTE]
Lol laypeople. DDoS for laypeople - preventing access to something with the attack coming from >= 2 sources. If 500 people turn up at your bank asking for free gold that is - by definition - a DDoS. The thing is it *does* apply to everything.
Source: I build software to manage entire datacenters and deal with this garbage all the time.
Btw filtering out 0-byte UDP packets is a little bit nonsense because they'll just start flinging 1-byte packets at you instead.
Not for nothing but I've been telling game devs for at least a decade to put their UDP down SSL'ed TCP pipes but nobody ever listens.
[QUOTE=Ned;43361190]if u are on their teamspeak why dont u tell us how they do it. maybe that would help fix the exploit....[/QUOTE]
For one, I don't know anything about hacking or coding or whatever. For two, they're not going to tell me how exactly they're doing it, even if I ask nicely.
It's a public TeamSpeak; hundreds of people have gone there to see what's up in the last few days.
[QUOTE=Loadingue;43361060]On their TeamSpeak; I can speak French so I understand everything they're saying.
They've apparently tricked Garry into thinking he could fix the exploit, when he actually couldn't; and now they've brought the servers down again. Some servers may not be down, because they weren't updated.[/QUOTE]
If there's 1 exploit in uLink that brings servers down, there are likely others. They probably have some sort of "bank" of known exploits - when one is fixed, they move on to the next.
[QUOTE=thomasfn;43361529]If there's 1 exploit in uLink that brings servers down, there are likely others. They probably have some sort of "bank" of known exploits - when one is fixed, they move on to the next.[/QUOTE]
Yes, they said something along those lines. There are many exploits to bring servers down, and Garry only fixed one; and they apparently made Garry think it was the only one. But not anymore.
It appears to be back...
If uLink didn't obfuscate their sodding binaries, I could have at least taken a look through it to find some obvious exploits, or learnt how the protocol works and built a proxy that protects from exploits.
[QUOTE=Loadingue;43361583]Yes, they said something along those lines. There are many exploits to bring servers down, and Garry only fixed one; and they apparently made Garry think it was the only one. But not anymore.[/QUOTE]
Garry has previously recognized there are multiple bugs with ulink:
[quote]We use a networking library called uLink. It works well for us. We can get 300 people on a single server. We’re happy. But it is not without its issues. I get the feeling that it’s not that widely used – so there’s a lot of relatively simple exploits that haven’t been found. [/quote]
[QUOTE=csnewman;43357007]DDos is a denial of service. DDos is not just when you spam the server with losts of pings, it is anything that denys the service, like an exploit[/QUOTE]
Actually DoS is denial of service. DDoS is a type of DoS. This is a DoS but not a DDoS.
Sorry, you need to Log In to post a reply to this thread.
