To explain why this is not a DDoS

What is a DDoS.

In computing, a denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a machine or network resource unavailable to its intended users. Although the means to carry out, motives for, and targets of a DoS attack may vary, it generally consists of efforts to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet.

(Souce - )

Why this is like a DDoS, but not a DDoS.

A DDoS is a packet system that slams against the side of a server or connection, causing it to hang, be disrupted, or crash completely. A good example of how to show this is when DayZ had this very same problem. People wanted their own private servers so they would send tons, and tons of Data to the main Hive Server and cause it to crash, interrupting all the servers on its network and bringing everything down.

A very simple way to fix a DDoS attack is normally IP bans or contacting a network provider, local authorities, or giving into the demands of people. As you can tell, everyone has suggested block the IP which we know they can do easily from the Rust service providers.

This is the important part

Why the simple fix of blocking their IP’s hasn’t worked because this attack acts like a DDoS, but isn’t. The individuals in question have said multiple times this isn’t a DDoS, this is an exploit in the Rust server systems. That means they don’t even have to send massive packets of data to slam into the servers. This is a security loophole in the servers themselves being abused, giving them the same DDoS like attack while be much worse and harder to handle.

Why it needs to be labeled as an Exploit in the system and not a DDoS.

If people keep labeling this as a DDoS. Then people are going to assume its an easy fix. The point is, this attack has been happening for four days straight now and continuing. That is a huge, huge problem. If you keep saying its a DDoS, people are looking for solutions in the wrong places, and will take much longer to get fixed, will misinform your users, and cause people to become increasingly frustrated in the inability to get Rust up and going.

I want to thank you for your time in reading this.

** Explaining how fixing the Ulink problem explains its not a DDoS.**

Most DDoS attacks require the server to accept the connection from the packets of data to start the DDoS. Getting the IP here and then blocking it won’t fix the attacks because then they can just get a new IP (which is very easy with proxy, and they are admitting they are using.) to sweep in through the Ulink exploit and just continue to cause the servers to hang. They can get -directly- into the server through the Ulink itself and eject their ‘script’ to cause the server to hang. They are already way past your connection part of DDoS and really right into the heart of the servers you enjoy. Normally, a DDoS is like a hammer slamming into the side of a server hoping it breaks it. Here you have a syringe being directly injected past all the server stuff and just hanging out in your server because Ulink has a gaping hole in their code for this problem.

I believe Garry did already state this was NOT a DDOS attack and rather a uLink exploit. And as far as looking for solutions in the wrong places, well we aren’t facepunch/uLink staff so we shouldn’t be giving “suggestions” anyway, let them deal with the issue.

Pretty interesting…

I am informing average users who keep stating constantly it is a DDoS when it isn’t. I am not suggesting anything to the Rust staff besides telling people on these forums to try their best to stop spreading that word when its a Ulink issue.

You keep telling people they have a knife wound when really its a bullet wound just because they are bleeding the same way doesn’t fix their problem when they go to get it fixed at the hospital. You only put a bandaid on the problem and don’t even educate your Victims.

People use term DDOS becouse more people will understand, you are right its not the same but its easier to say that its DDOS than explain it.

In my limited experience with networking I believe that this could be classed as a denial of service attack. They’re denying a service that the server is trying to provide.
There’s many instances of a DDoS. Not just spamming shit packets at a server, if you read on to the “Methods of attack” on the wiki page that you had kindly linked you will see that giving their networking library empty packets could come under a few of them methods.

I’m sure they’ll have a suitable fix for us all soon anyhow.

I wonder why people get so mad then and keep giving Garry DDoS ways to fix the problem when its not the same kind of problem.

People are just getting more and more upset thinking its an easy solution when it isn’t. I feel bad for them for not knowing.

Yes, if this was a direct attack. However, this falls under a security issue with Ulink because its directly with their service. Its like a DDoS, but isn’t for that reason. Its an exploit in their system. Something Ulink needs to fix or I would highly recommend Garry get a new service provider or write his own code like he suggested himself on his blog.

Ok so it’s a DDOS. Thank you for clarifying.

I wish and hope so as well. But it has been four days.

This tells me personally Ulink either isn’t cooperating as much as Garry is telling us… or Ulink has no idea how to fix the problem.

Or I could eat my own words the moment I decide to question what is going on and he tweets out hes making progress.


The means to the disruption (abusing an exploit or flooding a server with packets) does not change the fact that this is a denial of service attack. They are just two different means to the same end, which is a denial of service.

This is still a DDoS attack, they are just using a different means than usual to perform the attack. By definition this is still a DDoS.

What’s strange to me is that there are quite a few servers actually running with people in them for which I can join. The majority being EU servers. I can’t join our own server in the US so is this attack specifically aimed at US servers? I see a few US servers running but seriously, EU is flourishing.

The FR guys said they were targeting US servers if I am not mistaken.

This prompted a lot of US/Other International users to start DDoSing the EU servers last night. Namely the white listed FR Servers.

It was a mess.

So the first World War of Rust has begun, lol. I know, not funny. Just want to play, back to work Thursday.