Register
Events
Popular
More
Post #1
Based on my understanding of the exploit, I bring some coding ideas to temporarily fix the issue. I'm only a 2nd year software engineering student, but it doesn't hurt to give it a shot:
1. Fix server browser lag, make it possible to connect to servers before all servers are loaded in the list.
2. Create fake server instances in the list. Tens of thousands of them. Either by hardcoding them as list elements in the game (if that's the case then discard 1. if these elements will load instantly). or by having the servers broadcast fake instances (something like 0/0 players, ping 999). First option should be possible for you to do with an update, second depends on the server-side possibilities. If you fill the server list with enough fake instances then the pseude-DDoS will be more sparse as the culprit will have much more packet destinations to cover. If his PC will start cluttering up he might even decide to stop attacking or focus only a handful of servers instead of all of them.
ALTERNATIVELY:
Stop the servers from being visible in the browser. At least the official ones. I'm sure people have suggested it before, but I think this is better than not having anyone play the game at all.
-
-
If these are your legitimate suggestions I highly doubt you'll make it to year three.
Another college education fund gone to waste. Shameful. Insert another coin and try again?
-
Can we just make our servers "Private" and share the IP addresses by word of mouth?
If its not listed Publicly will it be target-able? Has anyone tried this? My server has been unplayable the past few days and only works during the night for a few hours.
I have about 20 regulars and 70 casual players on the server currently and none of them can play.
-
Wait... so if I write anything here, it's going to show up under my name?
December 2009
7,890 Posts
Your ideas aren't practical and will destroy the player's user experience with online gameplay. It's going to do a lot more bad to the community than good.
-
Creating instances of servers will cause more problems, regardless of the population of them.. What a shit idea.. However good try, stick to it at college.
-
1. Well, you can do this already if you know how to open the console with F1 and type in 'net.connect <ip address:port>. I think part of the problem with the server browser is that as soon as you hit the 'play' button it automatically starts querying every server in the database and doesn't stop until it is complete. I play on an Official server, so when I click on the 'Official' button and enter my server, the game is really laggy (choppy) for about 20 seconds, because I believe the server browser continues to query every server in the database in the background even after I have entered the game. I now open the console and manually connect to bypass this lag.
2. This won't work. If the DDoSers have any brains, they can easily filter out the servers that return 0-20 players or return 999 pings and focus on the more populated ones with realistic ping times. They can simply focus on the servers with the highest populations to increase the grief.
3. Still won't work. Even if you change all the I.P. addresses and ports, how would you distribute that list to people who want to connect via the console? If you make the list public on a web site or blog, then the DDoSers will still find the servers. You can't win.
Here's what will happen, in my opinion:
1) DDoSers get bored. (not likely).
2) Gary's host fixes their security holes. (quick fix)
3) Gary finds a new host. (best option in the long run)
-
Agreed^ find a new host because clearly as Gary said the host they have right now is unreliable and been putting of updates. They need a solid host with good security!
-
@j0rdan13 and other sensible folk
Note the word 'fake'. These wouldn't be servers that someone can connect to, or actual servers at all. They'd just be fake instances that respond to server browser requests. I dont see how would that cause any problems, the list would be full of servers with 'Null' for name and 0/0 players listed. I don't know if that would HELP, but I don't see how that would destroy player experience or online gameplay. Server list can be sorted so no matter how many ping999 duplicates there are it will be still possible to find normal servers easily :*
@harhar funnyguy.
Hope your epeen hardened up after making fun of someone who is genuinely trying to help. Now back to Facebook trying to get likes from your hugbox and build up that poor ego of yours.
-
For this attack:
Actually only the library needs patching. That it closes the open connection if there is no data or incorrect data is send.
-
He's working on all of that, so let's be positive about this. Of course this isn't going to last forever, and the whole team is working hard to fix it. I'm sure we'll be golden within a week tops (Most likely sooner). It's Alpha boys, give it some time. Mistakes were made, sure, but we'll be alright in the coming days because we have great people working on this :)
Edit: It's also not entirely Garry's fault, so don't blame him; it's the lack of support from Unity.
-
Yeah. Man, I don't know, though. Wouldn't a quality provider already have this type of DDoS protection? Even if they do end up patching the issue, as a developer, I would still run for the hills and find a more trusted company.
Edited:
Yeah. Ultimately all these hacks and DDoSing actually help Gary and his team in the long run and ensure a better final product.
-
That's the part which I wasn't sure about, because apparently it's not a normal DDoS but an empty packet flood to all servers listed in the browser. It just feels like some kid playing with the browser and flooding the servers with ping requests via the browser.
Well whatever, let's hope they fix it soon.
-
Nope because its a exploit in part of the engine there using. Not something that is blocked on network level. Its also not that the line is clogged with data. Its just the server running out of resources because of 2 many open connections that cant close in time. And because the attacker doesn't need to send data he doesn't need many resources to kill a server.
-
DDoS protection for what? This isn't the type of attack/DDoS attack that you seem to think it is.
The problem is with the uLink library. This isn't anything to do with Steam or any server related to Steam / Rust. You could invest in a $100,000 firewall and it would not fix the issue.
I'm a game developer myself - we run an MMORPG - and there must only be 10 people I've seen post on the forum who actually understand what the problem is.
-
No blame was mentioned here, if there was to be blame its the host. Gary is one of the most decent devs around so no one can blame him, his passion for this game to work is as great as ours.
-
Are you the guy running around in rust server and collecting.. Umm, Taxes?
-
I was responding to the poster that said empty packets are not being filtered out by the library... Did you not read that part?
In any case, is it still not an indication that uLink's library is bad and Gary should purchase a new one if he doesn't want to spend the time to write his own? From Gary's own admission about a month ago, he knew about these security holes within the library.
-
yup and he posted the bugs at the developer. who was going to fix it. but still has to do it.
The only thing i can think off, That could help. Is write a proxy program, that filters the connections before forwarding it to the main server port. ( its been done for cube world to add ban lists and such) But you probably lose a lot of slots per server
-
Perhaps I misunderstand what you posted originally:
------
1) DDoSers get bored. (not likely).
2) Gary's host fixes their security holes. (quick fix)
3) Gary finds a new host. (best option in the long run)
------
"Host" to me is someone who hosts a service - a website, a server, so on. I assume what you meant to say is that the uLink developers fix their security holes and/or FP find a new library to work with.
However, my overall point still stands.
-
Yeah, apologies. I see where the confusion is. My brain was thinking about the server list at the time, but, yeah, I know it's the networking library.
-
I have one word I'd like to share with you all on this post.
Floccinaucinihilipilification.
-
you have no idea what ddoss is dude.
-
Im almost certain this DDOSer is the same character who has been plaguing the Counter-strike scene for nearly a year, I doubt he will get bored.
-
The second year SE student doesn't know how easy null checking sub 10000 entities is?
x 15
x 3
x 2
x 1
x 1
Funny x 2
Winner x 1
Friendly x 1
