DDOS stands for Distributed Denial-of-service. The key attribute here is the word distributed. In a denial-of-service attack ('DOS attack') the attacker sends very large numbers of connection requests to the target. The target thinks that these are legitimate attempts to connect and tries to respond. Since the server can handle only a finite number of simultaneous connection requests' date=' the attacker can swamp the target with requests so that legitimate connections rarely get through. To users this looks like very high latency ('lag') or the server being down. In this case, filtering is possible: all the malicious connections come from one or a small number of hosts so those can be filtered out. A distributed attack works slightly differently. The basic premise is the same: the attacker seeks to flood the target so that legitimate users can't connect. But instead of sending all the connection requests himself, the attacker uses a large number of distributed computers to send the requests - a [i']botnet. Botnet users are ordinary computer users whose computers have been compromised by a virus and controlled by the 'bot-herder'. The person attacking dayz won't control the botnet himself; botnets with 100,000 or more hosts are available to rent for a few hundred dollars US per day. Filtering the DDOS is extremely hard because the malicious connections come from a large number of ordinary users with no real link between them. About the best DayZ can do is changing the address of the central server. They have already tried this at least once, but the attacker got the new IP quickly. Short of paying for large amounts of additional bandwidth it may be that the best they can now do is to wait for the irritated user's money to run out so that the botnet stops attacking.