All you can do for now is to go thru your logs, looking for ppl who have changed their name to %n and ban their IP address accordingly so they cant come back and do it again. I have noticed some repeat offenders on my servers, just got thru banning several people on my servers.
- K2 "thrillhaus" <[EMAIL PROTECTED]> wrote: > So what can be done?? Nothing? Just happened on my server :( > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Kevin Gerry > Sent: Saturday, October 16, 2004 9:58 AM > To: [EMAIL PROTECTED] > Subject: RE: [hlds] serious cs:s vulnerability > > Peh, I just had this happen to myself. > > What idiots >.< > > Pretty much... > "%n: Don't kill or kick me or you'll all crash -myg0t" > > Then it crashed. > > *sigh* > > ~ > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > [EMAIL PROTECTED] > Sent: Saturday, October 16, 2004 9:27 AM > To: [EMAIL PROTECTED] > Subject: Re: [hlds] serious cs:s vulnerability > > Yup. One of my admins was watching the console on my server and saw exactly > how it's done. Dave, did ya send the particulars to Valve already? Hoping > this > gets resolved soon Valve. > > - K2 > > David Fencik <[EMAIL PROTECTED]> wrote: > > > Here's another ip address of someone who exploited the format string > > vulnerability to disconnect all clients on one of my servers: > > > > 138.88.222.21 > > > > Dave > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of David Fencik > > Sent: Friday, October 15, 2004 8:29 PM > > To: [EMAIL PROTECTED] > > Subject: RE: [hlds] serious cs:s vulnerability > > > > Just for grins....here's the ip address of the offending hacker: > > > > 68.37.174.181 > > > > Dave > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of > > [EMAIL PROTECTED] > > Sent: Friday, October 15, 2004 8:07 PM > > To: [EMAIL PROTECTED] > > Subject: Re: [hlds] serious cs:s vulnerability > > > > Yeah I just had to restart one of my servers as well. It *looks* like > > the last > > exploit (malformed rcon command that would hang the server and peg the > > CPU at > > 100%) however this time cpu usage doesnt skyrocket, and in the console > > you can > > see all of the players drop via timing out, all at the same time almost. > > > > You seeing the same thing Dave? > > > > - K2 > > http://www.hardfought.org > > > > > > David Fencik <[EMAIL PROTECTED]> wrote: > > > > > This is a multi-part message in MIME format. > > > -- > > > [ Picked text/plain from multipart/alternative ] > > > Some script kiddie just crashed one of my source servers. It amazes > > me > > > that there could be such an easily exploitable vulnerability in such > > an > > > obvious place. Here's a hint to you all: format-string > > vulnerability. > > > > > > Feel free to email me off list if you'd like the specifics. > > > > > > Dave > > > -- > > > > > > _______________________________________________ > > > To unsubscribe, edit your list preferences, or view the list archives, > > please > > > visit: > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > > > > > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list archives, > > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list archives, > > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list archives, > please > > visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
