I am speechless, really. :) I feel much better now! No seriously, sorry for my flaming. This is not my day.
Greetings 2009/5/4 Saul Rennison <[email protected]> > Just for you I've removed the footer. > > On 4 May 2009, at 12:13, TheNob HLDS <[email protected]> wrote: > > > :D ... Thank you! > > I love such humor! > > > > No offence. > > > > Greetings > > TheNob > > > > > > > > 2009/5/4 Saul Rennison <[email protected]> > > > >> Sorry-- fixed. > >> > >> Sent from my iPhone 8Gb, going through a proxy server with specs you > >> can only dream of. > >> > >> On 4 May 2009, at 11:46, TheNob HLDS <[email protected]> wrote: > >> > >>>> > >>>> Sent from my iPhone > >>> > >>> > >>> And you Saul are smart and modern anyway! > >>> Please tell me how much GB your iPhone has. > >>> And the specs of your root server(s). > >>> > >>> Oh please tell me. I don't have an own life. I only want to know > >>> what other > >>> people are and what they have! > >>> > >>> Yours faithfully > >>> Nobody-cares > >>> > >>> > >>> > >>> > >>> 2009/5/4 Saul Rennison <[email protected]> > >>> > >>>> We've already posted the packet format, the beep character and > >>>> how to > >>>> make it untraceable in another topic on here. > >>>> > >>>> You're a bit late-- let's hope Valve fixes it now, eh? :D > >>>> > >>>> Sent from my iPhone > >>>> > >>>> On 4 May 2009, at 10:30, "Unknown | zD." <[email protected]> > >>>> wrote: > >>>> > >>>>> I have exploit of the attack but I will not make it in public as I > >>>>> have told to the valve community / steam support. We have recorded > >>>>> the > >>>>> attack by using this exploit many times ago (that means I am not > >>>>> the > >>>>> only one have the exploit but others also have it and it existed > >>>>> for a > >>>>> long time already), as its not just working in TF2, but in all > >>>>> valve > >>>>> game dedicated server including HL1, CS 1.6, HL2DM, TFC, TF2, ZPS > >>>>> and > >>>>> L4D (actually all the game engines including GoldSource engine, > >>>>> Source > >>>>> engine, Source 2007 engine and Source 2007 U1 engine). Please make > >>>>> sure that you have done any one of the following workaround to > >>>>> prevent > >>>>> the DoS attack. > >>>>> - Patch you engine.dll by replacing the string (A2C_PRINT from > >>>>> %s : > >>>>> %s) and then start the server with -console parameter, make sure > >>>>> that > >>>>> the A2C_PRINT command / string will not be proceeded / printed out > >>>>> - Remove / disable the beep sound driver (beep.sys) via > >>>>> devmgmt.msc / > >>>>> delete the file manually > >>>>> - Start your server in GUI mode only (not start with -console > >>>>> parameter, remove -console parameter from the starting line) > >>>>> > >>>>> In addition, if the guy is just sending some normal string to you > >>>>> without using any special character, then its harmless as that > >>>>> will > >>>>> not use much resources from the machine. All they need to get the > >>>>> exploit / DoS method works is by sending some special character to > >>>>> your server console and let them printing out. So I think the > >>>>> plugin > >>>>> will definitely stop the attack as it can block the non-printable > >>>>> characters, make sure that you don't block the normal string / > >>>>> other > >>>>> normal characters as the master server may try to use it if the > >>>>> normal > >>>>> encrypted protocol / normal command does not work. > >>>>> > >>>>> btw, I still have no idea why valve still doesn't fix the > >>>>> exploit / > >>>>> problem that existed for a long time ago and still not remove that > >>>>> command as its useless. That command was working since HL1 is out. > >>>>> If > >>>>> valve really doesn't want to fix the issue, I will give the > >>>>> exploit > >>>>> out for forcing them to fix their own problem. > >>>>> > >>>>> btw, someone was saying that the beep sound driver (beep.sys) is > >>>>> not > >>>>> related as the beep sound is produced by a client that is the same > >>>>> room as them .... I can tell you that this is not true as the > >>>>> exploit > >>>>> needs to use the beep sound driver (beep.sys) to get works ... a > >>>>> good > >>>>> evidence is the exploit doesn't work on any valve game dedicated > >>>>> server that has built on Windows Vista / Windows Server 2008 as > >>>>> WS2008 > >>>>> has removed that driver already / not enabled by default. btw, the > >>>>> attacker is not required to be in game / in the same room as > >>>>> them as > >>>>> the command is a connectionless packet (not connective and > >>>>> encrypted) > >>>>> so I can tell you that that is not true. The exploit doesn't only > >>>>> work > >>>>> in LAN environment but also in internet / WAN environment so "is > >>>>> the > >>>>> server a backyard dedicated server?" really doesn't matter as it > >>>>> works > >>>>> on the most internet servers. In addition, the guy that has > >>>>> answered > >>>>> me is not a bot lol I have seen his name before on official steam > >>>>> forum and I know that he is an administrator of that forum. I > >>>>> couldn't > >>>>> tell you anymore about that problem as people can even use those > >>>>> information to start the attack ..... so I will not give out any > >>>>> more > >>>>> information until valve have fixed it. > >>>>> > >>>>> _______________________________________________ > >>>>> To unsubscribe, edit your list preferences, or view the list > >>>>> archives, please visit: > >>>>> http://list.valvesoftware.com/mailman/listinfo/hlds > >>>> > >>>> _______________________________________________ > >>>> To unsubscribe, edit your list preferences, or view the list > >>>> archives, > >>>> please visit: > >>>> http://list.valvesoftware.com/mailman/listinfo/hlds > >>>> > >>>> > >>> _______________________________________________ > >>> To unsubscribe, edit your list preferences, or view the list > >>> archives, please visit: > >>> http://list.valvesoftware.com/mailman/listinfo/hlds > >> > >> _______________________________________________ > >> To unsubscribe, edit your list preferences, or view the list > >> archives, > >> please visit: > >> http://list.valvesoftware.com/mailman/listinfo/hlds > >> > >> > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list > > archives, please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
