This "connect flood" in which steamid does not have even time to auth (sticks with Steam_id_pending), has been around atleast over 2 years. The good thing in it is, that usually at some point attackers steamid is revealed in the server log anyway. So once you ban that sucker's id, he can't do the connect flood anymore.
The rcon crash has also been around for a long time. Trick is that it also does not work on every hardware setup and whilst i spoke with some Valve employees with it while back, they could not reproduce it and so there is no fix for it but the exploit remains that can bring down the server. Besides these, there are several exploits available. http://code.devicenull.org/index.php?title=Misc:HL2_Exploits -ics Jeff Sugar kirjoitti: > I originally sent this in the duplicate thread someone else made, thinking > it was the main thread. I'll repost it here for ease: > > "There's a sourcemod plugin that blocks connects from a banned user via IP > for a short while (5min i think?) after their first attempt. After the limit > wears off, they can do so once more. No spam, no worries! :) I'm sure you > could probably modify yit to also work on non-banned people who try > connections to closely together > > One sec, I'll look for it now > > [moments pass aka ninja edit or whatever :v] > > Alright -- the one I'm using is this: > http://forums.alliedmods.net/showthread.php?p=863444 > > There's also this one, which looks like the same thing but with a bit of > unnecessary config options: > http://forums.alliedmods.net/showthread.php?p=923828 > > Hope this helps! > > -Jeff/Atreus" > > On Tue, Dec 29, 2009 at 1:06 AM, Kyle Sanderson <[email protected]> wrote: > > >> I'm completely dumbfounded Attaul, this is exploit exists across platforms >> (Unless if you're on Linux as well). I'm running a CS:S Server, what about >> you? >> >> Kyle. >> >> On Mon, Dec 28, 2009 at 11:59 PM, Attaul N <[email protected]> wrote: >> >> >>> I got a msg earlier today from >>> http://steamcommunity.com/profiles/76561197961100939 who is crashing my >>> servers as well. He asked me whos servers i wanted crashed tonight, when >>> >> i >> >>> told him no ones and that server admins work hard to keep everything >>> working, I somehow offended him. Not sure how hes managing to crash the >>> servers, I have rcon_locker inabled. I know he doesn't have my rcon or >>> >> any >> >>> other info since i don't store the rcon password in server.cfg and I even >>> have the server.cfg renamed. Any ideas? >>> _________________________________________________________________ >>> Windows Live: Friends get your Flickr, Yelp, and Digg updates when they >>> e-mail you. >>> http://go.microsoft.com/?linkid=9691817 >>> _______________________________________________ >>> To unsubscribe, edit your list preferences, or view the list archives, >>> please visit: >>> http://list.valvesoftware.com/mailman/listinfo/hlds >>> >>> >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlds >> >> > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
